The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 24, 2003
Filed:
Mar. 05, 2001
Applicant:
Inventors:
Eran Reshef, Tel-Aviv, IL;
Yuval El-Hanany, Tel-Aviv, IL;
Gil Raanan, Zoran, IL;
Tom Tsarfati, Tel-Aviv, IL;
Assignee:
Sanctum Ltd., Herzelia, IL;
Primary Examiner:
Assistant Examiner:
Int. Cl.
CPC ...
G06F 1/219 ; G06F 1/130 ; G06F 1/730 ;
U.S. Cl.
CPC ...
G06F 1/219 ; G06F 1/130 ; G06F 1/730 ;
Abstract
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.
Published as:
WO0165330A2; AU3769601A; US2002010855A1; WO0165330A3; EP1269286A2; US6584569B2; US2003233581A1; EP1269286A4; US7237265B2; EP1269286B1; ATE414943T1; DE60136616D1;