Patents by Inventor John T. Peyton
John T. Peyton has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11544384Abstract: A computer-implemented method includes obtaining, by a processor, existing security information for static application security testing (SAST). The method also includes using, by the processor, the existing security information to discover, by a machine capable of learning, new security information. The method also includes improving, by the processor, security of a computer using the new security information.Type: GrantFiled: April 12, 2019Date of Patent: January 3, 2023Assignee: International Business Machines CorporationInventors: Kristofer A. Duer, John T. Peyton, Jr., Babita Sharma, David E. Stewart, Jason N. Todd, Shu Wang
-
Patent number: 10614218Abstract: A computer-implemented method for security scanning application code includes executing, via a processor, a full scan of the application code and generating a program intermediate representation (IR) and a list of security findings determined by the full scan. The processor executes an incremental scan of the application code after at least one change to the application code, and identifies at least one changed file in the application code. The processor then generates an incremental intermediate representation (IR) based at least in part on the at least one changed file. The processor merges the saved scan state and the incremental IR, produces a merged scan state, and outputs security findings based at least in part on the merged scan state and the incremental IR.Type: GrantFiled: April 11, 2017Date of Patent: April 7, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: John T. Peyton, Jr., Babita Sharma, Jason N. Todd, Jeffrey C. Turnham, Mathieu Merineau, Ettore Merlo
-
Patent number: 10592405Abstract: Vulnerability testing of applications may include one or more of identifying a number of paths from a software application being tested, identifying a number of nodes associated with the paths, determining one or more of the paths which share one or more of the nodes, designating the paths which share the nodes as overlapping paths, and displaying the overlapping paths and the shared nodes as an interactive visualization to identify to identify optimal locations to fix one or more vulnerability findings.Type: GrantFiled: October 3, 2017Date of Patent: March 17, 2020Assignee: International Business Machines CorporationInventors: Kristofer A. Duer, John T. Peyton, Stephen D. Teilhet, Lin Tan, Jinqiu Yang
-
Publication number: 20190236483Abstract: A computer-implemented method includes obtaining, by a processor, existing security information for static application security testing (SAST). The method also includes using, by the processor, the existing security information to discover, by a machine capable of learning, new security information. The method also includes improving, by the processor, security of a computer using the new security information.Type: ApplicationFiled: April 12, 2019Publication date: August 1, 2019Inventors: Kristofer A. Duer, John T. Peyton, JR., Babita Sharma, David E. Stewart, Jason N. Todd, Shu Wang
-
Patent number: 10339320Abstract: A computer-implemented method includes obtaining, by a processor, existing security information for static application security testing (SAST). The method also includes using, by the processor, the existing security information to discover, by a machine capable of learning, new security information. The method also includes improving, by the processor, security of a computer using the new security information.Type: GrantFiled: November 18, 2016Date of Patent: July 2, 2019Assignee: International Business Machines CorporationInventors: Kristofer A. Duer, John T. Peyton, Jr., Babita Sharma, David E. Stewart, Jason N. Todd, Shu Wang
-
Patent number: 10324825Abstract: A source code processing application may process source code and realize the results of the code in a map configuration. In one example, the map may be displayed with a number of stations and pathways between the stations to illustrate associations with classes of the source code. An example method of operation may include one or more of retrieving source code comprising a class from memory, processing the source code to identify an error associated with the class, creating a map with a station linked to the error, and displaying the map on a device.Type: GrantFiled: August 14, 2018Date of Patent: June 18, 2019Assignee: International Business Machines CorporationInventors: Kristofer A. Duer, John T. Peyton, Johnathan D. Smith, Stephen D. Teilhet, Jason N. Todd, Lin Tan, Jinqiu Yang
-
Publication number: 20190102286Abstract: Vulnerability testing of applications may include one or more of identifying a number of paths from a software application being tested, identifying a number of nodes associated with the paths, determining one or more of the paths which share one or more of the nodes, designating the paths which share the nodes as overlapping paths, and displaying the overlapping paths and the shared nodes as an interactive visualization to identify to identify optimal locations to fix one or more vulnerability findings.Type: ApplicationFiled: October 3, 2017Publication date: April 4, 2019Inventors: Kristofer A. Duer, John T. Peyton, Stephen D. Teilhet, Lin Tan, Jinqiu Yang
