Accession Number:

ADA568544

Title:

Interactive Vulnerability Analysis Enhancement Results

Descriptive Note:

Final technical rept. Jul-Sep 2012

Corporate Author:

ASPECT SECURITY COLUMBIA MD

Personal Author(s):

• Williams, Jeff
• Dabirsiaghi, Arshan

Report Date:

2012-12-01

Pagination or Media Count:

38.0

Abstract:

Interactive Application Security Testing IAST is an innovative new approach to application security vulnerability detection. This investigation focused on making performance improvements to this technology to allow deployments of the technology in production systems, to enable automatic generation of protection rules for the vulnerabilities discovered, and expanding the range of applications supported from JavaEE web based applications to other non-web based Java programs. Technology developed in this effort should be generally applicable to other IAST tools.

Descriptors:

• *COMPUTER PROGRAMS
• *SECURITY
• *VULNERABILITY
• AUTOMATIC
• DEPLOYMENT
• DETECTION
• INTERACTIONS
• JAVA PROGRAMMING LANGUAGE
• PRODUCTION
• TEST AND EVALUATION
• TOOLS

Subject Categories:

• Computer Programming and Software
• Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE