Abstract: The present disclosure provides systems, methods, and computer-readable media for implementing security polices at software call stack level. In one example, a method includes generating a call stack classification scheme for an application, detecting a call stack during deployment of the application; using the call stack classification scheme during runtime of the application, classifying the detected call stack as one of an authorized call stack or an unauthorized call stack to yield a classification; and applying a security policy based on the classification.

Abstract: Systems, methods, and computer-readable for identifying known vulnerabilities in a software product include determining a set of one or more processed words based on applying text classification to one or more names associated with a product, where the text classification is based on analyzing a database of names associated with a database of products Similarity scores are determined between the set of one or more processed words and names associated with one or more known vulnerabilities maintained in a database of known vulnerabilities in products. Equivalence mapping is performed between the one or more names associated with the product and the one or more known vulnerabilities, based on the similarity scores. Known vulnerabilities in the product are identified based on the equivalence mapping.