-
Publication number: 20180357151Abstract: A source code processing application may process source code and realize the results of the code in a map configuration. In one example, the map may be displayed with a number of stations and pathways between the stations to illustrate associations with classes of the source code. An example method of operation may include one or more of retrieving source code comprising a class from memory, processing the source code to identify an error associated with the class, creating a map with a station linked to the error, and displaying the map on a device.Type: ApplicationFiled: August 14, 2018Publication date: December 13, 2018Inventors: Kristofer A. Duer, John T. Peyton, Johnathan D. Smith, Stephen D. Teilhet, Jason N. Todd, Lin Tan, Jinqiu Yang
-
Patent number: 10089215Abstract: A source code processing application may process source code and realize the results of the code in a map configuration. In one example, the map may be displayed with a number of stations and pathways between the stations to illustrate associations with classes of the source code. An example method of operation may include one or more of retrieving source code comprising a class from memory, processing the source code to identify an error associated with the class, creating a map with a station linked to the error, and displaying the map on a device.Type: GrantFiled: September 23, 2016Date of Patent: October 2, 2018Assignee: International Business Machines CorporationInventors: Kristofer A. Duer, John T. Peyton, Stephen D. Teilhet, Jason N. Todd, Lin Tan, Jinqui Yang
-
Publication number: 20180144127Abstract: A computer-implemented method includes obtaining, by a processor, existing security information for static application security testing (SAST). The method also includes using, by the processor, the existing security information to discover, by a machine capable of learning, new security information. The method also includes improving, by the processor, security of a computer using the new security information.Type: ApplicationFiled: November 18, 2016Publication date: May 24, 2018Inventors: Kristofer A. Duer, John T. Peyton, JR., Babita Sharma, David E. Stewart, Jason N. Todd, Shu Wang
-
Publication number: 20180137279Abstract: A computer-implemented method for security scanning application code includes executing, via a processor, a full scan of the application code and generating a program intermediate representation (IR) and a list of security findings determined by the full scan. The processor executes an incremental scan of the application code after at least one change to the application code, and identifies at least one changed file in the application code. The processor then generates an incremental intermediate representation (IR) based at least in part on the at least one changed file. The processor merges the saved scan state and the incremental IR, produces a merged scan state, and outputs security findings based at least in part on the merged scan state and the incremental IR.Type: ApplicationFiled: April 11, 2017Publication date: May 17, 2018Inventors: John T. Peyton, Jr., Babita Sharma, Jason N. Todd, Jeffrey C. Turnham, Mathieu Merineau, Ettore Merlo
-
Publication number: 20180089064Abstract: A source code processing application may process source code and realize the results of the code in a map configuration. In one example, the map may be displayed with a number of stations and pathways between the stations to illustrate associations with classes of the source code. An example method of operation may include one or more of retrieving source code comprising a class from memory, processing the source code to identify an error associated with the class, creating a map with a station linked to the error, and displaying the map on a device.Type: ApplicationFiled: September 23, 2016Publication date: March 29, 2018Inventors: Kristofer A. Duer, John T. Peyton, Jonathan D. Smith, Stephen D. Teilhet, Jason N. Todd, Lin Tan, Jinqiu Yang
-
Patent number: 9749345Abstract: A computer-implemented method, computer program product, and computing system is provided for reporting security vulnerabilities. In an embodiment, a method may include receiving a set of potential security vulnerabilities associated with a program. The method may also include filtering the set of potential security vulnerabilities by eliminating one or more spurious security vulnerabilities to generate a set of likely security vulnerabilities. The method may further include consolidating the set of likely security vulnerabilities into one or more solution categories, each of the one or more solutions categories defining a solution for remedying each of the likely security vulnerabilities within the solution category.Type: GrantFiled: April 22, 2015Date of Patent: August 29, 2017Assignee: International Business Machines CorporationInventors: Kristofer A. Duer, Omer Tripp, Stephen D. Teilhet, John T. Peyton, Jr.
