System, Method And Apparatus To Visually Configure An Analysis Of A Program

A method extracts views from an application program, where at least some extracted views include at least one view component, and presenting the extracted views to a user. In response to the user selecting a view component in a presented extracted view, the method presents a form to the user having...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tripp Omer, Ligman Joseph W, Pistoia Marco
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method extracts views from an application program, where at least some extracted views include at least one view component, and presenting the extracted views to a user. In response to the user selecting a view component in a presented extracted view, the method presents a form to the user having a plurality of vulnerability types indicated for the selected view component and, for each vulnerability type, provides an ability for the user to set an indicator in the form as to indicate whether the view component is at least one of a source or a sink. The method further includes saving the form containing the user's input in conjunction with a user-provided label for the selected view component and a unique identification of the selected view component, and deriving an analysis policy configuration from the saved form that is formatted for use by a program security analyzer.