Abstract: Systems and methods for automated selection of payloads for use in a security scan of a web application by a security scanner are described herein. More specifically, the systems and methods test potential payloads for a security scan of a given web application on a test application with known security vulnerabilities, evaluate valid response returned by this test application, determine functionally equivalent responses, group payloads based the equivalence of their valid responses, and select one or more payloads from each created group for use in the security scan of the given web application.

Abstract: To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities.

Abstract: To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities.

Abstract: Systems and methods for automated selection of payloads for use in a security scan of a web application by a security scanner are described herein. More specifically, the systems and methods test potential payloads for a security scan of a given web application on a test application with known security vulnerabilities, evaluate valid response returned by this test application, determine functionally equivalent responses, group payloads based the equivalence of their valid responses, and select one or more payloads from each created group for use in the security scan of the given web application.