GitLab‘s patented method involves managing source code through a system, scanning for vulnerabilities, and generating unique fingerprints for identified vulnerabilities based on their scope and offset. The process includes deduplication and storing data in a vulnerability database for effective vulnerability management. GlobalData’s report on GitLab gives a 360-degree view of the company including its patenting strategy. Buy the report here.

According to GlobalData’s company profile on GitLab, was a key innovation area identified from patents. GitLab's grant share as of February 2024 was 60%. Grant share is based on the ratio of number of grants to total number of patents.

Method for analyzing software projects for vulnerabilities

Source: United States Patent and Trademark Office (USPTO). Credit: GitLab Inc

A recently granted patent (Publication Number: US11868482B2) outlines a method for analyzing software projects for vulnerabilities. The method involves receiving source code, generating a parse tree from the code, extracting scopes of source code blocks, receiving vulnerability reports from code scanners, matching vulnerabilities to corresponding scopes, generating fingerprints for vulnerabilities, deduplicating vulnerabilities using these fingerprints, and producing a refined vulnerabilities report. The method aims to streamline the identification and management of vulnerabilities within software projects by utilizing a systematic approach that involves parsing the code, matching vulnerabilities to specific scopes, and generating unique fingerprints for each vulnerability to aid in deduplication.

Furthermore, the patent details the use of a computer program product that implements the method described above. The program product includes instructions encoded on a non-transitory computer-readable storage medium that, when executed by a processor, carry out the steps of receiving source code, generating a parse tree, extracting scopes, matching vulnerabilities to scopes, generating fingerprints, deduplicating vulnerabilities, and generating a refined vulnerabilities report. By automating these processes through a computer program product, the method becomes more efficient and scalable, allowing for the analysis of large software projects for vulnerabilities. The use of parse trees, scopes, and fingerprints enhances the accuracy and effectiveness of vulnerability identification and management, ultimately contributing to the overall security and integrity of software systems.

To know more about GlobalData’s detailed insights on GitLab, buy the report here.

Premium Insights

From

The gold standard of business intelligence.

Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.

GlobalData

GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.

GlobalData Patent Analytics tracks bibliographic data, legal events data, point in time patent ownerships, and backward and forward citations from global patenting offices. Textual analysis and official patent classifications are used to group patents into key thematic areas and link them to specific companies across the world’s largest industries.