公开(公告)号：US11188648B2

公开(公告)日：2021-11-30

申请号：US15751614

申请日：2015-08-12

Applicant: ENTIT Software LLC

Inventor： Michael Jason Schmitt ,  Guy Wiener ,  Emil Kiner ,  Tomer Priel

IPC: H04L29/06 ,  G06F21/56 ,  G06F21/54 ,  G06K9/62

Abstract: A technique includes receiving data representing an output of a security scan of an application and an audit of the security scan by a human auditor. The output represents a security issue with the application, which is identified by the security scan, and the audit represents an analysis of the security issue by the human auditor. The technique includes training a security scan classifier to learn a classification preference of the human auditor. Training the security scan classifier includes, processing the data in a processor-based machine to, based at least in part on the output of the security scan and the analysis of the security scan by the human auditor, learn the classification preference of the human auditor to the issue to build a classification model for the issue.

公开(公告)号：US20180239904A1

公开(公告)日：2018-08-23

申请号：US15751279

申请日：2015-08-12

Applicant: ENTIT Software LLC

Inventor： Emil Kiner ,  Guy Wiener ,  Alexander Michael Hoole ,  Michael Jason Schmit ,  Yekaterina Tsipenyuk O'Neil ,  Dylan B. Thomas ,  Daniel Haviv Trauner

IPC: G06F21/57 ,  G06F21/56 ,  H04L29/06

CPC classification number: G06F21/577 ,  G06F21/562 ,  H04L63/20

Abstract: A technique includes receiving data representing issues identified in a security scan of an application and features associated with the issues. The technique includes processing the data in a processor-based machine to selectively assign classifiers to the security issues based at least in part on the features. The technique includes using the assigned classifiers to classify the issues.

公开(公告)号：US20210073383A1

公开(公告)日：2021-03-11

申请号：US15751614

申请日：2015-08-12

Applicant: ENTIT SOFTWARE LLC

Inventor： Michael Jason Schmitt ,  Guy Wiener ,  Emil Kiner ,  Tomer Priel

IPC: G06F21/56 ,  G06F21/54 ,  G06K9/62

Abstract: A technique includes receiving data representing an output of a security scan of an application and an audit of the security scan by a human auditor. The output represents a security issue with the application, which is identified by the security scan, and the audit represents an analysis of the security issue by the human auditor. The technique includes training a security scan classifier to learn a classification preference of the human auditor. Training the security scan classifier includes, processing the data in a processor-based machine to, based at least in part on the output of the security scan and the analysis of the security scan by the human auditor, learn the classification preference of the human auditor to the issue to build a classification model for the issue.