公开(公告)号：US11188648B2

公开(公告)日：2021-11-30

申请号：US15751614

申请日：2015-08-12

Applicant: ENTIT Software LLC

Inventor： Michael Jason Schmitt ,  Guy Wiener ,  Emil Kiner ,  Tomer Priel

IPC: H04L29/06 ,  G06F21/56 ,  G06F21/54 ,  G06K9/62

Abstract: A technique includes receiving data representing an output of a security scan of an application and an audit of the security scan by a human auditor. The output represents a security issue with the application, which is identified by the security scan, and the audit represents an analysis of the security issue by the human auditor. The technique includes training a security scan classifier to learn a classification preference of the human auditor. Training the security scan classifier includes, processing the data in a processor-based machine to, based at least in part on the output of the security scan and the analysis of the security scan by the human auditor, learn the classification preference of the human auditor to the issue to build a classification model for the issue.

公开(公告)号：US20180314984A1

公开(公告)日：2018-11-01

申请号：US15751289

申请日：2015-08-12

Applicant: ENTIT SOFTWARE LLC

Inventor： Guy Wiener ,  Emil KINER ,  Michael Jason SCHMITT

IPC: G06N99/00 ,  G06F21/55

CPC classification number: G06Q10/06 ,  G09B19/18

Abstract: A technique includes receiving issue data, which represents an issue identified by a security scan of an application and attributes of the issue. The technique includes applying a machine classifier to the issue data to prioritize the issue; based at least in part on a human audit of the classified data, generating additional issue data representing a priority correction for the issue; and retraining the classifier based on the additional issue data.

公开(公告)号：US20180239904A1

公开(公告)日：2018-08-23

申请号：US15751279

申请日：2015-08-12

Applicant: ENTIT Software LLC

Inventor： Emil Kiner ,  Guy Wiener ,  Alexander Michael Hoole ,  Michael Jason Schmit ,  Yekaterina Tsipenyuk O'Neil ,  Dylan B. Thomas ,  Daniel Haviv Trauner

IPC: G06F21/57 ,  G06F21/56 ,  H04L29/06

CPC classification number: G06F21/577 ,  G06F21/562 ,  H04L63/20

Abstract: A technique includes receiving data representing issues identified in a security scan of an application and features associated with the issues. The technique includes processing the data in a processor-based machine to selectively assign classifiers to the security issues based at least in part on the features. The technique includes using the assigned classifiers to classify the issues.

公开(公告)号：US20210073383A1

公开(公告)日：2021-03-11

申请号：US15751614

申请日：2015-08-12

Applicant: ENTIT SOFTWARE LLC

Inventor： Michael Jason Schmitt ,  Guy Wiener ,  Emil Kiner ,  Tomer Priel

IPC: G06F21/56 ,  G06F21/54 ,  G06K9/62

Abstract: A technique includes receiving data representing an output of a security scan of an application and an audit of the security scan by a human auditor. The output represents a security issue with the application, which is identified by the security scan, and the audit represents an analysis of the security issue by the human auditor. The technique includes training a security scan classifier to learn a classification preference of the human auditor. Training the security scan classifier includes, processing the data in a processor-based machine to, based at least in part on the output of the security scan and the analysis of the security scan by the human auditor, learn the classification preference of the human auditor to the issue to build a classification model for the issue.