Patent attributes
A system for performing de-duplication of findings includes a non-transitory computer readable medium and a processor. The non-transitory computer readable medium stores normalized findings of application code performed by at least one software security analysis tool. Each normalized finding is identifiable by a fingerprint. The processor receives a first finding in a first vendor-provided format from a first software security analysis tool that performs a scan of application code. The processor receives a second finding in a second vendor-provided format from a second software security analysis tool. The processor normalizes the findings to a standardized taxonomy. The processor determines a first fingerprint and a second fingerprint that respectively identify the normalized first and second findings. The processor determines any need to update the normalized first finding by comparing the normalized second finding with the normalized first finding after determining that the second fingerprint at least partially matches the first fingerprint.