	US 12,475,232 B2
	Runtime application monitoring without modifying application program code
Christien R. Rioux, Somerville, MA (US); and Robert Anthony Layzell, Novato, CA (US)
Assigned to Veracode, Inc., Burlington, MA (US)
Filed by Veracode, Inc., Burlington, MA (US)
Filed on May 31, 2024, as Appl. No. 18/680,130.
Application 18/680,130 is a continuation of application No. 17/287,057, granted, now 12,001,564, previously published as PCT/US2020/029718, filed on Apr. 24, 2020.
Prior Publication US 2024/0320344 A1, Sep. 26, 2024
Int. Cl. G06F 11/00 (2006.01); G06F 11/30 (2006.01); G06F 11/3604 (2025.01); G06F 21/57 (2013.01)

CPC G06F 21/577 (2013.01) [G06F 11/302 (2013.01); G06F 11/3093 (2013.01); G06F 11/3612 (2013.01)]

20 Claims

1. A method comprising:

based on loading of an application into a runtime engine for execution, creating a plurality of hooks for a corresponding plurality of target functions of an application programming interface (API) of the runtime engine based on maintained indications of target functions of the API of the runtime engine, wherein each of the plurality of hooks associates one of the plurality of target functions with a corresponding one of a plurality of analysis code units;

detecting invocation of a first target function of the plurality of target functions of the API by the runtime engine during execution of the application in the runtime engine,

wherein invocation of the first target function by the runtime engine triggers a corresponding one of the plurality of hooks; and

performing an action for at least one of monitoring and analyzing the application executing in the runtime engine based on executing a first analysis code unit of the plurality of analysis code units that has been associated with the first target function via the corresponding one of the plurality of hooks.