DE60136616D1 - System zur bestimmung von schwächen von web-anwendungen - Google Patents

System zur bestimmung von schwächen von web-anwendungen

Info

Publication number
DE60136616D1
DE60136616D1 DE60136616T DE60136616T DE60136616D1 DE 60136616 D1 DE60136616 D1 DE 60136616D1 DE 60136616 T DE60136616 T DE 60136616T DE 60136616 T DE60136616 T DE 60136616T DE 60136616 D1 DE60136616 D1 DE 60136616D1
Authority
DE
Germany
Prior art keywords
application
web applications
client requests
elements
exploits
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE60136616T
Other languages
English (en)
Inventor
Eran Reshef
Yuval El-Hanany
Gil Raanan
Tom Tsarfati
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Trend Micro Inc
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=22686713&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=DE60136616(D1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Application granted granted Critical
Publication of DE60136616D1 publication Critical patent/DE60136616D1/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
DE60136616T 2000-03-03 2001-03-04 System zur bestimmung von schwächen von web-anwendungen Expired - Lifetime DE60136616D1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US18689200P 2000-03-03 2000-03-03
PCT/IL2001/000202 WO2001065330A2 (en) 2000-03-03 2001-03-04 System for determining web application vulnerabilities

Publications (1)

Publication Number Publication Date
DE60136616D1 true DE60136616D1 (de) 2009-01-02

Family

ID=22686713

Family Applications (1)

Application Number Title Priority Date Filing Date
DE60136616T Expired - Lifetime DE60136616D1 (de) 2000-03-03 2001-03-04 System zur bestimmung von schwächen von web-anwendungen

Country Status (7)

Country Link
US (2) US6584569B2 (de)
EP (1) EP1269286B1 (de)
AT (1) ATE414943T1 (de)
AU (1) AU2001237696A1 (de)
DE (1) DE60136616D1 (de)
IL (1) IL151455A0 (de)
WO (1) WO2001065330A2 (de)

