Multi-computer system for performing vulnerability analysis and alert generation

Assignee

• Bank of America Corporation · US

Inventors

• Dustin Paul Stocks · Stallings, US
• Kayla Ashley Rux · Charlotte, US
• Viswanathan Venkatasubramanian · Arlington, US
• Ramkumar Korlepara · McKinney, US
• Sanjay Lohar · Charlotte, US
• Eric Eugene Sifford · Harrisburg, US
• Ashley L. Jones · Washington, US
• David Cuka · West Chicago, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06N20/00
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Arrangements for providing software vulnerability analysis and monitoring are provided. In some aspects, software bill of materials (SBOM) data may be received and software attributes may be extracted from the SBOM data. Author data may be received and analyzed using natural language processing and/or machine learning to identify author attributes. Current event or vulnerability data may be received. In some examples, one or more machine learning models may be executed to determine a confidence score associated with the software being analyzed. For instance, software attributes, author attributes, and current event data may be used as inputs in the machine learning model and a confidence score may be output. Based on the confidence score, one or more alerts may be generated and transmitted to one or more enterprise organization computing devices.