Security risk assessment and control for code
US10607015B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | May 16, 2019 |
| Grant date | Mar 31, 2020 |
| Priority date | — |
| Expiry date | May 16, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Disclosed embodiments relate to systems and methods for automatically detecting and addressing security risks in code segments. Techniques include accessing a plurality of code segments developed for execution in a network environment, automatically identifying a first code segment from the plurality of code segments for analysis, automatically performing a first code-level security risk assessment for the first code segment, and determining a first security risk level for the first code segment based on the application programming interface risk level. The first code-level security risk assessment may be performed based on at least one of an application programming interface risk level, an embedded credentials risk level, and a target resource risk level. Further techniques may include determining a second security risk level for a modified version of the first code segment; and enabling a comparison between the first security risk level and the second security risk level.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.