| CPC G06F 21/577 (2013.01) [G06F 2221/033 (2013.01)] | 18 Claims |
|
1. A method of performing remediation for managing vulnerabilities in an application, the method comprising:
receiving, by a processor of a remediation system, data related to one or more source code associated with a plurality of vulnerabilities and a target source code of an application, from one or more data sources for generating a remediation workflow for the one or more source code;
identifying, by the processor of the remediation system, a commit-log comprising a plurality of code commits for the plurality of vulnerabilities of the one or more source code, wherein the identification comprises:
extracting, by the processor of the remediation system, one or more features associated with each code commit of the commit-log from the one or more data sources; and
extracting, by the processor of the remediation system, one or more test cases for each code commit based on the one or more features and exploit code associated with each code commit from the one or more data sources;
generating, by the processor of the remediation system, scripts for a traversal path between the one or more source code to the target source code based on the remediation workflow, by populating the one or more features associated with each code commit with a corresponding test case;
determining, by the processor of the remediation system, a lower bound limit and an upper bound limit in the traversal path to identify one or more optimal code commits log from the commit-log based on the extracted one or more test cases; and
performing, by the processor of the remediation system, remediation for the one or more source code by generating one or more security patches for the one or more optimal code commits log based on criteria associated with the plurality of vulnerabilities of the one or more source code.
|