US Patent 11947450 Detecting and mitigating application security threats based on quantitative analysis

A system for detecting and mitigating application security threats comprises a processor associated with a server. The processor analyzes a group of code sets of an application and determines a number of the threat objects in each code set. The processor further executes a run-time security model to analyze a combined code sets to determine threat object measurements and false positive measurements of application product releases for the application. The processor determines threat threshold ratios and false positive ratios per application. The processor further generates an array of quartile weights corresponding to a set of quartile ranges of the threat threshold ratios and a set of quartile ranges of the false positive ratios associated with the application. The processor generates an adjusted object measurement for the application based on a corresponding quartile weight in the array. The processor determines whether to trigger a development security model for the application.