Glog.AI Resolver

Glog Resolver is part of Glog Solution which in communication with Glog Server discovers context of source code that is analyzed and performs context specific triage and remediation. Glog Resolver is executed on the client side, where it analyzes source code and prepares data to be sent to Glog Server. Based on analysis results provided by the server, Glog Resolver performs triage and provides context specific remediation.

Application OnboardingPrior to scanning, Glog Resolver analyzes applications to detect all potential sources of tainted data. Based on analysis, Glog server prompts users with a set of questions to communicate all design and architectural decisions, policies, as well as all security controls suggested by threat model. This approach enables us to discover part of the context related to application architecture and execution environment.

TriageAfter the SAST engine provides findings, Glog Resolver analyzes the context for each part of the source code to detect validation routines, encoders and sanitizers. It uses analysis results together with context discovered in the onboarding step to perform triage and filter out false positives.

RemediationGlog Resolver uses collected information and discovered context from onboarding and triage to further analyze structure of tainted data and vulnerable data flows. It communicates with Glog Server to obtain context specific remediation advice.

Leave a Reply