Identifying Security Breaches Caused by Web-Enabled Software Applications

1. A method for identifying, a security breach caused when a computer-based software application uses a computer-based web browser application, the method comprising:

identifying at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application;

at least partially replacing said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application;

causing said software application to perform said function; and

determining whether said predefined action is performed,

wherein any of said steps are implemented in either of computer hardware and computer software and embodied in a computer-readable medium.

2. A method according to claim 1 and further comprising monitoring the execution of said computer-based software application to identify said function.

3. A method according to claim 1 wherein said steps are performed if said web browser application is embedded within said software application.

4. A method according to claim 1 wherein said at least partially replacing step comprises at least partially replacing said data at said source.

5. A method according to claim 1 and further comprising providing a notification regarding said security breach.

6. A method according to claim 1 and further comprising providing any of said applications with a wrapper configured to detect the presence of said malicious content in said data.

7. A method according to claim 1 and further comprising:

inspecting and enumerating through GUI objects of said software application,

determining whether said software application utilizes said web browser application as an embedded browser object; and

querying said embedded browser object to determine the existence of said malicious content that is accessed by said embedded browser object.

8. A method according to claim 1 wherein said at least partially replacing step comprises at least partially replacing said data such that said malicious content includes at least one instruction for interacting with an external resource, and wherein said method further comprises detecting said interaction with said external resource.

9. A system for identifying a security breach caused when a computer-based software application uses a computer-based web browser application, the system comprising:

an application analyzer configured to identify at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application;

a data manipulator configured to at least partially replace said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application;

a security breach provoker configured to cause said software application to perform said function; and

a security breach detector configured to determine whether said predefined action is performed.

wherein any of said application analyzer, data manipulator, security breach provoker, and security breach detector are implemented in either of computer hardware and computer software and embodied in a computer-readable medium.

10. A system according to claim 1 wherein said software application is configured such that its main purpose does not require it to include functions that are uniquely associated with web browsers, and such that it has the ability to cause said web browser application to perform any functions that are uniquely associated with web browsers.

11. A system according to claim 1 wherein said web browser application is either of a stand-alone browser application external to said software application and an embedded browser with respect to said software application.

12. A system according to claim 1 wherein said security breach provoker is configured to simulate network connections to intercept attempts by said web browser application to access said data and ensure that said web browser application accesses said data.

13. A system according to claim 1 wherein said security breach detector is configured to provide a notification regarding said security breach.

14. A system according to claim 1 wherein said malicious content is configured to create a window containing a predefined siring, and wherein said security breach detector is configured to detect the creation of said window and determine whether said window contains said predefined string.

15. A system according to claim 1 and further comprising a wrapper cooperative with either of said software application and said web browser application, wherein said wrapper is configured to detect the presence of said malicious content in said data.

16. A system according to claim 1 and further comprising a GUI inspector configured to

inspect and enumerate through GUI objects of said software application;

determine whether said software application utilizes said web browser application as an embedded browser object; and

query said embedded browser object to determine the existence of said malicious content that is accessed by said embedded browser object.

17. A system according to claim 1 wherein said malicious content includes at least one instruction for interacting with an external resource, and further comprising an external security breach detector configured to detect said interaction with said external resource.

18. A computer program product for identifying a security breach caused when a computer-based software application uses a computer-based web browser application, the computer program product comprising:

a computer readable medium; and

computer program instructions operative to

identify at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application,

at least partially replace said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application,

cause said software application to perform said function, and

determine whether said predefined action is performed,

wherein said program instructions are stored on said computer readable medium.