System and method for assessing software containers for vulnerabilities
US11580230B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 30, 2020 |
| Grant date | Feb 14, 2023 |
| Priority date | — |
| Expiry date | Feb 5, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An example method includes determining, based on a static scan, that a software container image or an intended execution environment of the software container image meets one or more first criteria required to exploit a software vulnerability. Based on the determining, runtime behavior of a software container instantiated from the software container image is monitored. The monitoring including determining whether the software container meets one or more second criteria required to exploit the software vulnerability, wherein the one or more first second criteria differs from the one or more second criteria. Based on the runtime monitoring, a risk score that indicates a magnitude of a risk the software vulnerability poses for the software container is determined, and a notification of the risk score is provided. A system for assessing software containers for vulnerabilities is also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.