Families Citing this family (383)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7073198B1 (en) * 1999-08-26 2006-07-04 Ncircle Network Security, Inc. Method and system for detecting a vulnerability in a network
US6957348B1 (en) 2000-01-10 2005-10-18 Ncircle Network Security, Inc. Interoperability of vulnerability and intrusion detection systems
IL151455A0 (en) * 2000-03-03 2003-04-10 Sanctum Ltd System for determining web application vulnerabilities
US7155667B1 (en) * 2000-06-21 2006-12-26 Microsoft Corporation User interface for integrated spreadsheets and word processing tables
US7191394B1 (en) * 2000-06-21 2007-03-13 Microsoft Corporation Authoring arbitrary XML documents using DHTML and XSLT
US6948135B1 (en) * 2000-06-21 2005-09-20 Microsoft Corporation Method and systems of providing information to computer users
US7000230B1 (en) * 2000-06-21 2006-02-14 Microsoft Corporation Network-based software extensions
US7346848B1 (en) * 2000-06-21 2008-03-18 Microsoft Corporation Single window navigation methods and systems
US6883168B1 (en) * 2000-06-21 2005-04-19 Microsoft Corporation Methods, systems, architectures and data structures for delivering software via a network
US7194764B2 (en) * 2000-07-10 2007-03-20 Oracle International Corporation User authentication
US7124203B2 (en) * 2000-07-10 2006-10-17 Oracle International Corporation Selective cache flushing in identity and access management systems
US9038170B2 (en) 2000-07-10 2015-05-19 Oracle International Corporation Logging access system events
US7249369B2 (en) * 2000-07-10 2007-07-24 Oracle International Corporation Post data processing
US8661539B2 (en) * 2000-07-10 2014-02-25 Oracle International Corporation Intrusion threat detection
US9280667B1 (en) 2000-08-25 2016-03-08 Tripwire, Inc. Persistent host determination
US7181769B1 (en) 2000-08-25 2007-02-20 Ncircle Network Security, Inc. Network security system having a device profiler communicatively coupled to a traffic monitor
JP2002093831A (ja) * 2000-09-14 2002-03-29 Shinko Electric Ind Co Ltd 半導体装置およびその製造方法
US8996698B1 (en) * 2000-11-03 2015-03-31 Truphone Limited Cooperative network for mobile internet access
US6996845B1 (en) * 2000-11-28 2006-02-07 S.P.I. Dynamics Incorporated Internet security analysis system and process
US7284274B1 (en) * 2001-01-18 2007-10-16 Cigital, Inc. System and method for identifying and eliminating vulnerabilities in computer software applications
US20020147620A1 (en) * 2001-01-31 2002-10-10 Walsh Thomas J. Software quality assurance management system
US7185364B2 (en) * 2001-03-21 2007-02-27 Oracle International Corporation Access system interface
US7185232B1 (en) 2001-02-28 2007-02-27 Cenzic, Inc. Fault injection methods and apparatus
US7313822B2 (en) * 2001-03-16 2007-12-25 Protegrity Corporation Application-layer security method and system
US7882555B2 (en) * 2001-03-16 2011-02-01 Kavado, Inc. Application layer security method and system
CA2342578A1 (en) * 2001-03-29 2002-09-29 Ibm Canada Limited-Ibm Canada Limitee Method and apparatus for security of a network server
CA2343491A1 (en) * 2001-04-03 2002-10-03 Ibm Canada Limited-Ibm Canada Limitee Method to reduce input parameter interface error and inconsistency for servlets
US20030135749A1 (en) * 2001-10-31 2003-07-17 Gales George S. System and method of defining the security vulnerabilities of a computer system
US7225256B2 (en) 2001-11-30 2007-05-29 Oracle International Corporation Impersonation in an access system
US7257630B2 (en) * 2002-01-15 2007-08-14 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7664845B2 (en) 2002-01-15 2010-02-16 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7243148B2 (en) * 2002-01-15 2007-07-10 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7543056B2 (en) * 2002-01-15 2009-06-02 Mcafee, Inc. System and method for network vulnerability detection and reporting
AU2003210900A1 (en) * 2002-02-07 2003-09-02 Empirix Inc. Automated security threat testing of web pages
US8527495B2 (en) * 2002-02-19 2013-09-03 International Business Machines Corporation Plug-in parsers for configuring search engine crawler
US7841007B2 (en) * 2002-03-29 2010-11-23 Scanalert Method and apparatus for real-time security verification of on-line services
US20030188194A1 (en) * 2002-03-29 2003-10-02 David Currie Method and apparatus for real-time security verification of on-line services
US7299382B2 (en) * 2002-04-29 2007-11-20 Sun Microsystems, Inc. System and method for automatic test case generation
IL149583A0 (en) * 2002-05-09 2003-07-06 Kavado Israel Ltd Method for automatic setting and updating of a security policy
US7509675B2 (en) * 2002-05-29 2009-03-24 At&T Intellectual Property I, L.P. Non-invasive monitoring of the effectiveness of electronic security services
US7263721B2 (en) * 2002-08-09 2007-08-28 International Business Machines Corporation Password protection
US7331062B2 (en) * 2002-08-30 2008-02-12 Symantec Corporation Method, computer software, and system for providing end to end security protection of an online transaction
US20040073811A1 (en) * 2002-10-15 2004-04-15 Aleksey Sanin Web service security filter
US7542471B2 (en) 2002-10-30 2009-06-02 Citrix Systems, Inc. Method of determining path maximum transmission unit
US8270423B2 (en) 2003-07-29 2012-09-18 Citrix Systems, Inc. Systems and methods of using packet boundaries for reduction in timeout prevention
US7616638B2 (en) 2003-07-29 2009-11-10 Orbital Data Corporation Wavefront detection and disambiguation of acknowledgments
US7630305B2 (en) 2003-07-29 2009-12-08 Orbital Data Corporation TCP selective acknowledgements for communicating delivered and missed data packets
US8233392B2 (en) 2003-07-29 2012-07-31 Citrix Systems, Inc. Transaction boundary detection for reduction in timeout penalties
US7343626B1 (en) * 2002-11-12 2008-03-11 Microsoft Corporation Automated detection of cross site scripting vulnerabilities
US8091117B2 (en) * 2003-02-14 2012-01-03 Preventsys, Inc. System and method for interfacing with heterogeneous network data gathering tools
US7370066B1 (en) * 2003-03-24 2008-05-06 Microsoft Corporation System and method for offline editing of data files
US7275216B2 (en) 2003-03-24 2007-09-25 Microsoft Corporation System and method for designing electronic forms and hierarchical schemas
US7415672B1 (en) 2003-03-24 2008-08-19 Microsoft Corporation System and method for designing electronic forms
US6908058B2 (en) * 2003-03-28 2005-06-21 Suncast Corporation Hose reel cart with elevated crank handle
US7296017B2 (en) * 2003-03-28 2007-11-13 Microsoft Corporation Validation of XML data files
US7913159B2 (en) 2003-03-28 2011-03-22 Microsoft Corporation System and method for real-time validation of structured data files
US7516145B2 (en) * 2003-03-31 2009-04-07 Microsoft Corporation System and method for incrementally transforming and rendering hierarchical data files
US20040221176A1 (en) * 2003-04-29 2004-11-04 Cole Eric B. Methodology, system and computer readable medium for rating computer system vulnerabilities
WO2004107132A2 (en) * 2003-05-28 2004-12-09 Caymas Systems, Inc. Method, system and software for state signing of internet resources
WO2004107131A2 (en) 2003-05-28 2004-12-09 Caymas Systems, Inc. Policy based network address translation
US20040268139A1 (en) * 2003-06-25 2004-12-30 Microsoft Corporation Systems and methods for declarative client input security screening
US7406714B1 (en) 2003-07-01 2008-07-29 Symantec Corporation Computer code intrusion detection system based on acceptable retrievals
US7568229B1 (en) 2003-07-01 2009-07-28 Symantec Corporation Real-time training for a computer code intrusion detection system
US7386883B2 (en) * 2003-07-22 2008-06-10 International Business Machines Corporation Systems, methods and computer program products for administration of computer security threat countermeasures to a computer system
US7463590B2 (en) * 2003-07-25 2008-12-09 Reflex Security, Inc. System and method for threat detection and response
US8238241B2 (en) 2003-07-29 2012-08-07 Citrix Systems, Inc. Automatic detection and window virtualization for flow control
US7656799B2 (en) 2003-07-29 2010-02-02 Citrix Systems, Inc. Flow control system architecture
US8432800B2 (en) 2003-07-29 2013-04-30 Citrix Systems, Inc. Systems and methods for stochastic-based quality of service
US8437284B2 (en) 2003-07-29 2013-05-07 Citrix Systems, Inc. Systems and methods for additional retransmissions of dropped packets
US7698453B2 (en) * 2003-07-29 2010-04-13 Oribital Data Corporation Early generation of acknowledgements for flow control
US7406660B1 (en) 2003-08-01 2008-07-29 Microsoft Corporation Mapping between structured data and a visual surface
US7334187B1 (en) 2003-08-06 2008-02-19 Microsoft Corporation Electronic form aggregation
US20050060372A1 (en) * 2003-08-27 2005-03-17 Debettencourt Jason Techniques for filtering data from a data stream of a web services application
US7882132B2 (en) 2003-10-09 2011-02-01 Oracle International Corporation Support for RDBMS in LDAP system
US7904487B2 (en) 2003-10-09 2011-03-08 Oracle International Corporation Translating data access requests
US7594018B2 (en) * 2003-10-10 2009-09-22 Citrix Systems, Inc. Methods and apparatus for providing access to persistent application sessions
US20050138426A1 (en) * 2003-11-07 2005-06-23 Brian Styslinger Method, system, and apparatus for managing, monitoring, auditing, cataloging, scoring, and improving vulnerability assessment tests, as well as automating retesting efforts and elements of tests
US7978716B2 (en) 2003-11-24 2011-07-12 Citrix Systems, Inc. Systems and methods for providing a VPN solution
