Skip to main content
Skip table of contents

DAST and SAST Correlation Algorithm

Overview

This article explains about the matching algorithm used to correlate DAST and SAST findings in the Mend AppSec Platform. Correlation is established based on matching the path of a vulnerable endpoint and the CWE - the type of the vulnerability.

Note:

  • The matching for the DAST/SAST correlation relies on the detection of HTTP endpoints.

  • The domain part of the URL is ignored by the algorithm in the matching process.

Supported URL Patterns

The algorithm recognizes the following dynamic URL segment patterns:

Pattern Type

Example

Description

Framework Examples

DoubleCurlyBraces

{{id}}

Parameter with double curly braces

Handlebars, some templates

CurlyBraces

{id}

Parameter with curly braces

Spring, ASP.NET Core

OptionalColon

:id?

Optional parameter with colon prefix

Express.js

ColonParenDotFormat

:id(.:format)

Parameter with format extension

Custom frameworks

Colon

:id

Parameter with colon prefix

Express.js

AngleBrackets

<id>

Parameter with angle brackets

Angular, Flask

DollarSign

$id

Parameter with dollar sign

Some custom frameworks

Detection Probabilities

The algorithm assigns probabilities for matches based on various factors:

Match Type

Description

Exact Match

The static URL perfectly matches the dynamic pattern, with all segments matching positionally

Method Mismatch

The paths match but HTTP methods differ (e.g., GET vs POST)

Partial Match

Some segments match but not all

CWE Mismatch

No match due to different CWE (Common Weakness Enumeration) values

.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.