US 12,346,676 B2
System and method for managing software application currency
Amanda Barkus, Apex, NC (US); and Nicole Ann Chiantello, Lakewood, CO (US)
Assigned to METROPOLITAN LIFE ISURANCE CO., New York, NY (US)
Filed by METROPOLITAN LIFE INSURANCE CO., New York, NY (US)
Filed on Sep. 23, 2020, as Appl. No. 17/029,732.
Claims priority of provisional application 62/905,674, filed on Sep. 25, 2019.
Prior Publication US 2021/0089286 A1, Mar. 25, 2021
Int. Cl. G06F 9/44 (2018.01); G06F 8/41 (2018.01); G06F 8/65 (2018.01); G06F 8/71 (2018.01)
CPC G06F 8/433 (2013.01) [G06F 8/65 (2013.01); G06F 8/71 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method for managing software application currency, the method comprising:
receiving a notification that a plurality of software applications within a deployed environment are subject to a security risk;
identifying a first group of the plurality of software applications as being subject to the security risk;
identifying a second group of the plurality of software applications as not being subject to the security risk;
for a first software application of the first group:
scanning a source code repository corresponding to the first software application within a development environment;
detecting a first dependency corresponding to the first software application as being subject to the security risk based on the scan of the source code repository corresponding to the first software application;
linking the first dependency to the first software application on a master update table within the development environment;
determining a first version and a second version corresponds to the first dependency;
ranking the first version and the second version on the master update table within the development environment based on a first version currency and a second version currency;
prioritizing the first software application for a currency update within the deployed environment, based at least on the ranking of the second version currency being more current than the first version currency;
for a second software application of the first group:
scanning a source code repository corresponding to the second software application within the development environment;
detecting a second dependency corresponding to the second software application as being subject to the security risk based on the scan of the source code repository corresponding to the second software application;
linking the second dependency to the second software application on the master update table within the development environment;
matching the second dependency to the first dependency on the master update table based on a determination that the second dependency and the first dependency are the same dependency;
determining that a third version corresponds to the second dependency;
ranking the third version on the master update table within the development environment based on a third version currency;
determining that the third version currency is less current than the first version currency based on the master update table rankings;
modifying the priority of the currency update from the first software application to the second software application based at least on the third version currency being less current than the first version currency; and
updating, within the deployed environment, the second software application to mitigate the security risk.