CPC G06F 21/577 (2013.01) [G06F 21/552 (2013.01)] | 20 Claims |
1. A system for determining platform-specific end-to-end security vulnerabilities for software applications, the system comprising:
at least one processor; and
at least one memory coupled to the at least one processor and storing instructions that, when executed by the at least one processor, perform operations comprising:
determining a platform associated with a computer application, wherein the platform indicates an ecosystem of computing resources associated with the computer application;
identifying a set of assessment-domains associated with the platform by comparing a platform identifier of the platform to an assessment-domain-mapping data structure;
obtaining, from a third-party security entity, a set of security-vulnerability responses indicating at least one security threat associated with the platform;
determining an assessment-domain impact level for one or more assessment-domains of the set of assessment-domains associated with the platform based at least on (i) security impact information and (ii) a mapping of security-vulnerability responses to security threat values of the one or more assessment-domains associated with the platform; and
generating for output, a representation indicating at least one assessment-domain-specific impact levels.
|