Ocular leverages the power of the Code Property Graph (CPG) to map how information flows from sources to sinks and all data transforms in between. Analogous to the way Google Maps provides a representation of your unique geographical location, the various routes available and possible destinations. Ocular provides code auditors and reviewers with a platform to construct, and tune powerful, highly customized queries for interactive interrogation of their unique code bases and environments. Ocular enables code auditors to apply their own knowledge of their unique code and any inherent business logic to precisely identify more challenging and complex vulnerabilities, such as those dependent on a series of conditions across the various components used to construct the current build of the application. Ocular custom queries can also be repurposed and automated for use as “policies” in managing security profiles.
Ocular provides a customizable Read Eval Print Loop (REPL) approach to iteratively interrogating code. Analysts with more sophisticated code exploration needs, can leverage the comprehensive CPG graphical mapping to create highly specific and targeted queries, bypassing common sources of false positives. Examples include the ability to identify any custom sanitizations present in the code, where user input is properly secured, and the presence of any indirect data flows, where user input is not directly used in a sink.
Ocular custom queries can help you discover a number of conditions, that legacy solutions simply cannot, such as:
Ocular comes pre-loaded with annotations for common open source libraries and frameworks. Possible attacker-controlled data sources and interesting sinks are tagged in the graph automatically, and flow descriptions exist to scan for common vulnerability patterns. Ocular users can provide additional annotations to extend supported frameworks and libraries or encode additional vulnerability patterns.
Ocular queries accelerate the process of examining the various software elements and flows to identify complex business logic vulnerabilities, that can't be scanned for automatically, such as PII that goes unencrypted at rest, abuse of functionality, insufficient process validation, and other common examples as defined by the OWASP.
Ocular, and its earlier open source predecessor, Joern, have a legacy of finding complex and difficult to find vulnerabilities. Read the Ocular Datasheet to learn more insights, along with detailed code examples. Then start a 14 day free trial of Ocular in your own environment.