The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 25, 2022
Filed:
Jan. 28, 2019
Visa International Service Association, San Francisco, CA (US);
Shashi Velur, Austin, TX (US);
Abha Sharma, Austin, TX (US);
Karthiga Kengan, Austin, TX (US);
Keeshini Manivannan, Cedar Park, TX (US);
Chintal Vashi, Austin, TX (US);
VISA INTERNATIONAL SERVICE ASSOCIATION, San Francisco, CA (US);
Abstract
Apparatuses, methods, and systems are provided for making continuous vulnerability management for modern applications. A dependency tree can be created mapping third-party libraries to microservices used in an application of a software package. Natural language processing can be used on release notes and changelogs of new library versions to generate a list of libraries afflicted with common vulnerabilities and exposures ('CVEs'). A number of code calls from an application program interface ('API') can be made to an afflicted library. A number of code calls including CVEs can be enumerated for each afflicted library. A risk score can be assigned to the API based on the number of code calls including CVEs. The risk score can be compared against a threshold value to cause a remedial action to occur, including updating libraries to newer versions to resolve CVE issues or generating a report regarding the afflicted libraries.