Security vulnerability detection
First Claim
1. A method comprising:
- indexing, by a system comprising a hardware processor, a plurality of internet sources comprising third party submitted information, to extract security vulnerabilities based on the third party submitted information;
generating, by the system, a security vulnerabilities list comprising the security vulnerabilities extracted from the plurality of internet sources, the security vulnerabilities list further identifying software components affected by respective security vulnerabilities in the security vulnerabilities list;
generating, by the system, a software components list comprising a software component used in an application;
determining, by the system based on matching the software components identified in the security vulnerabilities list with the software component in the software components list, that a security vulnerability in the security vulnerabilities list affects the software component;
determining, by the system, a risk score of the security vulnerability;
generating information for presentation, via a user interface, of the security vulnerability, the risk score, and the software component; and
adjusting, by the system, the risk score based on a number of security vulnerabilities found for the software component and whether a fix has been provided for each security vulnerability of the number of security vulnerabilities.
8 Assignments
0 Petitions
Accused Products
Abstract
In one example in accordance with tie present disclosure, a method for security vulnerability detection includes indexing a variety of internet sources comprising third party submitted information, to extract security vulnerabilities based on the third party submitted information. The method includes generating a security vulnerabilities list comprising security vulnerabilities from the internet source and generating a software components list comprising a software component used in an application. The method includes determining that a security vulnerability in the security vulnerabilities list affects the software component and determining a risk score of the security vulnerability. The method includes presenting the security vulnerability, the risk score and the software component via a user interface.
24 Citations
19 Claims
-
1. A method comprising:
-
indexing, by a system comprising a hardware processor, a plurality of internet sources comprising third party submitted information, to extract security vulnerabilities based on the third party submitted information; generating, by the system, a security vulnerabilities list comprising the security vulnerabilities extracted from the plurality of internet sources, the security vulnerabilities list further identifying software components affected by respective security vulnerabilities in the security vulnerabilities list; generating, by the system, a software components list comprising a software component used in an application; determining, by the system based on matching the software components identified in the security vulnerabilities list with the software component in the software components list, that a security vulnerability in the security vulnerabilities list affects the software component; determining, by the system, a risk score of the security vulnerability; generating information for presentation, via a user interface, of the security vulnerability, the risk score, and the software component; and adjusting, by the system, the risk score based on a number of security vulnerabilities found for the software component and whether a fix has been provided for each security vulnerability of the number of security vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 15, 16)
-
-
9. A system comprising:
-
a processor; and a non-transitory storage medium storing instructions executable on the processor to; index a plurality of internet sources comprising third party submitted information, to extract security vulnerabilities based on the third party submitted information; generate a security vulnerabilities list comprising the security vulnerabilities extracted from the plurality of internet sources, the security vulnerabilities list further identifying software components affected by respective security vulnerabilities in the security vulnerabilities list; generate a software components list comprising a software component used in an application, and a version of the software component; determine, based on matching the software components identified in the security vulnerabilities list with the software component in the software components list, that a security vulnerability in the security vulnerabilities list affects the version of the software component from the software components list; determine a risk score of the security vulnerability; generate information for presentation, via a user interface, of the security vulnerability, the risk score, the software component, and the version of the software component; determine a reliability metric for each respective internet source of the plurality of internet sources, wherein the reliability metric is based on an accuracy of information provided by the respective internet source; and adjust the risk score of the security vulnerability based on the determined reliability metrics for the plurality of internet sources. - View Dependent Claims (10, 11, 17, 18)
-
-
12. A non-transitory machine-readable storage medium comprising instructions that upon execution cause a system to:
-
index a plurality of internet sources comprising third party submitted information, to extract security vulnerabilities based on the third party submitted information, wherein a third party is a party other than an original software vendor of a development platform; generate a security vulnerabilities list comprising the security vulnerabilities extracted from the plurality of internet sources, the security vulnerabilities list further identifying software components affected by respective security vulnerabilities in the security vulnerabilities list; generate a software components list comprising a software component used in the development platform, and a version of the software component; determine, based on matching the software components identified in the security vulnerabilities list with the software component in the software components list, that a security vulnerability in the security vulnerabilities list affects the version of the software component from the software components list; adjust a risk score of the security vulnerability based on a number of security vulnerabilities found for the software component and whether a fix has been provided for each security vulnerability of the number of security vulnerabilities; and generate information for presentation, via a user interface, of the security vulnerability, the risk score, the software component, and the version of the software component. - View Dependent Claims (13, 14, 19)
-
Specification