Scripting attack detection and mitigation using content security policy violation reports

Scripting attack detection and mitigation using content security policy violation reports

Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features asso...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Bhalode, Swapnil, Gallagher, Gabe, Puri, Hemant, Agrawal, Anant, Bhatkar, Sandeep, Lee, Erick, Yawalkar, Siddhesh, Shankar, Sangam
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features associated with the first violation; classifying the first violation as a first JavaScript attack based on the first plurality of features; and taking action to mitigate the first JavaScript attack on the first web application.