Continuous vulnerability management for modern applications

Apparatuses, methods, and systems are provided for making continuous vulnerability management for modern applications. A dependency tree can be created mapping third-party libraries to microservices used in an application of a software package. Natural language processing can be used on release notes and changelogs of new library versions to generate a list of libraries afflicted with common vulnerabilities and exposures ("CVEs"). A number of code calls from an application program interface ("API") can be made to an afflicted library. A number of code calls including CVEs can be enumerated foreach afflicted library. A risk score can be assigned to the API based on the number of code calls including CVEs. The risk score can be compared against a threshold value to cause a remedial action to occur, including updating libraries to newer versions to resolve CVE issues or generating a report regarding the afflicted libraries. 提供对现代应用程序进行连续漏洞管理的设备、方法和系统。可以创建依赖关系树，将第三方库映射到软件包的应用程序中使用的微服务。可以在新的库版本的发行说明和变更日志上使用自然语言处理，