VULNERABILITY ANALYSIS OF SOFTWARE COMPONENTS
First Claim
1. A computer-implemented method for monitoring security of an application, the method being executed by one or more processors and comprising:
- receiving, by the one or more processors, an application developed by a first vendor;
processing, by the one or more processors, the application, by performing a byte-code analysis of the application, to;
identify a plurality of software components used by the application that were developed by vendors other than the first vendor, andprovide a list of third-party software components associated with the application, the list including each of the identified software components; and
for each software component included in the list, determining, by the one or more processors, whether the software component has a vulnerability and, if so, selectively providing code to correct the vulnerability of the software component.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving an application developed by a first vendor. Processing the application, by performing a byte-code analysis of the application, to: identify a plurality of software components used by the application that were developed by vendors other than the first vendor, and provide a list of third-party software components associated with the application, the list including each of the identified software components. determining, for each software component included in the list, whether the software component has a vulnerability and, if so, selectively providing code to correct the vulnerability of the software component.
80 Citations
18 Claims
-
1. A computer-implemented method for monitoring security of an application, the method being executed by one or more processors and comprising:
-
receiving, by the one or more processors, an application developed by a first vendor; processing, by the one or more processors, the application, by performing a byte-code analysis of the application, to; identify a plurality of software components used by the application that were developed by vendors other than the first vendor, and provide a list of third-party software components associated with the application, the list including each of the identified software components; and for each software component included in the list, determining, by the one or more processors, whether the software component has a vulnerability and, if so, selectively providing code to correct the vulnerability of the software component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for monitoring security of an application, the system comprising:
-
one or more computers; and a computer-readable medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations, the operations comprising; receiving an application developed by a first vendor; processing the application, by performing a byte-code analysis of the application, to; identify a plurality of software components used by the application that were developed by vendors other than the first vendor, and provide a list of third-party software components associated with the application, the list including each of the identified software components; and for each software component included in the list, determining whether a software component has a vulnerability and, if so, selectively providing code to correct the vulnerability of the software component.
-
Specification