-
公开(公告)号:US20190042762A1
公开(公告)日:2019-02-07
申请号:US16158098
申请日:2018-10-11
Applicant: salesforce.com, inc.
Inventor: Sergey GORBATY , Trav is SAFFORD , Xiaoran WANG , Yoel GLUCK
CPC classification number: G06F21/577 , G06F16/22 , G06F2221/033
Abstract: During runtime of the software application, the runtime analysis framework may assign input tags to objects associated with the user requests. The input tags may identify the requests as potentially malicious and carry a security risk. The RTA framework then may assign sanitization tags to the objects identifying security checks performed on the objects during runtime. The RTA framework identifies output responses to the user requests that include the objects and compares the input tags assigned to the objects with any sanitization tags assigned to the objects. The RTA framework may identify the software application as susceptible to a security vulnerability when the input tags for the objects do not include corresponding sanitization tags.
Search Results
1
records
(took 0.009 seconds)
