Patent · US Active

Scan time reduction in application code security scanning

US10614218B2 · kind B2 · utility

2Cited by

3References

14Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

John Peyton · Arlington, US
Babita Sharma · Mississauga, CA
Jason N. Todd · Lunenburg, US
Jeffrey C. Turnham · Newmarket, CA
Mathieu Merineau · Laval, CA
Ettore Merlo · Montréal, CA

Key dates

Filing date	Apr 11, 2017
Grant date	Apr 7, 2020
Priority date	—
Expiry date	Dec 6, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for security scanning application code includes executing, via a processor, a full scan of the application code and generating a program intermediate representation (IR) and a list of security findings determined by the full scan. The processor executes an incremental scan of the application code after at least one change to the application code, and identifies at least one changed file in the application code. The processor then generates an incremental intermediate representation (IR) based at least in part on the at least one changed file. The processor merges the saved scan state and the incremental IR, produces a merged scan state, and outputs security findings based at least in part on the merged scan state and the incremental IR.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.