Search

US-20260127291-A1 - SYSTEMS AND METHODS FOR DETERMINING APPLICATION ASSET CHANGES IN DATA SOURCES DURING APPLICATION DEVELOPMENT AND DEPLOYMENT

US20260127291A1US 20260127291 A1US20260127291 A1US 20260127291A1US-20260127291-A1

Abstract

Various embodiments of this disclosure relate generally to determining a security risk in one or more application environments. The method comprises: receiving, by one or more processors, a set of data source fields corresponding to an application asset, retrieving, a set of stored data source fields for the application asset from a data store, identifying, one or more change indicators based on the set of stored data source fields for the application asset and the received set of data source fields, determining, whether at least one of the one or more change indicators includes a material change or a non-material change, in response to determining that the at least one change indicator does include a material change, generating, a notification comprising an approval request for the at least one change indicator classified as a material change, and outputting, the notification to a user interface of a user device.

Inventors

  • Ryan WILLETT
  • Curtis HAMMOCK
  • Dennis Kampen
  • Lisa HAINES
  • Tyler Deknecht

Assignees

  • STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANY

Dates

Publication Date
20260507
Application Date
20241106

Claims (20)

  1. 1 . A computer-implemented method for determining a security risk in one or more application environments, the computer-implemented method comprising: receiving, by one or more processors, a set of data source fields corresponding to an application asset; retrieving, by the one or more processors, a set of stored data source fields for the application asset from a data store; identifying, by the one or more processors, one or more change indicators based on the set of stored data source fields for the application asset and the received set of data source fields; determining, by the one or more processors, whether at least one of the one or more change indicators includes a material change or a non-material change; in response to determining that the at least one change indicator does include a material change, generating, by the one or more processors, a notification comprising an approval request for the at least one change indicator classified as a material change; and outputting, by the one or more processors, the notification to a user interface of a user device.
  2. 2 . The computer-implemented method of claim 1 , wherein the receiving the set of data source fields is in response to receiving a deployment request for the application asset.
  3. 3 . The computer-implemented method of claim 1 , further comprising: extracting, by the one or more processors, the updated set of data source fields from the application asset; transforming, by the one or more processors, the updated set of data source fields for the application asset; and determining, by the one or more processors, a measurement value for each data source field of the transformed set of data source fields.
  4. 4 . The computer-implemented method of claim 3 , wherein the measurement value comprises a state change, a percentage change, and/or a new data source field.
  5. 5 . The computer-implemented method of claim 3 , further comprising: determining, by the one or more processors, a set of rules for evaluating the one or more change indicators based on the measurement value, wherein each rule of the set of rules corresponds to a data source field.
  6. 6 . The computer-implemented method of claim 1 , the method further comprising: creating, by the one or more processors, a set of rules for determining whether the one or more change indicators include the material change or the non-material change.
  7. 7 . The computer-implemented method of claim 6 , wherein the creating includes: inputting, by the one or more processors, the change indicators and the set of rules into a machine-learning model, wherein the set of rules includes one or more materiality thresholds, wherein the machine-learning model is configured to analyze the change indicators against the one or more materiality thresholds to determine whether the change indicator includes a material change or a non-material change; and in response to the inputting, receiving, by the one or more processors, a material change notification or a non-material change notification from the machine-learning model.
  8. 8 . The computer-implemented method of claim 1 , further comprising: logging, by the one or more processors, the one or more change indicators and corresponding measurement value in a database; receiving, by the one or more processors, in real-time, an updated set of data source fields for the application asset based on the previously received set of data source fields; and storing, by the one or more processors, the updated set of data source fields for the application asset.
  9. 9 . The computer-implemented method of claim 1 , wherein the one or more data source fields include one or more metadata fields collected by a cloud-computing environment of a data source.
  10. 10 . A computer system for determining a security risk in one or more application environments, the computer system comprising: a memory having processor-readable instructions stored therein; one or more processors configured to access the memory and execute the processor-readable instructions, which when executed by the one or more processors configures the one or more processors to perform a plurality of functions, including functions for: receiving, by one or more processors, a set of data source fields corresponding to an application asset; retrieving, by the one or more processors, a set of stored data source fields for the application asset from a data store; identifying, by the one or more processors, one or more change indicators based on the set of stored data source fields for the application asset and the received set of data source fields; determining, by the one or more processors, whether at least one of the one or more change indicators includes a material change or a non-material change; in response to determining that the at least one change indicator does include a material change, generating, by the one or more processors, a notification comprising an approval request for the at least one change indicator classified as a material change; and outputting, by the one or more processors, the notification to a user interface of a user device.
  11. 11 . The computer system of claim 10 , wherein the receiving the set of data source fields is in response to receiving a deployment request for the application asset.
  12. 12 . The computer system of claim 10 , further comprising: extracting, by the one or more processors, the updated set of data source fields from the application asset; transforming, by the one or more processors, the updated set of data source fields for the application asset; and determining, by the one or more processors, a measurement value for each data source field of the transformed set of data source fields.
  13. 13 . The computer system of claim 12 , wherein the measurement value comprises a state change, a percentage change, and/or a new data source field.
  14. 14 . The computer system of claim 12 , further comprising: determining, by the one or more processors, a set of rules for evaluating the one or more change indicators based on the measurement value, wherein each rule of the set of rules corresponds to a data source field.
  15. 15 . The computer system of claim 10 , further comprising: creating, by the one or more processors, a set of rules for determining whether the one or more change indicators include the material change or the non-material change.
  16. 16 . The computer system of claim 15 , further comprising: inputting, by the one or more processors, the change indicators and the set of rules into a machine-learning model, wherein the set of rules includes one or more materiality thresholds, wherein the machine-learning model is configured to analyze the change indicators against the one or more materiality thresholds to determine whether the change indicator includes a material change or a non-material change; and in response to the inputting, receiving, by the one or more processors, a material change notification or a non-material change notification from the machine-learning model.
  17. 17 . The computer system of claim 10 , further comprising: logging, by the one or more processors, the one or more change indicators and corresponding measurement value in a database; receiving, by the one or more processors, in real-time, an updated set of data source fields for the application asset based on the previously received set of data source fields; and storing, by the one or more processors, the updated set of data source fields for the application asset.
  18. 18 . The computer system of claim 10 , wherein the one or more data source fields include one or more metadata fields collected by a cloud-computing environment of a data source.
  19. 19 . A non-transitory computer-readable medium containing instructions for determining a security risk in one or more application environments, the instructions comprising: receiving, by one or more processors, a set of data source fields corresponding to an application asset; retrieving, by the one or more processors, a set of stored data source fields for the application asset from a data store; identifying, by the one or more processors, one or more change indicators based on the set of stored data source fields for the application asset and the received set of data source fields; determining, by the one or more processors, whether at least one of the one or more change indicators includes a material change or a non-material change; in response to determining that the at least one change indicator does include a material change, generating, by the one or more processors, a notification comprising an approval request for the at least one change indicator classified as a material change; and outputting, by the one or more processors, the notification to a user interface of a user device.
  20. 20 . The non-transitory computer-readable medium of claim 19 , wherein the receiving the set of data source fields is in response to receiving a deployment request for the application asset.

