Date Added: Sep 2009
Its objective in web security is to move black box to white box in enterprise practices. This paper explains how approaches achieve the goal in terms of static and dynamic analysis. To better explain the framework and roadmap of analysis work, it describes approaches by using macro and micro views individually. Based on this foundation, it explores dynamic analysis in string validation and node tracking, and introduce micro and macro views to architect comprehensive approaches. Micro view is related to the mechanism inside the node, so the event triggers and string validation are both under its coverage.