Skip to content

Sift Analyzers

Analyzers are an integral part of Sift. Analyzers perform checks on operations in an API to find functional defects and security vulnerabilities in an application. Each analyzer performs a unique set of checks - see the description of an analyzer. If an operation fails the checks performed by an analyzer, then a finding is reported by Sift.

Each finding has a fault identifier that classifies the kind of fault detected by an analyzer. Fault identifiers begin with a 3-letter prefix that represents a class of faults.

Fault Prefix Description
CWE Common Weakness Enumeration. The MITRE Common Weakness Enumeration (CWE) is a database containing industry standard classification of security weaknesses. Any security vulnerability is classified as one of the weaknesses in CWE.
SCF Conformance Fault. When a API operation does not conform to the API definition, the defect is classified as a SCF fault.
SFF Functional Fault. Functional defects are classified as a SFF fault.
SIF Injection Fault. A finding reported for a user-specified injection attack vector is classified as a SIF fault.
SPF Property Fault. When an API operation violates a user-specified property, the defect is classified as a SPF fault.

List of Analyzers: