Systems and methods of soft patching security vulnerabilities

摘要

A method and apparatus for soft patching security vulnerabilities is provided. A method comprises: receiving, from a first researcher computer, a report of a security vulnerability that was identified in a computer program application that the first researcher computer accessed via a first web browser, the report comprising a record of actions performed by the first researcher computer and Document Object Model (DOM) events that the application outputted when the record of actions was generated; automatically generating a detection script comprising a set of requests associated with the security vulnerability from the record of actions, wherein the detection script, when executed by an intermediary computer that is between a network and a second researcher computer, causes the intermediary computer to detect that the second researcher computer is performing actions that are recorded in the record of actions in the application accessed via the first web browser, and, in response, causing the intermediary computer to drop at least some network traffic that is forwarded in the network toward the second researcher computer; sending the detection script to the intermediary computer.