-
公开(公告)号:US11973787B2
公开(公告)日:2024-04-30
申请号:US16351955
申请日:2019-03-13
Applicant: SAP SE
Inventor: Luca Compagna , Alessandro Pezze
CPC classification number: H04L63/1433 , G06F11/3684 , G06F11/3688 , G06F11/3692
Abstract: Various examples are directed to systems and methods for detecting vulnerabilities in a web application. A testing utility may direct a plurality of request messages to a web application. The testing utility may be executed at a first computing device and the web application may be executed at a second computing device. The testing utility may determine that a first request message of the plurality of test messages describes a state changing request. The determining may be based at least in part on the first request message and a first response message generated by the web application in response to the first request message. The testing utility may generate a first tampered request message based at least in part on the first request message and direct the first tampered request message to the web application. The testing utility may determine that the first request message indicates a vulnerability of the web application, the determining based at least in part on the first tampered request message and a first traffic-tampered response message generated by the web application in response to the first tampered request message.
-
公开(公告)号:US09715592B2
公开(公告)日:2017-07-25
申请号:US14885001
申请日:2015-10-16
Applicant: SAP SE
Inventor: Luca Compagna , Avinash Sudhodanan , Roberto Carbone , Alessandro Armando
CPC classification number: G06F21/577 , G06F11/00 , G06F2221/033 , H04L63/14 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/145
Abstract: A security testing framework leverages attack patterns to generate test cases for evaluating security of Multi-Party Web Applications (MPWAs). Attack patterns comprise structured artifacts capturing key information to execute general-purpose attacker strategies. The patterns recognize commonalities between attacks, e.g., abuse of security-critical parameter(s), and the attacker's strategy relating to protocol patterns associated with those parameters. A testing environment is configured to collect several varieties of HTTP traffic. User interaction with the MPWA while running security protocols, is recorded. An inference module executes the recorded symbolic sessions, tagging elements in the HTTP traffic with labels. This labeled HTTP traffic is referenced to determine particular attack patterns that are to be applied, and corresponding specific attack test cases that are to be executed against the MPWA. Attacks are reported back to the tester for evaluation. Embodiments may be implemented with penetration testing tools, in order to automate execution of complex attacker strategies.
-
公开(公告)号:US20240394375A1
公开(公告)日:2024-11-28
申请号:US18321627
申请日:2023-05-22
Applicant: SAP SE
Inventor: Feras Al-Kassar , Luca Compagna , Davide Balzarotti
Abstract: Techniques for collaborative detection of software application static vulnerabilities are disclosed. Print statements are injected into the source code for a software application for each of its inputs and outputs. Vulnerability findings are obtained from two or more static analysis tools run against the modified source code. A determination is made that a first static analysis tool reports that tainted data can flow from an input of a function to a return value of the function and it is determined that the second static analysis tool reports that tainted data can flow into the input of the function and that tainted data cannot flow to the return value based on the vulnerability findings. The injection-modified source code is modified to include an assignment of the input to the output to obtain stitch-modified source code. Then vulnerability findings are obtained for the stitch-modified source code and they include new findings.
-
公开(公告)号:US20220255951A1
公开(公告)日:2022-08-11
申请号:US17172011
申请日:2021-02-09
Applicant: SAP SE
Inventor: Luca Compagna , Lorenzo Veronese , Stefano Calzavara
Abstract: Data is received that characterizes a computing architecture including at least one web-based server and an associated cryptographic web protocol to be implemented on such computing architecture according to a desired formal specification. Thereafter, a plurality of inattentive variants complying with the web protocol are generated without associated security checks. Messages to and from each inattentive variant are then monitored while executing the associated security checks. At least one security monitor is generated based on the monitored messages that is configured to address security vulnerabilities in the computing architecture relative to the formal specification. At least one generated security monitor can be later deployed in the computing architecture. Related apparatus, systems, techniques and articles are also described.
-
公开(公告)号:US20170300701A1
公开(公告)日:2017-10-19
申请号:US15097304
申请日:2016-04-13
Applicant: SAP SE
Inventor: SERENA PONTA , Luca Compagna , Daniel Dos Santos , Silvio Ranise
CPC classification number: G06F21/6218 , G06F21/54 , G06Q10/06 , G06Q40/025
Abstract: At design time, a process designer may generate a workflow model of a process associated with in-memory database. The workflow model include tasks and authorization constraints. The authorization constraints are task based constraints, associated with the workflow model. The workflow model is translated into transition system format to generate a reachability graph including possible workflow execution paths. The reachability graph may be translated in a database query format to generate a monitor. At runtime, when a request is received from a process participant to execute a specific task in the workflow model, the monitor is able to enforce authorization constraints and authorization policies received at the runtime, and ensure secure and compliant execution of processes.
