CORRECTING WORKFLOW SECURITY VULNERABILITIES VIA STATIC ANALYSIS AND VIRTUAL PATCHING

摘要

A computer program can be statically analyzed to determine an order in which client side workflows are intended to be implemented by the computer program. A virtual patch can be generated. When executed by a processor, the virtual patch can track web service calls from a client to the computer program, and determine whether the order of the web service calls from the client to the computer program correlate to the order in which client side workflows are intended to be implemented by the computer program. If the order of the web service calls from the client to the computer program do not correlate to the order in which client side workflows are intended to be implemented by the computer program, an alert can be generated.