Application vulnerability mitigation (AVM) is a evolution of static code analysis that allows user to not only analyze but also fix vulnerabilities in application source code. By saving time and money, the use of an AVM solutions allows companies to increase the quality and security of their applications.
The three steps:
Scan – Application source code is scanned using 5 different static analysis engines. This is not penetration testing – AVM relies on having access to source code, the back end of any application, to comprehensively assess potential problem areas.
Identify – During the scan, vulnerabilities are identified within source code. Lucent Sky CLEAR can identify 12 different types of vulnerabilities, including SQL injection, cross-site scripting, and include the OWASP top 10 categories. The vulnerabilities are categorized for the purpose of mitigation.
Mitigate – Adaptive algorithms are able to inject mitigated source code to problem areas identified during the scanning process. Developers can inspect the mitigated code and deploy fixes individually or en masse. Only a very small percentage of identified vulnerabilities cannot be automatically mitigated, which are likely caused by flawed logic and need to be manually mitigated. Once the source code is mitigated, developers can test the mitigated code during quality assurance, or deploy it immediately.