| CPC G06F 11/3692 (2013.01) [G06F 8/42 (2013.01)] | 16 Claims |
|
1. A computing apparatus, comprising:
one or more processors; and
a memory having stored therein machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to:
obtain, from a user via a user interface, an identification of computer code for analysis;
retrieve, from a memory storage device, the computer code based on the identification obtained from the user;
generate an abstract program representation of the retrieved computer code;
conduct execution behavior analysis of the computer code using the abstract program representation to generate a graphical representation of execution behavior for the computer code;
obtain a plurality of alerts generated from one or more automated static code analysis processes that are performed on the computer code;
compute respective alert metrics for the plurality of alerts using the abstract program representation and the graphical representation of execution behavior;
rank the plurality of alerts by the computed alert metrics;
output, to the user via the user interface, a ranked list of the plurality of alerts;
resolve at least one of the plurality of alerts based on the ranked list;
recalibrate at least one of the respective alert metrics for remaining one or more of the plurality of alerts;
update the ranked list upon determining that a subset of the ranked list of the plurality of alerts has been resolved; and
output, to the user via the user interface, the updated rank list.
|