&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11947450.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,947,450 B1</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Detecting and mitigating application security threats based on quantitative analysis</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Timucin Ozugur,  Fairview, TX (US); and  Mark Trenton Cimijotti,  Monroe, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Bank of America Corporation,  Charlotte, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Bank of America Corporation,  Charlotte, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Sep.  16, 2022, as Appl. No. 17/932,792.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 11/36</b></i> (2006.01); <i><b>G06F 8/60</b></i> (2018.01); <i><b>G06F 8/70</b></i> (2018.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 11/3692</b></i> (2013.01)&#xa0;[<i><b>G06F 8/60</b></i> (2013.01); <i><b>G06F 8/70</b></i> (2013.01); <i><b>G06F 11/3608</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11947450-20240402-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">8. A method comprising:<div class="claim_text">executing a static security model to analyze each of a group of development code sets to detect a number of corresponding threat objects in each of the development code sets;</div>
                <div class="claim_text">determining whether the number of the threat objects detected in each development code set is lower than a corresponding static threat threshold;</div>
                <div class="claim_text">in response to determining that the number of the corresponding threat objects in each of the group of the development code sets is lower than the corresponding static threat threshold, combining the group of the development code sets, to generate combined development code sets, to run an application;</div>
                <div class="claim_text">in response to running the application, executing a run-time security model to analyze the combined development code sets to determine a set of threat object measurements and a set of false positive measurements for a plurality of application product releases for the application, wherein each of the threat object measurements represents a number of threat objects detected in each of the application product releases for the application, and wherein each of the false positive measurements represents a number of false positive threat objects detected in a corresponding application product release;</div>
                <div class="claim_text">for each of the application product releases, determining a set of threat threshold ratios between a run-time threat threshold and a highest value of a set of run-time threat thresholds;</div>
                <div class="claim_text">for each of the application product releases, determining a set of false positive ratios between each of the false positive measurements and a highest value of the set of the false positive measurements;</div>
                <div class="claim_text">generating an array of quartile weights corresponding to a set of quartile ranges of the threat threshold ratios and a set of quartile ranges of the false positive ratios associated with the application;</div>
                <div class="claim_text">generating a first adjusted threat object measurement of the application product releases for the application based on a corresponding quartile weight of the application in the array; and</div>
                <div class="claim_text">determining, based on the first adjusted threat object measurement, whether to trigger a development security model for the application.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>