&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12086266.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,086,266 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Techniques for identifying and validating security control steps in software development pipelines</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Eshel Yaron,  Tel Aviv (IL);  Tomer Schwartz,  Tel Aviv (IL); and  Barak Bercovitz,  Even-Yehuda (IL)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Dazz, Inc.,  Palo Alto, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Dazz, Inc.,  Palo Alto, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on May   20, 2022, as Appl. No. 17/664,315.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0376603 A1, Nov.  23, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 15/16</b></i> (2006.01); <i><b>G06F 9/54</b></i> (2006.01); <i><b>G06F 11/30</b></i> (2006.01); <i><b>G06F 11/36</b></i> (2006.01); <i><b>G06F 21/57</b></i> (2013.01); <i><b>H04L 29/06</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 21/577</b></i> (2013.01)&#xa0;[<i><b>G06F 11/3089</b></i> (2013.01); <i><b>G06F 11/3664</b></i> (2013.01); <i><b>G06F 11/3672</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>23 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12086266-20240910-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method for identifying security control steps in software development pipelines, comprising:<div class="claim_text">enumerating a plurality of steps in a software development infrastructure by analyzing software development pipeline data of the software development infrastructure, wherein each step includes a set of computer instructions for performing at least one task;</div>
                <div class="claim_text">creating a mapping of the software development infrastructure, wherein the mapping includes connections between components of the software development infrastructure, wherein the components of the software development infrastructure include the enumerated plurality of steps;</div>
                <div class="claim_text">updating an entity graph having a plurality of nodes representing respective entities of a plurality of entities, wherein each of the plurality of entities corresponds to one of the components of the software development infrastructure, wherein the entity graph is updated to include the nodes representing respective steps of the enumerated plurality of steps;</div>
                <div class="claim_text">creating a semantic concepts dictionary, wherein the semantic concepts dictionary defines a plurality of semantic concepts describing potential characteristics of the components of the software development infrastructure;</div>
                <div class="claim_text">creating the entity graph based on a plurality of correlations identified between entities of the plurality of entities; and</div>
                <div class="claim_text">building a knowledge base using the semantic concepts dictionary and the entity graph;</div>
                <div class="claim_text">identifying a plurality of step properties for each of the plurality of steps in step data of the step, wherein at least a portion of the step data is retrieved from the knowledge base; and</div>
                <div class="claim_text">classifying at least one of the plurality of steps as a security control step based on the plurality of step properties identified for each of the plurality of steps, wherein each step classified as a security control step includes instructions for at least analyzing code in order to determine whether at least one security requirement is met.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>