US20050114658A1 (en) * 2003-11-20 2005-05-26 Dye Matthew J. Remote web site security system
US7743420B2 (en) 2003-12-02 2010-06-22 Imperva, Inc. Dynamic learning method and adaptive normal behavior profile (NBP) architecture for providing fast protection of enterprise applications
US7647631B2 (en) * 2003-12-10 2010-01-12 Hewlett-Packard Development Company Automated user interaction in application assessment
US8819072B1 (en) 2004-02-02 2014-08-26 Microsoft Corporation Promoting data from structured data files
EP1716471B1 (de) * 2004-02-11 2018-11-21 Entit Software LLC System und verfahren zum testen von web-anwendungen mit rekursiver entdeckung und analyse
US20060282494A1 (en) * 2004-02-11 2006-12-14 Caleb Sima Interactive web crawling
US7765597B2 (en) * 2004-02-11 2010-07-27 Hewlett-Packard Development Company, L.P. Integrated crawling and auditing of web applications and web content
US7430711B2 (en) * 2004-02-17 2008-09-30 Microsoft Corporation Systems and methods for editing XML documents
US7617531B1 (en) * 2004-02-18 2009-11-10 Citrix Systems, Inc. Inferencing data types of message components
US7774834B1 (en) 2004-02-18 2010-08-10 Citrix Systems, Inc. Rule generalization for web application entry point modeling
US7890996B1 (en) 2004-02-18 2011-02-15 Teros, Inc. Using statistical analysis to generate exception rules that allow legitimate messages to pass through application proxies and gateways
US7392295B2 (en) 2004-02-19 2008-06-24 Microsoft Corporation Method and system for collecting information from computer systems based on a trusted relationship
US7584382B2 (en) 2004-02-19 2009-09-01 Microsoft Corporation Method and system for troubleshooting a misconfiguration of a computer system based on configurations of other computer systems
US7694022B2 (en) 2004-02-24 2010-04-06 Microsoft Corporation Method and system for filtering communications to prevent exploitation of a software vulnerability
US7603714B2 (en) * 2004-03-08 2009-10-13 International Business Machines Corporation Method, system and computer program product for computer system vulnerability analysis and fortification
US8266177B1 (en) 2004-03-16 2012-09-11 Symantec Corporation Empirical database access adjustment
WO2005091107A1 (en) * 2004-03-16 2005-09-29 Netcraft Limited Security component for use with an internet browser application and method and apparatus associated therewith
US8201257B1 (en) 2004-03-31 2012-06-12 Mcafee, Inc. System and method of managing network security risks
US7519954B1 (en) 2004-04-08 2009-04-14 Mcafee, Inc. System and method of operating system identification
US7827139B2 (en) 2004-04-15 2010-11-02 Citrix Systems, Inc. Methods and apparatus for sharing graphical screen data in a bandwidth-adaptive manner
US7680885B2 (en) 2004-04-15 2010-03-16 Citrix Systems, Inc. Methods and apparatus for synchronization of data set representations in a bandwidth-adaptive manner
US20050262063A1 (en) * 2004-04-26 2005-11-24 Watchfire Corporation Method and system for website analysis
US20070107053A1 (en) * 2004-05-02 2007-05-10 Markmonitor, Inc. Enhanced responses to online fraud
US7665063B1 (en) 2004-05-26 2010-02-16 Pegasystems, Inc. Integration of declarative rule-based processing with procedural programming
US7774620B1 (en) * 2004-05-27 2010-08-10 Microsoft Corporation Executing applications at appropriate trust levels
US8074277B2 (en) * 2004-06-07 2011-12-06 Check Point Software Technologies, Inc. System and methodology for intrusion detection and prevention
US8353028B2 (en) * 2004-06-21 2013-01-08 Ebay Inc. Render engine, and method of using the same, to verify data for access and/or publication via a computer system
US7971245B2 (en) * 2004-06-21 2011-06-28 Ebay Inc. Method and system to detect externally-referenced malicious data for access and/or publication via a computer system
US7526810B2 (en) 2004-06-21 2009-04-28 Ebay Inc. Method and system to verify data received, at a server system, for access and/or publication via the server system
US8739274B2 (en) 2004-06-30 2014-05-27 Citrix Systems, Inc. Method and device for performing integrated caching in a data communication network
US7757074B2 (en) 2004-06-30 2010-07-13 Citrix Application Networking, Llc System and method for establishing a virtual private network
US8495305B2 (en) 2004-06-30 2013-07-23 Citrix Systems, Inc. Method and device for performing caching of dynamically generated objects in a data communication network
EP1771998B1 (de) 2004-07-23 2015-04-15 Citrix Systems, Inc. Systeme und verfahren zur kommunikationsoptimierung zwischen netzwerkknoten
EP1771979B1 (de) * 2004-07-23 2011-11-23 Citrix Systems, Inc. Verfahren und system zur sicherung von zugriff aus der ferne auf private netze
US7715565B2 (en) * 2004-07-29 2010-05-11 Infoassure, Inc. Information-centric security
JP4350001B2 (ja) 2004-08-17 2009-10-21 富士通株式会社 ページ情報収集プログラム、ページ情報収集方法、及びページ情報収集装置
US20060064740A1 (en) * 2004-09-22 2006-03-23 International Business Machines Corporation Network threat risk assessment tool
US20060069671A1 (en) * 2004-09-29 2006-03-30 Conley James W Methodology, system and computer readable medium for analyzing target web-based applications
US8613048B2 (en) 2004-09-30 2013-12-17 Citrix Systems, Inc. Method and apparatus for providing authorized remote access to application sessions
US7711835B2 (en) 2004-09-30 2010-05-04 Citrix Systems, Inc. Method and apparatus for reducing disclosure of proprietary data in a networked environment
US7748032B2 (en) 2004-09-30 2010-06-29 Citrix Systems, Inc. Method and apparatus for associating tickets in a ticket hierarchy
US20060074933A1 (en) * 2004-09-30 2006-04-06 Microsoft Corporation Workflow interaction
US7692636B2 (en) 2004-09-30 2010-04-06 Microsoft Corporation Systems and methods for handwriting to a screen
US7478429B2 (en) * 2004-10-01 2009-01-13 Prolexic Technologies, Inc. Network overload detection and mitigation system and method
US20060085852A1 (en) * 2004-10-20 2006-04-20 Caleb Sima Enterprise assessment management
US8487879B2 (en) * 2004-10-29 2013-07-16 Microsoft Corporation Systems and methods for interacting with a computer through handwriting to a screen
JP4688472B2 (ja) * 2004-11-01 2011-05-25 株式会社エヌ・ティ・ティ・ドコモ 端末制御装置及び端末制御方法
US7712022B2 (en) * 2004-11-15 2010-05-04 Microsoft Corporation Mutually exclusive options in electronic forms
US7584417B2 (en) * 2004-11-15 2009-09-01 Microsoft Corporation Role-dependent action for an electronic form
US20060107224A1 (en) * 2004-11-15 2006-05-18 Microsoft Corporation Building a dynamic action for an electronic form
US8954595B2 (en) 2004-12-30 2015-02-10 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP buffering
US8700695B2 (en) 2004-12-30 2014-04-15 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP pooling
US8549149B2 (en) 2004-12-30 2013-10-01 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP multiplexing
US7810089B2 (en) * 2004-12-30 2010-10-05 Citrix Systems, Inc. Systems and methods for automatic installation and execution of a client-side acceleration program
US8706877B2 (en) 2004-12-30 2014-04-22 Citrix Systems, Inc. Systems and methods for providing client-side dynamic redirection to bypass an intermediary
US7937651B2 (en) * 2005-01-14 2011-05-03 Microsoft Corporation Structural editing operations for network forms
US8145777B2 (en) 2005-01-14 2012-03-27 Citrix Systems, Inc. Method and system for real-time seeking during playback of remote presentation protocols
US8935316B2 (en) * 2005-01-14 2015-01-13 Citrix Systems, Inc. Methods and systems for in-session playback on a local machine of remotely-stored and real time presentation layer protocol data
US8340130B2 (en) 2005-01-14 2012-12-25 Citrix Systems, Inc. Methods and systems for generating playback instructions for rendering of a recorded computer session
US8230096B2 (en) 2005-01-14 2012-07-24 Citrix Systems, Inc. Methods and systems for generating playback instructions for playback of a recorded computer session
US20060159432A1 (en) 2005-01-14 2006-07-20 Citrix Systems, Inc. System and methods for automatic time-warped playback in rendering a recorded computer session
US8200828B2 (en) 2005-01-14 2012-06-12 Citrix Systems, Inc. Systems and methods for single stack shadowing
US7831728B2 (en) 2005-01-14 2010-11-09 Citrix Systems, Inc. Methods and systems for real-time seeking during real-time playback of a presentation layer protocol data stream
US8296441B2 (en) 2005-01-14 2012-10-23 Citrix Systems, Inc. Methods and systems for joining a real-time session of presentation layer protocol data
US8255456B2 (en) 2005-12-30 2012-08-28 Citrix Systems, Inc. System and method for performing flash caching of dynamically generated objects in a data communication network
US8281401B2 (en) 2005-01-25 2012-10-02 Whitehat Security, Inc. System for detecting vulnerabilities in web applications using client-side application interfaces
US8024568B2 (en) 2005-01-28 2011-09-20 Citrix Systems, Inc. Method and system for verification of an endpoint security scan
US8335704B2 (en) 2005-01-28 2012-12-18 Pegasystems Inc. Methods and apparatus for work management and routing
US20060185018A1 (en) * 2005-02-17 2006-08-17 Microsoft Corporation Systems and methods for shielding an identified vulnerability
WO2006092826A1 (ja) * 2005-02-28 2006-09-08 Fujitsu Limited サービス制御システム、サービス制御方法およびサービス制御プログラム
US7444331B1 (en) 2005-03-02 2008-10-28 Symantec Corporation Detecting code injection attacks against databases
US7725834B2 (en) * 2005-03-04 2010-05-25 Microsoft Corporation Designer-created aspect for an electronic form template