-
Publication number: 20160315961Abstract: A computer-implemented method, computer program product, and computing system is provided for reporting security vulnerabilities. In an embodiment, a method may include receiving a set of potential security vulnerabilities associated with a program. The method may also include filtering the set of potential security vulnerabilities by eliminating one or more spurious security vulnerabilities to generate a set of likely security vulnerabilities. The method may further include consolidating the set of likely security vulnerabilities into one or more solution categories, each of the one or more solutions categories defining a solution for remedying each of the likely security vulnerabilities within the solution category.Type: ApplicationFiled: April 22, 2015Publication date: October 27, 2016Inventors: Kristofer A. Duer, Omer Tripp, Stephen D. Teilhet, John T. Peyton, JR.
-
Patent number: 9160762Abstract: Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace for the received source code. Responsive to a determination that all static analysis results are not validated, mock objects are generated using the vulnerability call trace and a unit test is created using the generated mock objects. The unit test is executed using the generated mock objects and responsive to a determination that an identified vulnerability was validated; a next static analysis result is selected. Responsive to a determination that all static analysis results are validated, results and computed unit tests are reported.Type: GrantFiled: December 18, 2014Date of Patent: October 13, 2015Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Nevon C. Brake, Paul Ionescu, Iosif Viorel Onut, John T. Peyton, Jr., Wayne Duncan Smith
-
Publication number: 20150156216Abstract: Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace for the received source code. Responsive to a determination that all static analysis results are not validated, mock objects are generated using the vulnerability call trace and a unit test is created using the generated mock objects. The unit test is executed using the generated mock objects and responsive to a determination that an identified vulnerability was validated; a next static analysis result is selected. Responsive to a determination that all static analysis results are validated, results and computed unit tests are reported.Type: ApplicationFiled: December 18, 2014Publication date: June 4, 2015Inventors: Nevon C. Brake, Paul Ionescu, Iosif Viorel Onut, John T. Peyton, JR., Wayne Duncan Smith
-
Patent number: 8935794Abstract: Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace for the received source code. Responsive to a determination that all static analysis results are not validated, mock objects are generated using the vulnerability call trace and a unit test is created using the generated mock objects. The unit test is executed using the generated mock objects and responsive to a determination that an identified vulnerability was validated; a next static analysis result is selected. Responsive to a determination that all static analysis results are validated, results and computed unit tests are reported.Type: GrantFiled: May 7, 2013Date of Patent: January 13, 2015Assignee: International Business Machines CorporationInventors: Nevon C. Brake, Paul Ionescu, Iosif Viorel Onut, John T. Peyton, Jr., Wayne Duncan Smith
-
Publication number: 20130312102Abstract: Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace for the received source code. Responsive to a determination that all static analysis results are not validated, mock objects are generated using the vulnerability call trace and a unit test is created using the generated mock objects. The unit test is executed using the generated mock objects and responsive to a determination that an identified vulnerability was validated; a next static analysis result is selected. Responsive to a determination that all static analysis results are validated, results and computed unit tests are reported.Type: ApplicationFiled: May 7, 2013Publication date: November 21, 2013Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Nevon C. Brake, Paul Ionescu, Iosif Viorel Onut, John T. Peyton, JR., Wayne Duncan Smith
-
Patent number: 8434070Abstract: Systems and methods are provided for creating a data structure associated with a software application that is based on at least one framework. According to the method, source code and at least one configuration file of the software application is analyzed by at least one framework-specific processor so as to determine entry point information indicating entry points in the source code, request attribute access information indicating where attributes attached to a request data structure are read and written, and forward information indicating forwards performed by the software application. A data structure for a static analysis engine is created based on this information. The data structure includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework.Type: GrantFiled: October 26, 2010Date of Patent: April 30, 2013Assignee: International Business Machines CorporationInventors: Shay Artzi, Ryan Berg, John T. Peyton, Jr., Marco Pistoia, Manu Sridharan, Robert Wiener
-
Publication number: 20120102471Abstract: Systems and methods are provided for creating a data structure associated with a software application that is based on at least one framework. According to the method, source code and at least one configuration file of the software application is analyzed by at least one framework-specific processor so as to determine entry point information indicating entry points in the source code, request attribute access information indicating where attributes attached to a request data structure are read and written, and forward information indicating forwards performed by the software application. A data structure for a static analysis engine is created based on this information. The data structure includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework.Type: ApplicationFiled: October 26, 2010Publication date: April 26, 2012Applicant: International Business Machines CorporationInventors: Shay ARTZI, Ryan BERG, John T. PEYTON, JR., Marco PISTOIA, Manu SRIDHARAN, Robert WIENER