Determining and managing application vulnerabilities
First Claim
Patent Images
1. A computer implemented method comprising:
- retrieving application files of an enterprise application store, wherein each application file corresponds to an application provided by the enterprise application store;
scanning each retrieved application file, wherein the scanning comprises identifying vulnerable application program interfaces that are used by each retrieved application file; and
assigning a vulnerability index to each application, based on the scanning of each application'"'"'s corresponding application file, wherein assigning the vulnerability index comprises calculating the vulnerability index based on the number of vulnerable application program interfaces that are used and a number of times that each vulnerable application program interface is used,wherein calculating the vulnerability index is further based on a threat weight of a threat category to which each vulnerable application program interface belongs.
1 Assignment
0 Petitions
Accused Products
Abstract
A method includes retrieving application files of an enterprise application store. Each application file corresponds to an application provided by the enterprise application store. The method also includes scanning each retrieved application file. The scanning includes identifying vulnerable application program interfaces that are used by each retrieved application file. The method also includes assigning a vulnerability index to each application, based on the scanning of each application'"'"'s corresponding application file.
11 Citations
17 Claims
-
1. A computer implemented method comprising:
-
retrieving application files of an enterprise application store, wherein each application file corresponds to an application provided by the enterprise application store; scanning each retrieved application file, wherein the scanning comprises identifying vulnerable application program interfaces that are used by each retrieved application file; and assigning a vulnerability index to each application, based on the scanning of each application'"'"'s corresponding application file, wherein assigning the vulnerability index comprises calculating the vulnerability index based on the number of vulnerable application program interfaces that are used and a number of times that each vulnerable application program interface is used, wherein calculating the vulnerability index is further based on a threat weight of a threat category to which each vulnerable application program interface belongs. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer system comprising:
-
a memory; and a processor system communicatively coupled to the memory; the processor system configured to perform a method comprising; retrieving application files of an enterprise application store, wherein each application file corresponds to an application provided by the enterprise application store; scanning each retrieved application file, wherein the scanning comprises identifying vulnerable application program interfaces that are used by each retrieved application file; and assigning a vulnerability index to each application, based on the scanning of each application'"'"'s corresponding application file, wherein assigning the vulnerability index comprises calculating the vulnerability index based on the number of vulnerable application program interfaces that are used and a number of times that each vulnerable application program interface is used; wherein calculating the vulnerability index is further based on a threat weight of a threat category to which each vulnerable application program interface belongs. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product for determining and managing application vulnerabilities, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions readable by a processor system to cause the processor system to:
-
retrieve, by the processor system, application files of an enterprise application store, wherein each application file corresponds to an application provided by the enterprise application store; scan, by the processor system, each retrieved application file, wherein the scanning comprises identifying vulnerable application program interfaces that are used by each retrieved application file; and assign a vulnerability index to each application, based on the scanning of each application'"'"'s corresponding application file, wherein assigning the vulnerability index comprises calculating the vulnerability index based on the number of vulnerable application program interfaces that are used and a number of times that each vulnerable application program interface is used; wherein calculating the vulnerability index is further based on a threat weight of a threat category to which each vulnerable application program interface belongs. - View Dependent Claims (14, 15, 16, 17)
-
Specification