WO2006092785A2 (en) * 2005-03-04 2006-09-08 Beefense Ltd Method and apparatus for the dynamic defensive masquerading of computing resources
US7958560B1 (en) 2005-03-15 2011-06-07 Mu Dynamics, Inc. Portable program for generating attacks on communication protocols and channels
US8095983B2 (en) * 2005-03-15 2012-01-10 Mu Dynamics, Inc. Platform for analyzing the security of communication protocols and channels
US7673228B2 (en) * 2005-03-30 2010-03-02 Microsoft Corporation Data-driven actions for network forms
US8010515B2 (en) * 2005-04-15 2011-08-30 Microsoft Corporation Query to an electronic form
GB2425679A (en) * 2005-04-27 2006-11-01 Hewlett Packard Development Co Scanning computing entities for vulnerabilities
US8046374B1 (en) 2005-05-06 2011-10-25 Symantec Corporation Automatic training of a database intrusion detection system
US8266700B2 (en) * 2005-05-16 2012-09-11 Hewlett-Packard Development Company, L. P. Secure web application development environment
US7558796B1 (en) 2005-05-19 2009-07-07 Symantec Corporation Determining origins of queries for a database intrusion detection system
US8443040B2 (en) 2005-05-26 2013-05-14 Citrix Systems Inc. Method and system for synchronizing presentation of a dynamic data set to a plurality of nodes
US9407608B2 (en) 2005-05-26 2016-08-02 Citrix Systems, Inc. Systems and methods for enhanced client side policy
US8943304B2 (en) 2006-08-03 2015-01-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US9692725B2 (en) 2005-05-26 2017-06-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US7756826B2 (en) * 2006-06-30 2010-07-13 Citrix Systems, Inc. Method and systems for efficient delivery of previously stored content
US9621666B2 (en) 2005-05-26 2017-04-11 Citrix Systems, Inc. Systems and methods for enhanced delta compression
US7849448B2 (en) * 2005-06-01 2010-12-07 Crosscheck Networks Technique for determining web services vulnerabilities and compliance
JP4619867B2 (ja) * 2005-06-01 2011-01-26 三菱電機株式会社 サーバ診断装置及びサーバ監視装置及びサーバ診断プログラム
US8078740B2 (en) * 2005-06-03 2011-12-13 Microsoft Corporation Running internet applications with low rights
US8051484B2 (en) 2005-06-14 2011-11-01 Imperva, Inc. Method and security system for indentifying and blocking web attacks by enforcing read-only parameters
US20070011665A1 (en) * 2005-06-21 2007-01-11 Microsoft Corporation Content syndication platform
US7877803B2 (en) * 2005-06-27 2011-01-25 Hewlett-Packard Development Company, L.P. Automated immune response for a computer
US7543228B2 (en) * 2005-06-27 2009-06-02 Microsoft Corporation Template for rendering an electronic form
US8200975B2 (en) * 2005-06-29 2012-06-12 Microsoft Corporation Digital signatures for network forms
US7930740B2 (en) * 2005-07-07 2011-04-19 International Business Machines Corporation System and method for detection and mitigation of distributed denial of service attacks
US7774361B1 (en) * 2005-07-08 2010-08-10 Symantec Corporation Effective aggregation and presentation of database intrusion incidents
US7805419B2 (en) * 2005-07-11 2010-09-28 Application Security, Inc. System for tracking and analyzing the integrity of an application
US7690037B1 (en) 2005-07-13 2010-03-30 Symantec Corporation Filtering training data for machine learning
US8239939B2 (en) * 2005-07-15 2012-08-07 Microsoft Corporation Browser protection module
US8225392B2 (en) * 2005-07-15 2012-07-17 Microsoft Corporation Immunizing HTML browsers and extensions from known vulnerabilities
US20070016960A1 (en) * 2005-07-18 2007-01-18 Nt Objectives, Inc. NTO input validation technique
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US7613996B2 (en) * 2005-08-15 2009-11-03 Microsoft Corporation Enabling selection of an inferred schema part
US20070036433A1 (en) * 2005-08-15 2007-02-15 Microsoft Corporation Recognizing data conforming to a rule
US20070061467A1 (en) * 2005-09-15 2007-03-15 Microsoft Corporation Sessions and session states
US8191008B2 (en) 2005-10-03 2012-05-29 Citrix Systems, Inc. Simulating multi-monitor functionality in a single monitor environment
US20070094735A1 (en) * 2005-10-26 2007-04-26 Cohen Matthew L Method to consolidate and prioritize web application vulnerabilities
US8001459B2 (en) * 2005-12-05 2011-08-16 Microsoft Corporation Enabling electronic documents for limited-capability computing devices
US20070136809A1 (en) * 2005-12-08 2007-06-14 Kim Hwan K Apparatus and method for blocking attack against Web application
US7640235B2 (en) * 2005-12-12 2009-12-29 Imperva, Inc. System and method for correlating between HTTP requests and SQL queries
US7661136B1 (en) 2005-12-13 2010-02-09 At&T Intellectual Property Ii, L.P. Detecting anomalous web proxy activity
US7856100B2 (en) 2005-12-19 2010-12-21 Microsoft Corporation Privacy-preserving data aggregation using homomorphic encryption
US8392999B2 (en) * 2005-12-19 2013-03-05 White Cyber Knight Ltd. Apparatus and methods for assessing and maintaining security of a computerized system under development
US7743123B2 (en) 2005-12-19 2010-06-22 Microsoft Corporation Aggregating information from a cluster of peers
US7584182B2 (en) 2005-12-19 2009-09-01 Microsoft Corporation Determining cardinality of a parameter using hash values
US20070143849A1 (en) * 2005-12-19 2007-06-21 Eyal Adar Method and a software system for end-to-end security assessment for security and CIP professionals
US7890315B2 (en) * 2005-12-29 2011-02-15 Microsoft Corporation Performance engineering and the application life cycle
US20070157311A1 (en) * 2005-12-29 2007-07-05 Microsoft Corporation Security modeling and the application life cycle
WO2007117298A2 (en) * 2005-12-30 2007-10-18 Public Display, Inc. Event data translation system
US7921184B2 (en) 2005-12-30 2011-04-05 Citrix Systems, Inc. System and method for performing flash crowd caching of dynamically generated objects in a data communication network
US8301839B2 (en) 2005-12-30 2012-10-30 Citrix Systems, Inc. System and method for performing granular invalidation of cached dynamically generated objects in a data communication network
US7783985B2 (en) * 2006-01-04 2010-08-24 Citrix Systems, Inc. Systems and methods for transferring data between computing devices
JP2007183838A (ja) * 2006-01-06 2007-07-19 Fujitsu Ltd クエリーパラメーター出力ページ発見プログラム、クエリーパラメーター出力ページ発見方法およびクエリーパラメーター出力ページ発見装置
US8688813B2 (en) 2006-01-11 2014-04-01 Oracle International Corporation Using identity/resource profile and directory enablers to support identity management
US7818788B2 (en) * 2006-02-14 2010-10-19 Microsoft Corporation Web application security frame
US8448241B1 (en) * 2006-02-16 2013-05-21 Oracle America, Inc. Browser extension for checking website susceptibility to cross site scripting
US7712137B2 (en) * 2006-02-27 2010-05-04 Microsoft Corporation Configuring and organizing server security information
US20070203973A1 (en) * 2006-02-28 2007-08-30 Microsoft Corporation Fuzzing Requests And Responses Using A Proxy
US20080208785A1 (en) * 2006-03-30 2008-08-28 Pegasystems, Inc. User interface methods and apparatus for rules processing
US20070233902A1 (en) * 2006-03-30 2007-10-04 Alan Trefler User interface methods and apparatus for rules processing
US8924335B1 (en) 2006-03-30 2014-12-30 Pegasystems Inc. Rule-based user interface conformance methods
US20070240225A1 (en) * 2006-04-10 2007-10-11 Shrader Theodore J L Architecture for automatic HTTPS boundary identification
US8528093B1 (en) * 2006-04-12 2013-09-03 Hewlett-Packard Development Company, L.P. Apparatus and method for performing dynamic security testing using static analysis data
US8140618B2 (en) * 2006-05-04 2012-03-20 Citrix Online Llc Methods and systems for bandwidth adaptive N-to-N communication in a distributed system
US7540766B2 (en) * 2006-06-14 2009-06-02 Itron, Inc. Printed circuit board connector for utility meters
US8185737B2 (en) 2006-06-23 2012-05-22 Microsoft Corporation Communication across domains
US8677007B2 (en) * 2006-08-03 2014-03-18 Citrix Systems, Inc. Systems and methods for bypassing an appliance
US7953889B2 (en) * 2006-08-03 2011-05-31 Citrix Systems, Inc. Systems and methods for routing VPN traffic around network disruption
US8392977B2 (en) * 2006-08-03 2013-03-05 Citrix Systems, Inc. Systems and methods for using a client agent to manage HTTP authentication cookies
US7720954B2 (en) 2006-08-03 2010-05-18 Citrix Systems, Inc. Method and appliance for using a dynamic response time to determine responsiveness of network services
US8561155B2 (en) * 2006-08-03 2013-10-15 Citrix Systems, Inc. Systems and methods for using a client agent to manage HTTP authentication cookies
US8244883B2 (en) 2006-08-03 2012-08-14 Citrix Systems, Inc. Systems and methods of for providing multi-mode transport layer compression
US8141164B2 (en) 2006-08-21 2012-03-20 Citrix Systems, Inc. Systems and methods for dynamic decentralized load balancing across multiple sites
US8316447B2 (en) * 2006-09-01 2012-11-20 Mu Dynamics, Inc. Reconfigurable message-delivery preconditions for delivering attacks to analyze the security of networked systems
US7954161B1 (en) 2007-06-08 2011-05-31 Mu Dynamics, Inc. Mechanism for characterizing soft failures in systems under attack
US9172611B2 (en) 2006-09-01 2015-10-27 Spirent Communications, Inc. System and method for discovering assets and functional relationships in a network
US7958230B2 (en) 2008-09-19 2011-06-07 Mu Dynamics, Inc. Test driven deployment and monitoring of heterogeneous network systems
US7978617B2 (en) * 2006-09-15 2011-07-12 Citrix Systems, Inc. Methods for providing performance improvement recommendations