Description

TECHNICAL FIELD Various embodiments of this disclosure relate generally to machine-learning based techniques for determining risk in an application environment in response to detected changes to an application asset. In some embodiments, the disclosure relates to systems and methods for training a machine-learning based model to identify and classify the severity of an application risk in an environment. BACKGROUND Cloud-computing platforms allow organizations to develop and host applications with increased scalability without investing in expensive infrastructure. The cloud-computing platform may provide storage and resources to the organization, without the organization needing to invest in a physical infrastructure. However, the scaling and modifying the application may pose a security risk to the organization. Cloud-computing platforms may pose a security risk to organizations that may use sensitive or protected data in applications. For example, an application may be developed and deployed with security protocols met and enforced. However, over the lifetime of the application, the application and/or the application environment may undergo changes that may impact the security risk of the organization. Further, conventional methods may analyze security risks and ensure compliance of the application code when the application code is committed or deployed in the environment. As a result, there is a need for improvements in determining a security risk for application assets developed in and/or hosted by a cloud-computing environment. These improvements may increase security by efficiently identifying and analyzing potential security risks to the organization after the changes to the application asset are deployed. Additionally, the detection may persist throughout the lifetime of the application such that the application is continuously undergoing a risk assessment. This disclosure is directed to addressing above-referenced challenges. The background description provided herein is for the purpose of generally presenting the context of the disclosure. Unless otherwise indicated herein, the materials described in this section are not prior art to the claims in this application and are not admitted to be prior art, or suggestions of the prior art, by inclusion in this section. SUMMARY OF THE DISCLOSURE According to certain aspects of the disclosure, methods and systems are disclosed for determining an application environment risk in response to detected changes to an application asset. In one aspect, an exemplary embodiment of a method for determining a security risk in one or more application environments is disclosed. The method may include receiving, by one or more processors, a set of data source fields corresponding to an application asset. The method may further include, retrieving, by the one or more processors, a set of stored data source fields for the application asset from a data store. The method may further include, identifying, by the one or more processors, one or more change indicators based on the set of stored data source fields for the application asset and the received set of data source fields. The method may further include, determining, by the one or more processors, whether at least one of the one or more change indicators includes a material change or a non-material change. The method may further include, in response to determining that the at least one change indicator does include a material change, generating, by the one or more processors, a notification comprising an approval request for the at least one change indicator classified as a material change. The method may further include outputting, by the one or more processors, the notification to a user interface of a user device. In a further aspect, an exemplary embodiment of a computer system for determining a security risk in one or more application environments is disclosed. The computer system may include at least one memory storing instructions, one or more processors configured to access the memory and execute the processor-readable instructions, which when executed by the one or more processors configures the one or more processors to perform a plurality of functions. The functions may include receiving, by one or more processors, a set of data source fields corresponding to an application asset. The functions may further include, retrieving, by the one or more processors, a set of stored data source fields for the application asset from a data store. The functions may further include, identifying, by the one or more processors, one or more change indicators based on the set of stored data source fields for the application asset and the received set of data source fields. The functions may further include, determining, by the one or more processors, whether at least one of the one or more change indicators includes a material change or a non-material change. The functions may further include, in response to determining tha