| CPC G06F 21/577 (2013.01) [G06F 21/51 (2013.01); G06N 5/04 (2013.01); G06N 20/00 (2019.01); G06V 30/416 (2022.01); G06F 2221/033 (2013.01)] | 20 Claims |
|
1. An apparatus comprising:
a memory configured to store:
descriptions of one or more known software vulnerabilities, wherein each description of a known software vulnerability comprises text and identifies one or more software components that are associated with the known vulnerability; and
information generated by a monitoring subsystem, wherein:
the monitoring subsystem is configured to monitor a set of software programs installed within a computer system; and
the information comprises one or more descriptions of issues, each description of an issue comprising text and associated with at least one software program of the set of software programs; and
a hardware processor communicatively coupled to the memory, the hardware processor configured to:
generate, based on a comparison between the text of the descriptions of the one or more known software vulnerabilities and the text of the descriptions of the one or more issues affecting the computer system, a set of mappings, each mapping associating a software program that is associated with an issue of the one or more issues with a known software vulnerability of the one or more known software vulnerabilities;
use a machine learning algorithm to predict, based at least on the set of mappings and information generated by the monitoring system that is associated with a given software program, that the given software program is associated with a particular software vulnerability of the one or more software vulnerabilities, wherein:
the given software program is installed within the computer system;
the set of mappings does not include a mapping associating the given software program with the particular software vulnerability; and
a probability that the given software program exhibits the particular software vulnerability is greater than a threshold; and
in response to predicting that the given software program is associated with the particular software vulnerability, generate an alert indicating that the given software program is susceptible to security breaches through the particular software vulnerability.
|