| CPC G06F 40/279 (2020.01) [G06F 9/54 (2013.01); G06F 21/604 (2013.01); G06F 40/205 (2020.01)] | 20 Claims |
|
1. A method comprising:
parsing application programming interface (API) documentation of an API published by a vendor to generate parsed API documentation, wherein the API documentation defines format of a plurality of API responses for functions of an API of the vendor, wherein the plurality of API responses comprises corresponding ones of a plurality of response fields indicated in the API documentation;
determining a first subset of the plurality of response fields that are related to security and a second subset of the plurality of response fields that are not related to security based on determining which of the plurality of response fields are indicated in security policies enforced for resources of the vendor;
extracting, from the parsed API documentation, first descriptions corresponding to the first subset of response fields and second descriptions corresponding to the second subset of response fields;
generating a set of training data from the first and second subsets of response fields and the corresponding first and second descriptions based on labelling each of the first descriptions as related to security and labelling each of the second descriptions as not related to security; and
training, on the set of training data, a text classifier to classify response fields of new or unknown API functions as related to security or not related to security based on response field descriptions provided as input.
|