-
公开(公告)号:US20250045413A1
公开(公告)日:2025-02-06
申请号:US18230577
申请日:2023-08-04
Applicant: SAP SE
Inventor: Merve Sahin , Marco Rosa
Abstract: Contribution requests to a code repository are analyzed with a machine learning model before publishing. The machine learning model can be trained with past metadata of the contributor. Metadata can be extracted from the requests to determine whether the request is atypical for the contributor via a risk score. Requests determined to be atypical can be flagged for action by a security manager. Realtime assessment of code contributions can increase overall software security in a software development context.
-
公开(公告)号:US20240143797A1
公开(公告)日:2024-05-02
申请号:US17975290
申请日:2022-10-27
Applicant: SAP SE
Inventor: Slim Trabelsi , Marco Rosa
IPC: G06F21/60
CPC classification number: G06F21/604
Abstract: Techniques for automatically revoking leaked access credentials are disclosed. In some embodiments, a computer system may receive an indication that a credential for accessing a resource has been leaked, where the credential has been leaked by being included in content that has been published on an online service or has been stored in a shared folder of the online service. The computer system may then determine that the credential is effective in accessing the resource, and, in response to the determining that the credential is effective, trigger a revocation of the credential, the revocation of the credential causing the credential to no longer be effective in accessing the resource.
-
3.
公开(公告)号:US11481501B2
公开(公告)日:2022-10-25
申请号:US16778872
申请日:2020-01-31
Applicant: SAP SE
Inventor: Slim Trabelsi , Sofiane Lounici , Marco Rosa , Carlo Maria Negri
Abstract: Source code is scanned to generate a list of vulnerable tokens. Thereafter, the list of vulnerable tokens is inputted into a machine learning model to identify false positives in the list of vulnerable tokens. Based on this identification, the list of vulnerable tokens can be modified to remove the identified false positives. Related apparatus, systems, techniques and articles are also described.
-
4.
公开(公告)号:US20210240834A1
公开(公告)日:2021-08-05
申请号:US16778872
申请日:2020-01-31
Applicant: SAP SE
Inventor: Slim Trabelsi , Sofiane Lounici , Marco Rosa , Carlo Maria Negri
Abstract: Source code is scanned to generate a list of vulnerable tokens. Thereafter, the list of vulnerable tokens is inputted into a machine learning model to identify false positives in the list of vulnerable tokens. Based on this identification, the list of vulnerable tokens can be modified to remove the identified false positives. Related apparatus, systems, techniques and articles are also described.
-
-
-