US8078972B2 (en) * 2006-09-15 2011-12-13 Citrix Systems, Inc. Methods and interfaces for displaying performance data related to a current remote access session
JP4908131B2 (ja) * 2006-09-28 2012-04-04 富士通株式会社 非即時処理存在可能性の表示処理プログラム,装置,および方法
US8370929B1 (en) 2006-09-28 2013-02-05 Whitehat Security, Inc. Automatic response culling for web application security scan spidering process
US8087088B1 (en) 2006-09-28 2011-12-27 Whitehat Security, Inc. Using fuzzy classification models to perform matching operations in a web application security scanner
US8789187B1 (en) * 2006-09-28 2014-07-22 Whitehat Security, Inc. Pattern tracking and capturing human insight in a web application security scanner
US8533846B2 (en) 2006-11-08 2013-09-10 Citrix Systems, Inc. Method and system for dynamically associating access rights with a resource
US8656495B2 (en) * 2006-11-17 2014-02-18 Hewlett-Packard Development Company, L.P. Web application assessment based on intelligent generation of attack strings
US7788198B2 (en) 2006-12-14 2010-08-31 Microsoft Corporation Method for detecting anomalies in server behavior using operational performance and failure mode monitoring counters
US8959647B2 (en) * 2007-02-27 2015-02-17 Microsoft Corporation Runtime security and exception handler protection
US8250525B2 (en) 2007-03-02 2012-08-21 Pegasystems Inc. Proactive performance management for multi-user enterprise software systems
WO2008109770A2 (en) * 2007-03-06 2008-09-12 Core Sdi, Incorporated System and method for providing application penetration testing
US8701010B2 (en) 2007-03-12 2014-04-15 Citrix Systems, Inc. Systems and methods of using the refresh button to determine freshness policy
US8103783B2 (en) * 2007-03-12 2012-01-24 Citrix Systems, Inc. Systems and methods of providing security and reliability to proxy caches
US20080228864A1 (en) * 2007-03-12 2008-09-18 Robert Plamondon Systems and methods for prefetching non-cacheable content for compression history
US7853678B2 (en) * 2007-03-12 2010-12-14 Citrix Systems, Inc. Systems and methods for configuring flow control of policy expressions
US7853679B2 (en) * 2007-03-12 2010-12-14 Citrix Systems, Inc. Systems and methods for configuring handling of undefined policy events
US7532134B2 (en) 2007-03-12 2009-05-12 Citrix Systems, Inc. Systems and methods for sharing compression histories between multiple devices
US8074028B2 (en) * 2007-03-12 2011-12-06 Citrix Systems, Inc. Systems and methods of providing a multi-tier cache
US8631147B2 (en) 2007-03-12 2014-01-14 Citrix Systems, Inc. Systems and methods for configuring policy bank invocations
US7619545B2 (en) * 2007-03-12 2009-11-17 Citrix Systems, Inc. Systems and methods of using application and protocol specific parsing for compression
US8037126B2 (en) 2007-03-12 2011-10-11 Citrix Systems, Inc. Systems and methods of dynamically checking freshness of cached objects based on link status
US8255570B2 (en) 2007-03-12 2012-08-28 Citrix Systems, Inc. Systems and methods of compression history expiration and synchronization
US7809818B2 (en) 2007-03-12 2010-10-05 Citrix Systems, Inc. Systems and method of using HTTP head command for prefetching
US8490148B2 (en) * 2007-03-12 2013-07-16 Citrix Systems, Inc Systems and methods for managing application security profiles
US8504775B2 (en) * 2007-03-12 2013-08-06 Citrix Systems, Inc Systems and methods of prefreshening cached objects based on user's current web page
US7865585B2 (en) * 2007-03-12 2011-01-04 Citrix Systems, Inc. Systems and methods for providing dynamic ad hoc proxy-cache hierarchies
US7783757B2 (en) 2007-03-12 2010-08-24 Citrix Systems, Inc. Systems and methods of revalidating cached objects in parallel with request for object
US7865589B2 (en) 2007-03-12 2011-01-04 Citrix Systems, Inc. Systems and methods for providing structured policy expressions to represent unstructured data in a network appliance
US7827237B2 (en) * 2007-03-12 2010-11-02 Citrix Systems, Inc. Systems and methods for identifying long matches of data in a compression history
US7460038B2 (en) * 2007-03-12 2008-12-02 Citrix Systems, Inc. Systems and methods of clustered sharing of compression histories
US7720936B2 (en) 2007-03-12 2010-05-18 Citrix Systems, Inc. Systems and methods of freshening and prefreshening a DNS cache
US7870277B2 (en) * 2007-03-12 2011-01-11 Citrix Systems, Inc. Systems and methods for using object oriented expressions to configure application security policies
US7584294B2 (en) 2007-03-12 2009-09-01 Citrix Systems, Inc. Systems and methods for prefetching objects for caching using QOS
WO2009038818A2 (en) * 2007-04-12 2009-03-26 Core Sdi, Incorporated System and method for providing network penetration testing
US7743281B2 (en) * 2007-04-13 2010-06-22 Microsoft Corporation Distributed file fuzzing
US8336102B2 (en) * 2007-06-01 2012-12-18 Microsoft Corporation Delivering malformed data for fuzz testing to software applications
US10019570B2 (en) * 2007-06-14 2018-07-10 Microsoft Technology Licensing, Llc Protection and communication abstractions for web browsers
US8775944B2 (en) * 2008-06-26 2014-07-08 Citrix Systems, Inc. Methods and systems for interactive evaluation of policies
US20090006618A1 (en) * 2007-06-28 2009-01-01 Richard Hayton Methods and systems for access routing and resource mapping using filters
US20090007021A1 (en) * 2007-06-28 2009-01-01 Richard Hayton Methods and systems for dynamic generation of filters using a graphical user interface
US8561148B2 (en) 2008-06-26 2013-10-15 Citrix Systems, Inc. Methods and systems for interactive evaluation using dynamically generated, interactive resultant sets of policies
US7774637B1 (en) 2007-09-05 2010-08-10 Mu Dynamics, Inc. Meta-instrumentation for security analysis
US8871096B2 (en) * 2007-09-10 2014-10-28 Res Usa, Llc Magnetic separation combined with dynamic settling for fischer-tropsch processes
US8250658B2 (en) * 2007-09-20 2012-08-21 Mu Dynamics, Inc. Syntax-based security analysis using dynamically generated test cases
US7925694B2 (en) * 2007-10-19 2011-04-12 Citrix Systems, Inc. Systems and methods for managing cookies via HTTP content layer
US8190707B2 (en) 2007-10-20 2012-05-29 Citrix Systems, Inc. System and method for transferring data among computing environments
US8316448B2 (en) 2007-10-26 2012-11-20 Microsoft Corporation Automatic filter generation and generalization
US8122436B2 (en) * 2007-11-16 2012-02-21 Microsoft Corporation Privacy enhanced error reports
US8677141B2 (en) * 2007-11-23 2014-03-18 Microsoft Corporation Enhanced security and performance of web applications
US8613096B2 (en) * 2007-11-30 2013-12-17 Microsoft Corporation Automatic data patch generation for unknown vulnerabilities
US8090877B2 (en) 2008-01-26 2012-01-03 Citrix Systems, Inc. Systems and methods for fine grain policy driven cookie proxying
KR101001132B1 (ko) * 2008-02-22 2010-12-15 엔에이치엔비즈니스플랫폼 주식회사 웹 어플리케이션의 취약성 판단 방법 및 시스템
US8601586B1 (en) * 2008-03-24 2013-12-03 Google Inc. Method and system for detecting web application vulnerabilities
KR20090121579A (ko) * 2008-05-22 2009-11-26 주식회사 이베이지마켓 서버의 취약점을 점검하기 위한 시스템 및 그 방법
US9264443B2 (en) * 2008-08-25 2016-02-16 International Business Machines Corporation Browser based method of assessing web application vulnerability
US9235704B2 (en) * 2008-10-21 2016-01-12 Lookout, Inc. System and method for a scanning API
US9781148B2 (en) 2008-10-21 2017-10-03 Lookout, Inc. Methods and systems for sharing risk responses between collections of mobile communications devices
US8533844B2 (en) * 2008-10-21 2013-09-10 Lookout, Inc. System and method for security data collection and analysis
US8464318B1 (en) * 2008-11-24 2013-06-11 Renen Hallak System and method for protecting web clients and web-based applications
US8843435B1 (en) 2009-03-12 2014-09-23 Pegasystems Inc. Techniques for dynamic data processing
US8468492B1 (en) 2009-03-30 2013-06-18 Pegasystems, Inc. System and method for creation and modification of software applications
US20100293618A1 (en) * 2009-05-12 2010-11-18 Microsoft Corporation Runtime analysis of software privacy issues
US8365290B2 (en) * 2009-05-15 2013-01-29 Frederick Young Web application vulnerability scanner
CN101964025B (zh) * 2009-07-23 2016-02-03 北京神州绿盟信息安全科技股份有限公司 Xss检测方法和设备
US8756684B2 (en) 2010-03-01 2014-06-17 Emc Corporation System and method for network security including detection of attacks through partner websites
AU2011223767B2 (en) * 2010-03-01 2015-11-19 Emc Corporation System and method for network security including detection of attacks through partner websites
US8547974B1 (en) 2010-05-05 2013-10-01 Mu Dynamics Generating communication protocol test cases based on network traffic
US8463860B1 (en) 2010-05-05 2013-06-11 Spirent Communications, Inc. Scenario based scale testing
US9098333B1 (en) 2010-05-07 2015-08-04 Ziften Technologies, Inc. Monitoring computer process resource usage
CN103392320B (zh) 2010-12-29 2016-08-31 思杰系统有限公司 对加密项目进行多层标记以提供额外的安全和有效的加密项目确定的系统和方法
US9106514B1 (en) 2010-12-30 2015-08-11 Spirent Communications, Inc. Hybrid network software provision
US10043011B2 (en) * 2011-01-19 2018-08-07 Rapid7, Llc Methods and systems for providing recommendations to address security vulnerabilities in a network of computing systems
US10048854B2 (en) 2011-01-31 2018-08-14 Oracle International Corporation Drag and drop interaction between components of a web application
US8572505B2 (en) * 2011-01-31 2013-10-29 Oracle International Corporation Automatically testing a web application that has independent display trees
US8880487B1 (en) 2011-02-18 2014-11-04 Pegasystems Inc. Systems and methods for distributed rules processing
