METHODS AND SYSTEMS FOR REDUCING FALSE POSITIVE FINDINGS
First Claim
1. A system for validating software security analysis findings, comprising:
- one or more processors;
a graphical user interface (GUI); and
a memory in communication with the one or more processors and the GUI, the memory storing instructions that, when executed by the one or more processors, are configured to;
receive, from a first software security analysis tool, a first finding from a first scan of an application code, the first finding including one or more software issues within the application code;
retrieve a source truth dataset including a plurality of criteria for validating the first finding;
determine a first validity score for the first finding based on whether a first criterion is met, the first validity score indicating the accuracy of the first finding;
determine, by comparing the first validity score to a predetermined validity threshold, a value of the first finding; and
send, to the GUI, a first signal to cause the GUI to display the first finding and the value of the first finding.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for validating software security analysis findings includes a non-transitory computer readable medium and a processor. The non-transitory computer readable medium stores a source truth dataset including criteria for validating characteristics of findings. The processor receives a finding from a software security analysis tool that performs scan on application code. The processor identifies a characteristic from the finding. The processor selects a criterion from the non-transitory computer readable medium for validating the identified characteristic. The processor determines a validity score for the finding based on whether the selected criterion is met. The processor determines whether the finding is false positive by comparing the validity score to a predetermined validity threshold. If the finding is true positive, a graphical user interface displays the finding.
-
Citations
22 Claims
-
1. A system for validating software security analysis findings, comprising:
-
one or more processors; a graphical user interface (GUI); and a memory in communication with the one or more processors and the GUI, the memory storing instructions that, when executed by the one or more processors, are configured to; receive, from a first software security analysis tool, a first finding from a first scan of an application code, the first finding including one or more software issues within the application code; retrieve a source truth dataset including a plurality of criteria for validating the first finding; determine a first validity score for the first finding based on whether a first criterion is met, the first validity score indicating the accuracy of the first finding; determine, by comparing the first validity score to a predetermined validity threshold, a value of the first finding; and send, to the GUI, a first signal to cause the GUI to display the first finding and the value of the first finding. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for validating software security analysis findings, comprising:
-
one or more processors; a graphical user interface (GUI); and a memory in communication with the one or more processors and the GUI, the memory storing instructions that, when executed by the one or more processors, are configured to; receive, from a first software security analysis tool, a first finding from a first scan of an application code, the first finding including one or more software issues within the application code; retrieve, a source truth dataset, the source truth dataset including a plurality of criteria for validating one or more characteristics; determine a first validity factor by determining whether a first criterion is met; determine a second validity factor by retrieving a confidence score associated with the first software security analysis tool; determine a first validity score for the first finding based on at least one of the first validity factor and the second validity factor, the first validity score indicating the accuracy of the first finding; determine, by comparing the first validity score to a predetermined validity threshold, a value of the first finding; and send, to the GUI, a first signal to cause the GUI to display the first finding and the value of the first finding. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for validating software security analysis findings, comprising:
-
receiving, by a processor and from a first software security analysis tool, a first finding from a first scan of an application, the first finding including one or more software issues within the application code; retrieving, from memory, a source truth dataset, the source truth dataset including a plurality of criteria for validating one or more characteristics; determining, by the processor, a first validity factor by determining whether a first criterion is met; determining, by the processor, a second validity factor by retrieving, from the memory, a confidence score associated with the first software security analysis tool; identifying, by the processor, a first set of one or more findings stored in the memory, each finding of the one or more findings overlapping with the first finding; determining, by the processor, a number of findings in the first set; determining, by the processor, a third validity factor based on the number of findings in the first set; determining, by the processor, a first validity score for the first finding based on at least one of the first validity factor, the second validity factor, or the third validity factor; determining, by the processor, by comparing the first validity score to a predetermined validity threshold, a value of the first finding; and sending, to a graphical user interface (GUI), a first signal to cause the GUI to display the first finding and the value of the first finding. - View Dependent Claims (19, 20, 21, 22)
-
Specification