Friday, October 19, 2012

Fusion/iAppSecure - New Technology for AppSec Analysis

We have come up with new technology for application security analysis - it is known as Fusion Lite. Here is the abstract.

Fusion Lite is an innovative next generation technology from iAppSecure which radically changes the way applications are assessed.

At the core of Fusion Lite is its intelligent multi-way coordination and orchestration across advanced static, dynamic and instrumentation technologies. The Fusion Lite Analyzer uses observations and analysis from each of these technologies to continuously learn and refine the understanding of application knowledge and behavior as well as to intelligently coordinate and steer the further functioning of these technologies. This novel approach, along with many other innovative technologies, allows it to take the power of static, dynamic and instrumentation technologies far beyond a simple sum of benefits that these technologies can offer in isolation or even with current hybrid approaches (such as dynamic and static result based correlation, instrumentation/stack trace based correlation or instrumentation based feedback to external dynamic analyzers). The intelligent multi-way coordination and orchestration also allows Fusion Lite, as a complete system, to overcome many of the weaknesses inherent with each of these technologies.

Fusion Lite begins by building an accurate static analysis model of the application and performs an initial analysis on it. However, this model and preliminary analysis only serve as an initial representation of the application. Fusion Lite then intelligently instruments the application based on this analysis. These steps lay the foundation for the intelligent multi-way coordination and orchestration across all the technologies. During multi-way coordination and orchestration, even a single event such as execution of a use case can cause a chain reaction within the system which is controlled by Fusion Lite Analyzer. The information and events received from any of the technologies are used both to refine a multi-dimensional model representing the knowledge and behavior of the application as well as to drive other technologies further. The analysis then performed by the other technologies and Fusion Lite Analyzer can generate new information and events which further trigger and improvise the entire process. This process is continuously coordinated until the system stabilizes. The ability to continuously observe, analyze and coordinate these technologies enables continuous refinement of the model representing the knowledge and behavior of the application. This enables a deeper, smarter and accurate detection of vulnerabilities and weaknesses in the application.

Read complete note over here

It is launched under separate venture called iAppSecure Solutions.

1 comment:

gardendecors lebanon said...

Great! Really liked this constructive & helpful information will definitely be able to help me.