Patent · US Active

System and method for identifying vulnerabilities in code due to open source usage

US10713364B2 · kind B2 · utility

0Cited by

3References

19Claims

0Family size

Assignee

WHITESOURCE LTD. · IL

Inventors

Aharon Abadi · Netanya, IL
Doron Cohen · Migdal HaEmek, IL
David Habusha · Bnei Brak, IL
Ron Rymon · Bnei Brak, IL
Rami Sass · Givatayim, IL

Key dates

Filing date	May 8, 2018
Grant date	Jul 14, 2020
Priority date	—
Expiry date	Jan 25, 2039

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method, computerized apparatus and computer program product, the method comprising: obtaining computer code; determining from the computer code a collection of components reachable from the computer code; providing information about the components to a server; identifying by the server using information retrieved from a database, reachable components associated with the collection of components, which have stored vulnerabilities; determining from the computer code and the reachable components that have stored vulnerabilities, a collection of reachable finer resolution components; identifying, further components from the collection of reachable finer resolution components, which have stored vulnerabilities; and outputting information about the further components, wherein the computer code cannot be reconstructed from the information about the collection of components and the information about the finer resolution components.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.