&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12335290.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,335,290 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Automated matching of vulnerability data between vulnerability feeds</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Ariel M. Zelivansky,  Mountain View, CA (US);  Sharon Ben Zeev,  Tel Aviv (IL);  Shaul Ben Hai,  Petah Tikva (IL); and  Liron Levin,  Kefar Sava (IL)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Palo Alto Networks, Inc.,  Santa Clara, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Palo Alto Networks, Inc.,  Santa Clara, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on May   31, 2022, as Appl. No. 17/804,719.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0388330 A1, Nov.  30, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1433</b></i> (2013.01)</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12335290-20250617-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method comprising:<div class="claim_text">based on detection of a cybersecurity vulnerability update in a first publicly accessible data feed, determining likelihood that the cybersecurity vulnerability update and one of a plurality of informal cybersecurity vulnerability records describe a same cybersecurity vulnerability, wherein determining likelihood that the cybersecurity vulnerability update and one of the plurality of informal cybersecurity vulnerability records describe a same cybersecurity vulnerability comprises, for each of the plurality of informal cybersecurity vulnerability records,<div class="claim_text">assessing similarity of data of a first set of fields of the cybersecurity vulnerability update and data of a second set of fields of the informal cybersecurity vulnerability record,</div>
                  <div class="claim_text">wherein each of the first and second sets of fields at least comprises a prose description field,</div>
                  <div class="claim_text">wherein assessing similarity of data of the prose description field in the informal cybersecurity vulnerability record and the prose description field in the cybersecurity vulnerability update comprises pre-processing the prose descriptions to clean and trim text and measuring similarity based on text distance or text representation; and</div>
                  <div class="claim_text">updating a confidence variable of the informal cybersecurity vulnerability record based, at least in part, on assessed similarity of the data; and</div>
                </div>
                <div class="claim_text">identifying a first of the plurality of informal cybersecurity vulnerability records having a greatest value for the confidence variable among the plurality of informal cybersecurity vulnerability records;</div>
                <div class="claim_text">determining that the confidence variable for the first informal cybersecurity vulnerability record satisfies a threshold for automatic merging;</div>
                <div class="claim_text">automatically merging data from the cybersecurity vulnerability update with data from the first informal vulnerability record based on the determination that the confidence variable for the first informal cybersecurity vulnerability record satisfies the threshold for automatic merging; and</div>
                <div class="claim_text">publishing a security advisory with the merged data from the first informal vulnerability record and from the cybersecurity vulnerability update identified with its common vulnerability enumerator (CVE) identifier.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>