×

Solution-centric reporting of security warnings

  • US 9,729,569 B2
  • Filed: 04/21/2015
  • Issued: 08/08/2017
  • Est. Priority Date: 04/21/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method of automated analysis on source files of a software system, comprising:

  • performing a set of operations in an automated manner during a static analysis of the source files performed by a security scanner, the operations comprising;

    receiving sets of trace data each representing a potential security flaw in the software system, the trace data comprising a set of trace nodes;

    parsing the sets of trace data by vulnerability type;

    analyzing the sets of trace data to identify a solution group comprising trace nodes that exist across the sets of trace data;

    processing the trace nodes in the solution group by iterating through the trace data and counting occurrences of a trace node to identify a reduced set of common nodes representing one or more potential fix points for a security flaw, the reduced set of common nodes including a most common node that is closest to a sink without being the sink, the one or more potential fix points having associated therewith a recommendation for addressing the security flaw;

    configuring the one or more potential fix points as an application programming interface (API) to which a sanitization or validation routine is configured to be coupled to attempt to address the security flaw.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×