Abstract: Example embodiments disclosed herein relate to generating a point-wise protection based on dynamic security analysis. Vulnerability solution recommendation are provided based on the dynamic security analysis. A point-wise protection is generated based on a selection of the vulnerability solution recommendation.

Abstract: Example embodiments disclosed herein relate to an approach for installing a runtime agent during a security test. A security test is initiated or performed on an application under test executing on a server. An application vulnerability associated with the application under test is determined. The application vulnerability is exploited to install the runtime agent on the server. The security test is continued using the runtime agent to receive additional information about the application under test.

Abstract: Example embodiments disclosed herein relate to actively modify execution at runtime of an application under test (AUT). The AUT is executed using a real-time modifier. A security test is performed on the AUT. Execution of the AUT is modified at a decision point.

Abstract: Example embodiments disclosed herein relate to modifying execution of an application under test to act as if a user is a power user. The application under test is hosted in a real-time modifier. A security crawl is performed on the application under test logged in as the user. The user is treated as a power user.

Abstract: Example embodiments disclosed herein relate to generating a point-wise protection based capable of being implemented using a runtime agent. Security information including line of code information associated with possible vulnerabilities are processed to determine vulnerability solution recommendations. A vulnerability solution recommendation is presented. The point-wise protection is generated based on a selection input for the vulnerability solution recommendation, where the point-wise protection is capable of being implemented using a runtime agent.

Abstract: Example embodiments disclosed herein relate to generating a point-wise protection based on dynamic security analysis. Vulnerability solution recommendation are provided based on the dynamic security analysis. A point-wise protection is generated based on a selection of the vulnerability solution recommendation.

Abstract: Example embodiments disclosed herein relate to an approach for installing a runtime agent during a security test. A security test is initiated or performed on an application under test executing on a server. An application vulnerability associated with the application under test is determined. The application vulnerability is exploited to install the runtime agent on the server. The security test is continued using the runtime agent to receive additional information about the application under test.

Abstract: Example embodiments disclosed herein relate to generating a scanning strategy based on a dynamic taint module. A dynamic taint module associated with an application is caused to be initiated for a crawling phase of a security test. A report is received from the dynamic taint module. The dynamic taint module is restricted. The scanning strategy is based on the report.

Abstract: Example embodiments disclosed herein relate to real-time modification of an application under test (AUT). A security rest is performed on the AUT. A real-time modifier determines that a portion of a function to be executed by the AUT is unsafe. The real-time modifier modifies execution of the AUT to not execute the portion.

Abstract: Example embodiments disclosed herein relate to real-time modification of an application under test (AUT). A security rest is performed on the AUT. A real-time modifier determines that a portion of a function to be executed by the AUT is unsafe. The real-time modifier modifies execution of the AUT to not execute the portion.

Abstract: Example embodiments disclosed herein relate to actively modify execution at runtime of an application under test (AUT). The AUT is executed using a real-time modifier. A security test is performed on the AUT. Execution of the AUT is modified at a decision point.

Abstract: Example embodiments disclosed herein relate to generating a scanning strategy based on a dynamic taint module. A dynamic taint module associated with an application is caused to be initiated for a crawling phase of a security test. A report is received from the dynamic taint module. The dynamic taint module is restricted. The scanning strategy is based on the report.

Abstract: Example embodiments disclosed herein relate to modifying execution of an application under test to act as if a user is a power user. The application under test is hosted in a real-time modifier. A security crawl is performed on the application under test logged in as the user. The user is treated as a power user.