US8464219B1 (en) 2011-04-27 2013-06-11 Spirent Communications, Inc. Scalable control system for test execution and monitoring utilizing multiple processors
US9135405B2 (en) * 2011-05-26 2015-09-15 Carnegie Mellon University Automated exploit generation
US9501650B2 (en) 2011-05-31 2016-11-22 Hewlett Packard Enterprise Development Lp Application security testing
JP5801953B2 (ja) * 2011-05-31 2015-10-28 ヒューレット−パッカード デベロップメント カンパニー エル.ピー.Hewlett‐Packard Development Company, L.P. アプリケーションのセキュリティ検査
US8615159B2 (en) 2011-09-20 2013-12-24 Citrix Systems, Inc. Methods and systems for cataloging text in a recorded session
US8572750B2 (en) 2011-09-30 2013-10-29 International Business Machines Corporation Web application exploit mitigation in an information technology environment
US10586049B2 (en) * 2011-12-22 2020-03-10 International Business Machines Corporation Detection of second order vulnerabilities in web services
CN104077353B (zh) * 2011-12-30 2017-08-25 北京奇虎科技有限公司 一种黑链检测的方法及装置
US9195936B1 (en) 2011-12-30 2015-11-24 Pegasystems Inc. System and method for updating or modifying an application without manual coding
US20130185623A1 (en) * 2012-01-12 2013-07-18 International Business Machines Corporation Instructing web clients to ignore scripts in specified portions of web pages
US9753704B2 (en) 2012-01-18 2017-09-05 Metrologic Instruments, Inc. Web-based scan-task enabled system and method of and apparatus for developing and deploying the same on a client-server network
US9213832B2 (en) * 2012-01-24 2015-12-15 International Business Machines Corporation Dynamically scanning a web application through use of web traffic information
US8997235B2 (en) * 2012-02-07 2015-03-31 Microsoft Technology Licensing, Llc Adaptive fuzzing system for web services
WO2013130069A1 (en) * 2012-02-29 2013-09-06 Hewlett-Packard Development Company, L.P. Network service interface analysis
US9223961B1 (en) * 2012-04-04 2015-12-29 Symantec Corporation Systems and methods for performing security analyses of applications configured for cloud-based platforms
US9275227B2 (en) 2012-04-05 2016-03-01 International Business Machines Corporation Policy driven administration of mobile applications
US8972543B1 (en) 2012-04-11 2015-03-03 Spirent Communications, Inc. Managing clients utilizing reverse transactions
CN103425929B (zh) * 2012-05-22 2016-05-25 百度在线网络技术(北京)有限公司 web白盒扫描方法及装置
CN102801740A (zh) * 2012-08-30 2012-11-28 苏州山石网络有限公司 木马病毒的阻止方法及装置
CA2789909C (en) * 2012-09-14 2019-09-10 Ibm Canada Limited - Ibm Canada Limitee Synchronizing http requests with respective html context
US8949995B2 (en) 2012-09-18 2015-02-03 International Business Machines Corporation Certifying server side web applications against security vulnerabilities
US9032530B2 (en) * 2012-09-28 2015-05-12 International Business Machines Corporation Correcting workflow security vulnerabilities via static analysis and virtual patching
KR20150063439A (ko) * 2012-09-28 2015-06-09 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. 어플리케이션 보안 시험
US9317693B2 (en) 2012-10-22 2016-04-19 Rapid7, Llc Systems and methods for advanced dynamic analysis scanning
CN103810181A (zh) * 2012-11-07 2014-05-21 江苏仕德伟网络科技股份有限公司 判断网页是否包含黑链的方法
US10108801B2 (en) * 2012-11-15 2018-10-23 Qualys, Inc. Web application vulnerability scanning
CN103839002A (zh) * 2012-11-21 2014-06-04 腾讯科技(深圳)有限公司 网站源代码恶意链接注入监控方法及装置
US20140157419A1 (en) 2012-12-05 2014-06-05 International Business Machines Corporation Discovery of application vulnerabilities involving multiple execution flows
US20140201843A1 (en) * 2013-01-15 2014-07-17 Beyondtrust Software, Inc. Systems and methods for identifying and reporting application and file vulnerabilities
EP2951718A4 (de) * 2013-01-29 2016-08-31 Hewlett Packard Entpr Dev Lp Analysestruktur für webanwendung
WO2014130048A1 (en) * 2013-02-25 2014-08-28 Hewlett-Packard Development Company, L.P. Presentation of user interface elements based on rules
US9467465B2 (en) 2013-02-25 2016-10-11 Beyondtrust Software, Inc. Systems and methods of risk based rules for application control
US9953169B2 (en) 2013-02-28 2018-04-24 Entit Software Llc Modify execution of application under test so user is power user
US9292694B1 (en) 2013-03-15 2016-03-22 Bitdefender IPR Management Ltd. Privacy protection for mobile devices
CN105210075A (zh) * 2013-04-19 2015-12-30 惠普发展公司,有限责任合伙企业 被测应用程序的未使用参数
GB2515778A (en) 2013-07-03 2015-01-07 Ibm Measuring robustness of web services to denial of service attacks
GB2516050A (en) 2013-07-09 2015-01-14 Ibm A Network Security System
CN103942497B (zh) * 2013-09-11 2017-05-03 杭州安恒信息技术有限公司 一种取证式网站漏洞扫描方法和系统
WO2015116138A1 (en) * 2014-01-31 2015-08-06 Hewlett-Packard Development Company Application test using attack suggestions
US10650148B2 (en) * 2014-09-04 2020-05-12 Micro Focus Llc Determine protective measure for data that meets criteria
WO2016048322A1 (en) 2014-09-25 2016-03-31 Hewlett Packard Enterprise Development Lp Determine secure activity of application under test
US10469396B2 (en) 2014-10-10 2019-11-05 Pegasystems, Inc. Event processing with enhanced throughput
US9479525B2 (en) 2014-10-23 2016-10-25 International Business Machines Corporation Interacting with a remote server over a network to determine whether to allow data exchange with a resource at the remote server
US10182068B2 (en) * 2014-11-26 2019-01-15 Entit Software Llc Determine vulnerability using runtime agent and network sniffer
EP3241135A4 (de) 2015-01-01 2018-05-02 Checkmarx Ltd. Code-instrumentierung zum selbstschutz einer laufzeitanwendung
US10834065B1 (en) 2015-03-31 2020-11-10 F5 Networks, Inc. Methods for SSL protected NTLM re-authentication and devices thereof
US10826928B2 (en) 2015-07-10 2020-11-03 Reliaquest Holdings, Llc System and method for simulating network security threats and assessing network security
US9781158B1 (en) 2015-09-30 2017-10-03 EMC IP Holding Company LLC Integrated paronymous network address detection
US10264008B2 (en) 2015-10-08 2019-04-16 Bank Of America Corporation Vulnerability exposing application characteristic variation identification engine
US11100231B2 (en) * 2015-10-08 2021-08-24 Errin Wesley Fulp Methods, systems and computer readable media for providing resilient computing services using systems diversity
US10878104B2 (en) * 2015-11-13 2020-12-29 Micro Focus Llc Automated multi-credential assessment
US9860250B2 (en) * 2015-12-14 2018-01-02 Mastercard International Incorporated Systems and methods for use in indexing applications based on security standards
US10404698B1 (en) 2016-01-15 2019-09-03 F5 Networks, Inc. Methods for adaptive organization of web application access points in webtops and devices thereof
US10387656B2 (en) * 2016-03-21 2019-08-20 Checkmarx Ltd. Integrated interactive application security testing
EP3433782B1 (de) * 2016-03-21 2020-09-30 Checkmarx Ltd. Integrierte interaktive anwendungssicherheitsprüfung
US10698599B2 (en) 2016-06-03 2020-06-30 Pegasystems, Inc. Connecting graphical shapes using gestures
US10698647B2 (en) 2016-07-11 2020-06-30 Pegasystems Inc. Selective sharing for collaborative application usage
US10395040B2 (en) 2016-07-18 2019-08-27 vThreat, Inc. System and method for identifying network security threats and assessing network security
US10769267B1 (en) * 2016-09-14 2020-09-08 Ca, Inc. Systems and methods for controlling access to credentials
US10333994B2 (en) * 2016-11-09 2019-06-25 Cisco Technology, Inc. Method and device for improved multi-homed media transport
US11550920B2 (en) * 2017-01-31 2023-01-10 Nippon Telegraph And Telephone Corporation Determination apparatus, determination method, and determination program
CN108696490A (zh) * 2017-04-11 2018-10-23 腾讯科技(深圳)有限公司 账号权限的识别方法及装置
US11087002B2 (en) 2017-05-10 2021-08-10 Checkmarx Ltd. Using the same query language for static and dynamic application security testing tools
US10977361B2 (en) 2017-05-16 2021-04-13 Beyondtrust Software, Inc. Systems and methods for controlling privileged operations
US10831892B2 (en) * 2018-06-07 2020-11-10 Sap Se Web browser script monitoring
US11048488B2 (en) 2018-08-14 2021-06-29 Pegasystems, Inc. Software code optimizer and method
GB2584018B (en) 2019-04-26 2022-04-13 Beyondtrust Software Inc Root-level application selective configuration
US11368470B2 (en) * 2019-06-13 2022-06-21 International Business Machines Corporation Real-time alert reasoning and priority-based campaign discovery
US11663339B2 (en) * 2019-07-31 2023-05-30 International Business Machines Corporation Security testing based on user request
US11228611B1 (en) * 2019-08-20 2022-01-18 Rapid7, Inc. Scanning unexposed web applications for vulnerabilities
US11297091B2 (en) 2019-09-24 2022-04-05 Bank Of America Corporation HTTP log integration to web application testing
CN110855612B (zh) * 2019-10-12 2022-03-18 杭州安恒信息技术股份有限公司 web后门路径探测方法
US11568130B1 (en) * 2019-12-09 2023-01-31 Synopsys, Inc. Discovering contextualized placeholder variables in template code
US10977168B1 (en) * 2019-12-26 2021-04-13 Anthem, Inc. Automation testing tool framework
US11411918B2 (en) 2020-05-26 2022-08-09 Microsoft Technology Licensing, Llc User interface for web server risk awareness
US11290480B2 (en) 2020-05-26 2022-03-29 Bank Of America Corporation Network vulnerability assessment tool
IL285079B1 (en) 2020-07-28 2024-03-01 Checkmarx Ltd Discovery of exploitable paths in application software that uses third-party libraries
US11567945B1 (en) 2020-08-27 2023-01-31 Pegasystems Inc. Customized digital content generation systems and methods
CN112906010B (zh) * 2021-05-07 2021-07-20 北京安普诺信息技术有限公司 一种自动化攻击测试方法及基于此的自动化安全测试方法

