CODE PROPERTY ANALYSIS FOR SECURITY MITIGATIONS
First Claim
Patent Images
1. A system for mitigating security risks in computer program code comprising:
- a processor and a memory including a risk analysis module configured to cause the processor to;
identify areas of source code that are vulnerable to unauthorized exploitation;
identify areas of source code within the identified vulnerable areas of the source code for which security mitigation code will not be inserted;
filter out the identified areas of source code within the identified vulnerable areas of the source code for which security mitigation code will not be inserted; and
insert security mitigating code for source code remaining after the filtering out of the source code for which security mitigation code will not be inserted.
2 Assignments
0 Petitions
Accused Products
Abstract
Attempts to make code secure often are associated with performance penalties. To facilitate striking an acceptable balance between performance and security, vulnerable areas of source code are identified. The vulnerable areas are examined for areas that are actually safe and the safe areas are filtered from the universe of code that receives security mitigations. The remaining code receives security mitigations appropriate to the level of risk of the code.
40 Citations
20 Claims
-
1. A system for mitigating security risks in computer program code comprising:
-
a processor and a memory including a risk analysis module configured to cause the processor to; identify areas of source code that are vulnerable to unauthorized exploitation; identify areas of source code within the identified vulnerable areas of the source code for which security mitigation code will not be inserted; filter out the identified areas of source code within the identified vulnerable areas of the source code for which security mitigation code will not be inserted; and insert security mitigating code for source code remaining after the filtering out of the source code for which security mitigation code will not be inserted. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of performing security mitigations comprising:
-
identifying areas of source code that are vulnerable to unauthorized exploitation via a risk analysis module executing on a software development computer; filtering out safe areas for which insertion of security mitigating code will not be done from the identified vulnerable areas to create a remaining area of source code for which insertion of security mitigating code will be done; and applying security mitigations to the remaining area of source code; wherein the preceding steps are performed by at least one processor. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-readable storage medium comprising computer-executable instructions which when executed cause at least one processor to:
-
identify an area of source code that is vulnerable to unauthorized exploitation; classify the identified area of source code into a level of risk; apply a level of risk protection to code based on the level of risk into which the identified area was classified; and filter out safe areas for which insertion of security mitigating code will not be done from the identified areas to create a remaining area of source code for which insertion of security mitigating code is done. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification