Patenton — panteon of patents

(19)

RU

(11)

2 755 675

(13)

C2

(51)

IPC

G06F11/30(2006-01-01)

G06F21/57(2013-01-01)

(21) (22)

Application

2019128540, 2017-12-12

(24)

Start date

2017-12-12

(22)

Actual filing date

2017-12-12

(45)

Published

2021-09-20

(72)

Inventor

Uilton, ShejnSedat, Benzhamin, D.Irizarri, EndzhelBorokhovskij, MajklBraun, Ejnsli, K.

(73)

Holder

Sinopsis, Ink.

IDENTIFICATION OF SECURITY VULNERABILITIES IN APPLICATION PROGRAM INTERFACES Russian patent published in 2021 - IPC G06F11/30 G06F21/57 

Abstract RU 2755675 C2

FIELD: computer technology.

SUBSTANCE: method performed by a computer system to automate the detection of security vulnerabilities of an application program interface (hereinafter – API) contains: receiving information about the API of a third-party system; receiving authentication flows for the API; generating an API specification based on the information received, wherein the API specification describes API endpoints; for each of API endpoints described in the API specification, for each of authentication flows for the API, determining security vulnerabilities of the API endpoint; for each specific security vulnerability, performing the first audit task for the API endpoint to determine, whether the API endpoint is vulnerable, and performing the second audit task for authentication flow to determine, whether authentication flow is vulnerable; recording the results of the first and second audit tasks performed; generating a scan report for the API; sending the scan report to the third-party system.

EFFECT: providing the possibility of identification of security vulnerabilities in application program interfaces.

18 cl, 5 dwg

Similar patents RU2755675C2

Title Year Author Number
AUTOMATION SYSTEM FOR THE EXCHANGE OF MARKING CODES 2021
  • Dankov Dmitrij Alekseevich
 RU2773429C1
CONTROL SYSTEM FOR SECURITY POLICY OF ELEMENTS OF CORPORATE COMMUNICATION NETWORK 2023
  • Dobryshin Mikhail Mikhailovich
  • Shugurov Dmitrii Evgenevich
  • Belov Andrei Sergeevich
  • Anisimov Vladimir Georgievich
  • Gromov Iurii Iurevich
  • Klimov Sergei Mikhailovich
  • Mishin Dmitrii Stanislavovich
  • Filin Andrei Viktorovich
 RU2813469C1
INTEGRATED ACCESS AUTHORISATION 2005
  • Golan Gilad
  • Vajman Mark
 RU2405198C2
SYSTEM AND METHODS FOR AUDITING A VIRTUAL MACHINE 2017
  • Lukacs Sandor
  • Lutas Andrei-Vlad
  • Anichitei Ionel C.
 RU2691187C1
SYSTEM AND METHOD FOR FORMING A SECURITY MONITOR 2021
  • Kulagin Dmitrii Aleksandrovich
  • Burenkov Vladimir Sergeevich
  • Bondarenko Aleksandr Aleksandrovich
 RU2773108C1
NETWORK GATEWAY AND METHOD FOR TRANSFERRING DATA FROM A FIRST NETWORK TO A SECOND NETWORK 2021
  • Vereshchagin Aleksei Georgievich
  • Kashitsyn Denis Sergeevich
  • Dontsov Maksim Andreevich
  • Morozov Ruslan Iurevich
  • Lukiian Dmitrii Sergeevich
 RU2770458C1
DATA ACCESS CONTROL SYSTEM AND METHOD 2021
  • Vereshchagin Aleksei Georgievich
  • Kashitsyn Denis Sergeevich
  • Dontsov Maksim Andreevich
  • Morozov Ruslan Iurevich
  • Lukiian Dmitrii Sergeevich
 RU2790338C1
SYSTEM ANALYSIS AND CONTROL 2007
  • Verbovski Chad
  • Li Dzukhan
  • Lju Sjaogan
  • Russev Russi
  • Van I-Min'
 RU2451326C2
ONE-RANGE CONTENT DELIVERY NETWORK, METHOD AND CONTROL DEVICE 2014
  • Leekley Gregory H.
  • Savenok Alexander
  • Savenok Pavel
 RU2633111C1
SYSTEM AND METHOD FOR CONTROLLING THE DELIVERY OF MESSAGES TRANSMITTED BETWEEN PROCESSES FROM DIFFERENT OPERATING SYSTEMS 2021
  • Simanovskii Andrei Iurevich
  • Rogachev Sergei Viktorovich
  • Pinchuk Stanislav Iurevich
 RU2777302C1

RU 2 755 675 C2

Authors

Uilton, Shejn

Sedat, Benzhamin, D.

Irizarri, Endzhel

Borokhovskij, Majkl

Braun, Ejnsli, K.

Dates

2021-09-20Published

2017-12-12Filed

download Download PDF read Similar patents