Abstract: A system allows users to submit information describing system defects, for example, defects in software systems. The system stores information describing defects for multiple external systems. The system further allows users to specify de-duplication rules for determining duplicate defects submitted by users. A de-duplication rule is associated with an original system defect and specifies regular expressions that are evaluated against a target system defect. The evaluation of the regular expressions against the target system defect indicates whether the target system defect is a duplicate of the original system defect. If the target system defect is determined to be a duplicate of another existing system defect, the target system defect may be closed.

Abstract: A system allows users to submit information describing system defects, for example, defects in software systems. The system stores information describing defects for multiple external systems. The system further allows users to specify de-duplication rules for determining duplicate defects submitted by users. A de-duplication rule is associated with an original system defect and specifies regular expressions that are evaluated against a target system defect. The evaluation of the regular expressions against the target system defect indicates whether the target system defect is a duplicate of the original system defect. If the target system defect is determined to be a duplicate of another existing system defect, the target system defect may be closed.

Abstract: Techniques for improving communication and expectation setting between various parties/communities of a crowdsourced platform are disclosed. The platform is used for reporting issues in a target system, program or product. A customer/subscriber entity enters a target brief in the platform. In response, a researcher enters a submission in the system. If the submission is valid, it is presented to the customer and a response-time or service level agreement (SLA) timer is started. If the customer agrees with the submission, it is marked as complete and the researcher is paid. If the customer disputes the submission, a third-party intervenes and the timer is paused until dispute resolution. If the submission requires more information the researcher is requested accordingly and the timer is reset. If at any point, the timer expires, the parties are notified and the submission is closed.

Abstract: This invention discloses systems and methods for detecting vulnerabilities in IT assets by utilizing crowdsourcing techniques. A corpus containing vulnerability data of IT assets with known vulnerabilities is established. Vulnerability data in the corpus comprises security aspects or attributes related to the IT assets. The security aspects of an IT asset constitute its attack surface which is represented as a feature vector in a feature space. A determination is made as to how similar/close a target asset whose unknown vulnerabilities are to be detected, is to the rest of the IT assets in the corpus. This determination is made based on a measure of similarity/distance between the respective feature vectors in the feature space. Based on the review of similarity results by a community of researchers/experts, a determination of unknown vulnerabilities in the target system is made.

Abstract: This invention discloses systems and methods for detecting vulnerabilities in IT assets by utilizing crowdsourcing techniques. A corpus containing vulnerability data of IT assets with known vulnerabilities is established. Vulnerability data in the corpus comprises security aspects or attributes related to the IT assets. The security aspects of an IT asset constitute its attack surface which is represented as a feature vector in a feature space. A determination is made as to how similar/close a target asset whose unknown vulnerabilities are to be detected, is to the rest of the IT assets in the corpus. This determination is made based on a measure of similarity/distance between the respective feature vectors in the feature space. Based on the review of similarity results by a community of researchers/experts, a determination of unknown vulnerabilities in the target system is made.