&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11888885.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,888,885 B1</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Automated security analysis of software libraries</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Jeremy W. Long,  Herndon, VA (US); and  Mitch Moon,  Plymouth, MN (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Wells Fargo Bank, N.A.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Wells Fargo Bank, N.A.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Apr.  29, 2020, as Appl. No. 16/862,135.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/862,135 is a division of application No. 15/951,949, filed on Apr.  12, 2018, granted, now 10,681,076.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/951,949 is a continuation of application No. 14/991,256, filed on Jan.  8, 2016, granted, now 10,069,855.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Claims priority of provisional application 62/222,463, filed on Sep.  23, 2015.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/00</b></i> (2022.01); <i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1433</b></i> (2013.01)&#xa0;[<i><b>H04L 63/20</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>18 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11888885-20240130-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method for identifying security vulnerabilities in a software library, the method comprising:<div class="claim_text">generating a test application for the software library;</div>
                <div class="claim_text">identifying methods and functions used in the software library;</div>
                <div class="claim_text">using the test application to implement a method call or a function call for each identified method and function, respectively, in the software library;</div>
                <div class="claim_text">analyzing the test application and the software library in a static application security testing (SAST) code analyzer, the analyzing of the test application and the software library in the SAST code analyzer comprising identifying a plurality of software entry points in the software library;</div>
                <div class="claim_text">obtaining one or more test results from the SAST code analyzer, wherein the one or more test results include manual test results in which one or more individuals have identified false positives;</div>
                <div class="claim_text">using the manual test results to identify security vulnerabilities in the software library; and</div>
                <div class="claim_text">using one of the manual test results to generate custom rules used when testing new applications that use the software library, wherein the custom rules are automatically generated by a custom rules generator, and wherein the custom rules model a behavior of a third party component and include passing tainted data from the test application to the software library.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>