TRAVERSING SOFTWARE COMPONENTS AND DEPENDENCIES FOR VULNERABILITY ANALYSIS

TRAVERSING SOFTWARE COMPONENTS AND DEPENDENCIES FOR VULNERABILITY ANALYSIS

Systems, devices, computer-implemented methods, and/or computer program products that facilitate software vulnerability analysis using relationship data extracted from disparate package-related sources. In one example, a system can comprise a processor that executes computer executable components st...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Sarkar, Soumitra, Rathgeber, Jens, Bird, John Joseph, Deng, Yu, Astigarraga, Tara
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Systems, devices, computer-implemented methods, and/or computer program products that facilitate software vulnerability analysis using relationship data extracted from disparate package-related sources. In one example, a system can comprise a processor that executes computer executable components stored in memory. The computer executable components can comprise a knowledge induction component and a vulnerability component. The knowledge induction component can populate a package ontology for a range of packages with relationship data extracted from a plurality of disparate package-related sources. The vulnerability component can identify an implicit vulnerability impacting the range of packages using the package ontology and a vulnerability record regarding an explicit vulnerability for a package within the range of packages.