Family Cites Families (65)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS61133454A (ja) 1984-12-03 1986-06-20 Hitachi Ltd 端末制御方式
US4734583A (en) * 1986-10-16 1988-03-29 General Electric Company Readout circuit for dual-gate CID imagers with charge sharing corrected for subtractive error
CA1314101C (en) 1988-02-17 1993-03-02 Henry Shao-Lin Teng Expert system for security inspection of a digital computer system in a network environment
US5191611A (en) 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5557798A (en) 1989-07-27 1996-09-17 Tibco, Inc. Apparatus and method for providing decoupling of data exchange details for providing high performance communication between software processes
US5257369A (en) 1990-10-22 1993-10-26 Skeen Marion D Apparatus and method for providing decoupling of data exchange details for providing high performance communication between software processes
US5073933A (en) 1989-12-01 1991-12-17 Sun Microsystems, Inc. X window security system
US5237693A (en) 1990-04-04 1993-08-17 Sharp Kabushiki Kaisha System for accessing peripheral devices connected in network
US5224163A (en) 1990-09-28 1993-06-29 Digital Equipment Corporation Method for delegating authorization from one entity to another through the use of session encryption keys
US5220604A (en) 1990-09-28 1993-06-15 Digital Equipment Corporation Method for performing group exclusion in hierarchical group structures
US5315657A (en) 1990-09-28 1994-05-24 Digital Equipment Corporation Compound principals in access control lists
US5166977A (en) 1991-05-31 1992-11-24 Encrypto, Inc. Protocol converter for a secure fax transmission system
GB9205774D0 (en) 1992-03-17 1992-04-29 Int Computers Ltd Computer security system
US5392390A (en) 1992-04-10 1995-02-21 Intellilink Corp. Method for mapping, translating, and dynamically reconciling data between disparate computer platforms
US5485409A (en) 1992-04-30 1996-01-16 International Business Machines Corporation Automated penetration analysis system and method
AU5087893A (en) 1992-08-31 1994-03-29 Dow Chemical Company, The Script-based system for testing a multi-user computer system
US5611048A (en) 1992-10-30 1997-03-11 International Business Machines Corporation Remote password administration for a computer network among a plurality of nodes sending a password update message to all nodes and updating on authorized nodes
US5828893A (en) 1992-12-24 1998-10-27 Motorola, Inc. System and method of communicating between trusted and untrusted computer systems
US5566326A (en) 1993-09-28 1996-10-15 Bull Hn Information Systems Inc. Copy file mechanism for transferring files between a host system and an emulated file system
US5699518A (en) 1993-11-29 1997-12-16 Microsoft Corporation System for selectively setting a server node, evaluating to determine server node for executing server code, and downloading server code prior to executing if necessary
US5559800A (en) 1994-01-19 1996-09-24 Research In Motion Limited Remote control of gateway functions in a wireless data communication network
US5862208A (en) 1994-02-16 1999-01-19 Priority Call Management, Inc. Method and system for enabling a party to change terminals during a call
US5629981A (en) 1994-07-29 1997-05-13 Texas Instruments Incorporated Information management and security system
US5944794A (en) 1994-09-30 1999-08-31 Kabushiki Kaisha Toshiba User identification data management scheme for networking computer systems using wide area network
US5623601A (en) 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
CA2683230C (en) 1995-02-13 2013-08-27 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5793966A (en) 1995-12-01 1998-08-11 Vermeer Technologies, Inc. Computer system and computer-implemented process for creation and maintenance of online services
US5701451A (en) 1995-06-07 1997-12-23 International Business Machines Corporation Method for fulfilling requests of a web browser
US5941947A (en) 1995-08-18 1999-08-24 Microsoft Corporation System and method for controlling access to data entities in a computer network
US5657390A (en) 1995-08-25 1997-08-12 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5724355A (en) 1995-10-24 1998-03-03 At&T Corp Network access to internet and stored multimedia services from a terminal supporting the H.320 protocol
WO1997025798A1 (en) 1996-01-11 1997-07-17 Mrj, Inc. System for controlling access and distribution of digital property
US5805823A (en) 1996-01-30 1998-09-08 Wayfarer Communications, Inc. System and method for optimal multiplexed message aggregation between client applications in client-server networks
US5774695A (en) 1996-03-22 1998-06-30 Ericsson Inc. Protocol interface gateway and method of connecting an emulator to a network
US5673322A (en) 1996-03-22 1997-09-30 Bell Communications Research, Inc. System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks
JP3636399B2 (ja) 1996-05-29 2005-04-06 富士通株式会社 プロトコル変換システム及びプロトコル変換方法
US5715453A (en) 1996-05-31 1998-02-03 International Business Machines Corporation Web server mechanism for processing function calls for dynamic data queries in a web page
US5881232A (en) 1996-07-23 1999-03-09 International Business Machines Corporation Generic SQL query agent
US5850388A (en) 1996-08-02 1998-12-15 Wandel & Goltermann Technologies, Inc. Protocol analyzer for monitoring digital transmission networks
US5892903A (en) * 1996-09-12 1999-04-06 Internet Security Systems, Inc. Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
US5870559A (en) 1996-10-15 1999-02-09 Mercury Interactive Software system and associated methods for facilitating the analysis and management of web sites
US5908469A (en) 1997-02-14 1999-06-01 International Business Machines Corporation Generic user authentication for network computers
US5983270A (en) 1997-03-11 1999-11-09 Sequel Technology Corporation Method and apparatus for managing internetwork and intranetwork activity
JP2000501542A (ja) * 1997-07-01 2000-02-08 プログレス ソフトウェア コーポレイション ネットワーク・アプリケーション用のテスト及びデバッグツール
US6249886B1 (en) * 1997-10-17 2001-06-19 Ramsesh S. Kalkunte Computer system and computer implemented process for performing user-defined tests of a client-server system with run time compilation of test results
US5870544A (en) 1997-10-20 1999-02-09 International Business Machines Corporation Method and apparatus for creating a secure connection between a java applet and a web server
US6088804A (en) * 1998-01-12 2000-07-11 Motorola, Inc. Adaptive system and method for responding to computer network security attacks
EP1062779B1 (de) 1998-03-12 2012-02-08 Whale Communications Ltd. Verfahren zur Absicherung von Datenvermittlungsnetzwerken
US6298445B1 (en) * 1998-04-30 2001-10-02 Netect, Ltd. Computer security
US6408391B1 (en) * 1998-05-06 2002-06-18 Prc Inc. Dynamic system defense for information warfare
US6865672B1 (en) 1998-05-18 2005-03-08 Spearhead Technologies, Ltd. System and method for securing a computer communication network
WO1999066383A2 (en) * 1998-06-15 1999-12-23 Dmw Worldwide, Inc. Method and apparatus for assessing the security of a computer system
US6006225A (en) 1998-06-15 1999-12-21 Amazon.Com Refining search queries by the suggestion of correlated terms from prior searches
US6185689B1 (en) * 1998-06-24 2001-02-06 Richard S. Carson & Assoc., Inc. Method for network self security assessment
US6311278B1 (en) 1998-09-09 2001-10-30 Sanctum Ltd. Method and system for extracting application protocol characteristics
AU9093798A (en) 1998-09-10 2000-04-03 Sanctum, Inc. Method and system for protecting operations of trusted internal networks
US6301668B1 (en) * 1998-12-29 2001-10-09 Cisco Technology, Inc. Method and system for adaptive network security using network vulnerability assessment
US6415321B1 (en) * 1998-12-29 2002-07-02 Cisco Technology, Inc. Domain mapping method and system
US6205552B1 (en) * 1998-12-31 2001-03-20 Mci Worldcom, Inc. Method and apparatus for checking security vulnerability of networked devices
ATE398798T1 (de) 1999-10-25 2008-07-15 Ibm Verfahren und system zur prüfung der anforderung eines klienten
US6871284B2 (en) 2000-01-07 2005-03-22 Securify, Inc. Credential/condition assertion verification optimization
US6957348B1 (en) 2000-01-10 2005-10-18 Ncircle Network Security, Inc. Interoperability of vulnerability and intrusion detection systems
IL151455A0 (en) * 2000-03-03 2003-04-10 Sanctum Ltd System for determining web application vulnerabilities
US6996845B1 (en) 2000-11-28 2006-02-07 S.P.I. Dynamics Incorporated Internet security analysis system and process

