Assessment and analysis of software security flaws

Invention Grant

US08499353B2 Assessment and analysis of software security flaws 有权

Title translation: 软件安全漏洞的评估与分析

Please log in to see more content

Patent Title: Assessment and analysis of software security flaws
Patent Title (中): 软件安全漏洞的评估与分析
Application No.: US12031918

Application Date: 2008-02-15
Publication No.: US08499353B2

Publication Date: 2013-07-30
Inventor: Malcolm W. Lockhart , Christopher J. Wysopal , Christopher J. Eng , Matthew P. Moynahan , Simeon Simeonov
Applicant: Malcolm W. Lockhart , Christopher J. Wysopal , Christopher J. Eng , Matthew P. Moynahan , Simeon Simeonov
Applicant Address: US MA Burlington
Assignee: Veracode, Inc.
Current Assignee: Veracode, Inc.
Current Assignee Address: US MA Burlington
Agency: Goodwin Procter LLP
Main IPC: G06F11/00
IPC: G06F11/00

Assessment and analysis of software security flaws

Abstract:

Security assessment and vulnerability testing of software applications is performed based at least in part on application metadata in order to determine an appropriate assurance level and associated test plan that includes multiple types of analysis. Steps from each test are combined into a “custom” or “application-specific” workflow, and the results of each test may then be correlated with other results to identify potential vulnerabilities and/or faults.

Abstract(Chinese):

至少部分基于应用程序元数据执行软件应用程序的安全评估和漏洞测试，以确定适当的保证级别和包含多种类型的分析的相关测试计划。每个测试的步骤被组合成“自定义”或“应用程序特定”工作流程，然后可以将每个测试的结果与其他结果相关联，以识别潜在的漏洞和/或故障。

Public/Granted literature

US20080209567A1 ASSESSMENT AND ANALYSIS OF SOFTWARE SECURITY FLAWS Public/Granted day:2008-08-28

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F11/00	错误检测；错误校正；监控（在记录载体上作出核对其正确性的方法或装置入G06K5/00；基于记录载体和传感器之间的相对运动而实现的信息存储中所用的方法或装置入G11B，例如G11B20/18；静态存储中所用的方法或装置入G11C29/00）