.svg){kind=logo}
Overview
This article explains about the matching algorithm used to correlate DAST and SAST findings in the Mend AppSec Platform. Correlation is established based on matching the path of a vulnerable endpoint and the CWE - the type of the vulnerability.
Note:
-
The matching for the DAST/SAST correlation relies on the detection of HTTP endpoints.
-
The domain part of the URL is ignored by the algorithm in the matching process.
Supported URL Patterns
The algorithm recognizes the following dynamic URL segment patterns:
|
Pattern Type |
Example |
Description |
Framework Examples |
|---|---|---|---|
|
DoubleCurlyBraces |
|
Parameter with double curly braces |
Handlebars, some templates |
|
CurlyBraces |
|
Parameter with curly braces |
Spring, ASP.NET Core |
|
OptionalColon |
|
Optional parameter with colon prefix |
Express.js |
|
ColonParenDotFormat |
|
Parameter with format extension |
Custom frameworks |
|
Colon |
|
Parameter with colon prefix |
Express.js |
|
AngleBrackets |
|
Parameter with angle brackets |
Angular, Flask |
|
DollarSign |
|
Parameter with dollar sign |
Some custom frameworks |
Detection Probabilities
The algorithm assigns probabilities for matches based on various factors:
|
Match Type |
Description |
|---|---|
|
Exact Match |
The static URL perfectly matches the dynamic pattern, with all segments matching positionally |
|
Method Mismatch |
The paths match but HTTP methods differ (e.g., GET vs POST) |
|
Partial Match |
Some segments match but not all |
|
CWE Mismatch |
No match due to different CWE (Common Weakness Enumeration) values |