Also Published As

Publication number Publication date
US7237265B2 (en) 2007-06-26
WO2001065330A3 (en) 2002-04-11
EP1269286A2 (de) 2003-01-02
US20030233581A1 (en) 2003-12-18
ATE414943T1 (de) 2008-12-15
US6584569B2 (en) 2003-06-24
WO2001065330A2 (en) 2001-09-07
IL151455A0 (en) 2003-04-10
US20020010855A1 (en) 2002-01-24
EP1269286A4 (de) 2005-01-19
AU2001237696A1 (en) 2001-09-12
EP1269286B1 (de) 2008-11-19

Similar Documents

Publication Publication Date Title
DE60136616D1 (de) System zur bestimmung von schwächen von web-anwendungen
CA2531410A1 (en) Behavioural-based network anomaly detection based on user and group profiling
ATE461566T1 (de) System und verfahren zur analysierung von netzprotokollen
EP1280040A3 (de) System zur zentralen Virenüberprüfung
SE0003464L (sv) Metod och system för att förbättra inloggningssäkerheten i nätverkstillämpningar
AU2006239379A1 (en) Method, system, and program product for connecting a client to a network
JP2018060288A (ja) ネットワーク監視装置、ネットワーク監視プログラム及びネットワーク監視方法
Kibat Community information and referral services for rural areas of Southeast Asia: A conceptual framework
Lednev Bioeffects of weak combined, constant and variable magnetic fields
Luo et al. Rumor spreading maximization and source identification in a social network
Rui et al. Excuse me, but are you human?
Zembaty et al. Dynamic identification of a model of brick masonry building
Wang et al. Using genetic algorithms for/spl lambda/-fuzzy measure fitting and extension
Thigale et al. Survey Paper on Spam Detection Using Support Machine Vector (SVM)
Zhang The Prospective of Zoogeographical Study in China A Discussion on Methodology.
Rameshkumar et al. A Framework for Optimal Policy Test Cases in Cyber-Safe System
Islam et al. Research Article A Hidden Chaotic Attractor with an Independent Amplitude-Frequency Controller
Polemi et al. Secure telemedicine applications
Vigouroux Une tentative d'estimation commode de l'oxygenation des sols a l'aide du tensiometre a bougie poreuse Tensionic
Luo Ultrasonic pulse method for detecting internal defects and cracks in concrete structures
Azimi Acoustic emission detection and monitoring of highway bridge components
Yan Some Chaotic Features of the Wet/Dry Fluctuations in North China.
Telega Distributed algorithms and hierarchic optimization for solving a parameter inverse problem
RUGAYAH VALIDATION OF TRICHOSANTHES KINABALUENSIS RUGAYAH (CUCURBITACEAE)
Akpan Evaluation of intrusion detection systems with automatic traffic generation programs

Legal Events

Date Code Title Description
8320 Willingness to grant licences declared (paragraph 23)
8364 No opposition during term of opposition
8327 Change in the person/name/address of the patent owner

Owner name: TREND MICRO INCORPORATED, TOKIO/TOKYO, JP

8328 Change in the person/name/address of the agent

Representative=s name: KAHLER, KAECK & MOLLEKOPF, 86899 LANDSBERG