Abstract: The invention provides a method of correlating and merging static application security testing (SAST) and dynamic application security testing (DAST) for web and mobile applications. The invention provides a method for categorizing and comparing various endpoint objects including the path (i.e., location within the application's attack surface), one or more parameters, an HTTPMethod, a filename on the file system, line number, and mobile entry point.
Abstract: A method of correlating a static application security testing (SAST) finding and a dynamic application security testing (DAST) finding for an application having a file system with code files containing at least one artifact, which application has an application framework that may be classified as having either a direct framework or an indirect framework.
Abstract: The invention provides a method of correlating and merging static application security testing (SAST) and dynamic application security testing (DAST) for web and mobile applications. The invention provides a method for categorizing and comparing various endpoint objects including the path (i.e., location within the application's attack surface), one or more parameters, an HTTPMethod, a filename on the file system, line number, and mobile entry point.
Abstract: A method of correlating a static application security testing (SAST) finding and a dynamic application security testing (DAST) finding for an application having a file system with code files containing at least one artifact, which application has an application framework that may be classified as having either a direct framework or an indirect framework.