Applied Visions' Secure Decisions business has released a technology designed to automate the process of identifying exploitable vulnerabilities in a web-based application.
Secure Decisions said Monday it developed the Attack Surface Detector for software penetration testers through the Application Security Technologies and Metrics program managed by the Department of Homeland Security's science and technology directorate.
ASD is built to discover hidden security gaps across endpoints and parameters of a web app and examine source codes via a static analysis method to identify the app's attack surface.
The open-source plugin tool works to help protect the software intellectual property during penetration tests, Secure Decisions noted.
During a study, CREST-registered penetration testers saved four to six hours when they used ASD to perform a code base analysis compared with the time they spent to complete the task using a manual approach.