The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 27, 2022
Filed:
Aug. 22, 2019
Sonatype, Inc., Fulton, MD (US);
Brian Fox, Goffstown, NH (US);
Bruce Mayhew, Fulton, MD (US);
Jason Dillon, Fulton, MD (US);
Gazi Mahmud, Berkeley, CA (US);
Sonatype, Inc., Fulton, MD (US);
Abstract
A computer system for security of components includes at least one processor. For a new version of a component, the processor determines, based on a dataset of release events over time, a historical behavioral analysis of (i) a project that is released with prior versions of the component, and/or (ii) historical committer behavior of a committer that committed the new version of the component, and/or (iii) historical behavior of a publisher of the project. The dataset of release events includes event data collected over time regarding open source project, committers, and repository. The processor determines whether the new version of the component presents an unusual risk profile, based on the historical behavioral analysis. The processor facilitates delayed consumption of the new version of the component in response to determining that the new version of the component presents the unusual risk profile.