Software applications may include vulnerabilities or flaws that allow hackers to access data and/or perform actions without authorization. For example, the unauthorized hacker may try to access a database or file on behalf of an authorized user.
Current software analysis programs check for security flaws by trying to test every path through the software application source code. However, the analysis programs only provide snapshot views of the software application and do not test behaviors or states that may occur during actual execution runtime. Security analysis programs may not have access to all application source code and therefore may not be able to test internal code paths for security flaws.