| CPC G06F 21/577 (2013.01) [G06F 8/36 (2013.01)] | 17 Claims |
|
1. A system for tokenizing software code security vulnerabilities and remediating matching vulnerabilities in application code, the system comprising:
one or more processors;
memory in communication with the one or more processors and storing instructions that, when executed by the one or more processors, cause the system to:
receive initial vulnerability listings responsive to submissions of one or more initial code packages to one or more software security analysis tools;
receive subsequent vulnerability listings responsive to actual or potential remediations of the one or more initial code packages by the one or more software security analysis tools;
generate differential listings comprising vulnerability remediation updates to the one or more initial code packages by the one or more software security analysis tools;
generate one or more generalized remediation tokens for each of the vulnerability remediation updates identified in the differential listings;
determine similarities among the generalized remediation tokens;
pool similar generalized remediation tokens;
store the pooled similar generalized remediation tokens in a repository;
revise at least one previously generated generalized remediation token based on the determined similarities;
receive an application code package;
locate one or more fields of the application code package that include a vulnerability comprising a syntax error defined by one or more of the generalized remediation tokens; and
automatedly remediate, using the one or more fields, the vulnerability in the application code package.
|