Remediation of Application-Specific Security Vulnerabilities at Runtime

“…In "Remediation of Application-Specific Security Vulnerabilities at Runtime" by Thomas F. Brown and Mark E. Segal [32], the authors describe how the vulnerabilities that have already been patched by vendors remain unpatched at the client end due to inconsistencies in system checks and administrator overloads. The paper describes that there are four possible lines of defense against vulnerabilities:…”

“…In previous research [18], the need for complete remediation was stated. However, several remediations exist for a given vulnerability as do variants of a base vulnerability.…”

Quantitative Evaluation of Related Web-Based Vulnerabilities

“…In "Remediation of Application-Specific Security Vulnerabilities at Runtime" by Thomas F. Brown and Mark E. Segal [32], the authors describe how the vulnerabilities that have already been patched by vendors remain unpatched at the client end due to inconsistencies in system checks and administrator overloads. The paper describes that there are four possible lines of defense against vulnerabilities:…”

“…In previous research [18], the need for complete remediation was stated. However, several remediations exist for a given vulnerability as do variants of a base vulnerability.…”

Quantitative Evaluation of Related Web-Based Vulnerabilities

“…These external activities can be observed by monitoring the system calls the application makes and other interaction with local resources. Significant work has been done in actually restricting these calls at runtime to create a "sand box" like environment (see e.g., [1]). In most cases, however, the functionality that is traded for this increased security is too steep a price to pay.…”

Software security vulnerability testing in hostile environments

Host-Based Security Challenges and Controls: A Survey of Contemporary Research