-
Patent Agency Ranking
公开(公告)号:US20160314302A1
公开(公告)日:2016-10-27
申请号:US14692203
申请日:2015-04-21
Applicant: SAP SE
Inventor: Antonino Sabetta , Luca Compagna , Serena Ponta , Stanislav Dashevskyi , Daniel Dos Santos , Fabio Massacci
CPC classification number: G06F21/577 , G06F21/53 , G06F21/54 , G06F21/566 , G06F2221/033
Abstract: An input handler receives an exploit test request specifying at least one exploit to be tested against at least one application in at least one execution environment. A deployment engine deploys the at least one execution environment including instantiating a container providing a virtual machine image and configured based on the exploit test request, the instantiated container including the at least one application. A scheduler schedules execution of the at least one execution environment within at least one execution engine, including scheduling an injection of the at least one exploit as specified in the exploit test request. A report generator generates an exploit test report characterizing a result of the at least one exploit being injected into the at least one execution environment of the at least one execution engine.
Abstract translation: 输入处理程序接收在至少一个执行环境中针对至少一个应用程序指定要测试的至少一个漏洞利用的漏洞利用测试请求。 所述部署引擎部署所述至少一个执行环境,所述至少一个执行环境包括实例化提供虚拟机映像并且基于所述漏洞利用测试请求来配置的容器,所述实例化容器包括所述至少一个应用。 调度器调度至少一个执行引擎中的至少一个执行环境的执行,包括调度在漏洞利用测试请求中指定的至少一个利用的注入。 报告生成器生成攻击测试报告,其表征被注入至少一个执行引擎的至少一个执行环境中的至少一个利用的结果。
-
公开(公告)号:US11575687B2
公开(公告)日:2023-02-07
申请号:US17172011
申请日:2021-02-09
Applicant: SAP SE
Inventor: Luca Compagna , Lorenzo Veronese , Stefano Calzavara
Abstract: Data is received that characterizes a computing architecture including at least one web-based server and an associated cryptographic web protocol to be implemented on such computing architecture according to a desired formal specification. Thereafter, a plurality of inattentive variants complying with the web protocol are generated without associated security checks. Messages to and from each inattentive variant are then monitored while executing the associated security checks. At least one security monitor is generated based on the monitored messages that is configured to address security vulnerabilities in the computing architecture relative to the formal specification. At least one generated security monitor can be later deployed in the computing architecture. Related apparatus, systems, techniques and articles are also described.
-
公开(公告)号:US20200296126A1
公开(公告)日:2020-09-17
申请号:US16351955
申请日:2019-03-13
Applicant: SAP SE
Inventor: Luca Compagna , Alessandro Pezze
Abstract: Various examples are directed to systems and methods for detecting vulnerabilities in a web application. A testing utility may direct a plurality of request messages to a web application. The testing utility may be executed at a first computing device and the web application may be executed at a second computing device. The testing utility may determine that a first request message of the plurality of test messages describes a state changing request. The determining may be based at least in part on the first request message and a first response message generated by the web application in response to the first request message. The testing utility may generate a first tampered request message based at least in part on the first request message and direct the first tampered request message to the web application. The testing utility may determine that the first request message indicates a vulnerability of the web application, the determining based at least in part on the first tampered request message and a first traffic-tampered response message generated by the web application in response to the first tampered request message.
-
公开(公告)号:US09811668B2
公开(公告)日:2017-11-07
申请号:US14692203
申请日:2015-04-21
Applicant: SAP SE
Inventor: Antonino Sabetta , Luca Compagna , Serena Ponta , Stanislav Dashevskyi , Daniel Dos Santos , Fabio Massacci
CPC classification number: G06F21/577 , G06F21/53 , G06F21/54 , G06F21/566 , G06F2221/033
Abstract: An input handler receives an exploit test request specifying at least one exploit to be tested against at least one application in at least one execution environment. A deployment engine deploys the at least one execution environment including instantiating a container providing a virtual machine image and configured based on the exploit test request, the instantiated container including the at least one application. A scheduler schedules execution of the at least one execution environment within at least one execution engine, including scheduling an injection of the at least one exploit as specified in the exploit test request. A report generator generates an exploit test report characterizing a result of the at least one exploit being injected into the at least one execution environment of the at least one execution engine.
-
公开(公告)号:US20170109534A1
公开(公告)日:2017-04-20
申请号:US14885001
申请日:2015-10-16
Applicant: SAP SE
Inventor: Luca Compagna , Avinash Sudhodanan , Roberto Carbone , Alessandro Armando
CPC classification number: G06F21/577 , G06F11/00 , G06F2221/033 , H04L63/14 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/145
Abstract: A security testing framework leverages attack patterns to generate test cases for evaluating security of Multi-Party Web Applications (MPWAs). Attack patterns comprise structured artifacts capturing key information to execute general-purpose attacker strategies. The patterns recognize commonalities between attacks, e.g., abuse of security-critical parameter(s), and the attacker's strategy relating to protocol patterns associated with those parameters. A testing environment is configured to collect several varieties of HTTP traffic. User interaction with the MPWA while running security protocols, is recorded. An inference module executes the recorded symbolic sessions, tagging elements in the HTTP traffic with labels. This labeled HTTP traffic is referenced to determine particular attack patterns that are to be applied, and corresponding specific attack test cases that are to be executed against the MPWA. Attacks are reported back to the tester for evaluation. Embodiments may be implemented with penetration testing tools, in order to automate execution of complex attacker strategies.
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.024 seconds)
