US 12,314,391 B2
Application trust framework
Damien Carru, New York, NY (US); Pui Kei Johnston Chu, Richmond Hill (CA); Benoit Dageville, San Mateo, CA (US); Iulia Ion, Kirkland, WA (US); Unmesh Jagtap, San Mateo, CA (US); Subramanian Muralidhar, Mercer Island, WA (US); James Pan, Oakville (CA); Nihar Pasala, Mississauga (CA); Hrushikesh Shrinivas Paralikar, Hayward, CA (US); Jake Tsuyemura, San Mateo, CA (US); Ryan Charles Quistorff, Bellevue, WA (US); and Rishabh Gupta, San Francisco, CA (US)
Assigned to Snowflake Inc., Bozeman, MT (US)
Filed by Snowflake Inc., Bozeman, MT (US)
Filed on Apr. 30, 2024, as Appl. No. 18/650,636.
Application 18/650,636 is a continuation of application No. 18/168,852, filed on Feb. 14, 2023, granted, now 12,001,552.
Prior Publication US 2024/0281530 A1, Aug. 22, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/56 (2013.01); G06F 8/60 (2018.01); G06F 21/57 (2013.01)
CPC G06F 21/565 (2013.01) [G06F 8/60 (2013.01); G06F 2221/033 (2013.01)] 30 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
detecting, by one or more processors, an update of an application package on a data platform in a provider account, the provider account providing content to the data platform, the application package comprising a set of files for deployment on the data platform for use by a consumer of data services on the data platform;
copying, by the one or more processors, the set of files of the application package into a temporary outbound datastore of a scanner account;
adding, by the one or more processors, metadata to the application package, the metadata comprising a scan property status for each version and patch of the application package;
performing, by the one or more processors, a review of the set of files in the temporary outbound datastore based on the scan property status of the metadata, the review to detect malicious content based on a set of analysis rules; and
generating, by the one or more processors, a deployment decision for the application package for deployment from the provider account onto the data platform based on a result of the review.