TREA

AGENTLESS SYSTEM AND METHOD FOR DISCOVERING AND INSPECTING APPLICATIONS AND SERVICES IN COMPUTE ENVIRONMENTS

Follow

Information

  • Patent Application
  • 20230297489
  • Publication Number
    20230297489
  • Date Filed
    March 21, 2022
    2 years ago
  • Date Published
    September 21, 2023
    8 months ago
Information
Abstract
A system method for application discovery in a computing environment utilize static analysis. The method includes receiving data of an application, the application deployed on a workload in a first computing environment; detecting a plurality of anchor points in the data; and generating an application graph, including a plurality of first nodes, based on the plurality of anchor points, wherein each anchor point corresponds to a first node, and wherein at least a first node of the plurality of nodes is connected to at least another node of the plurality of nodes.
Description
Claims
  • 1. A method for application discovery in a computing environment utilizing static analysis, comprising: receiving data of an application, the application deployed on a workload in a first computing environment;detecting a plurality of anchor points in the data; andgenerating an application graph, including a plurality of first nodes, based on the plurality of anchor points, wherein each anchor point corresponds to a first node, and wherein at least a first node of the plurality of nodes is connected to at least another node of the plurality of nodes.
  • 2. The method of claim 1, wherein the application is configured to interact with at least another application, wherein the another application is deployed on another workload.
  • 3. The method of claim 2, wherein the data includes at least computer executable code, and at least a first anchor point of the plurality of anchor points is a code object in the computer executable code.
  • 4. The method of claim 3, wherein the at least a first anchor point is detected from the application, and a second anchor point is detected in the at least another application, wherein the first anchor point and the second anchor point are connected to each other in the application graph.
  • 5. The method of claim 4, further comprising: generating an instruction which when executed by a processing circuitry configures a collector to collect data from the another workload.
  • 6. The method of claim 1, further comprising: updating the application graph with a plurality of secondary nodes, each secondary node representing an object which has a relationship with an anchor point.
  • 7. The method of claim 6, further comprising: receiving runtime data of the application; anddetermining the relationship between each secondary node and the anchor point based on the received runtime data.
  • 8. The method of claim 1, further comprising: generating a path based on the application graph between a node representing a first anchor point and a node representing second anchor point, wherein the path indicates that data flows in the application from the first anchor point to the second anchor point.
  • 9. The method of claim 1, further comprising: generating dynamic analysis of the application.
  • 10. The method of claim 1, wherein an anchor point is any one of: a function calling a database, a representational state transfer (REST) application programming interface (API) call, and a service request.
  • 11. A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute a process, the process comprising: receiving data of an application, the application deployed on a workload in a first computing environment;detecting a plurality of anchor points in the data; and generating an application graph, including a plurality of first nodes, based on the plurality of anchor points, wherein each anchor point corresponds to a first node, and wherein at least a first node of the plurality of nodes is connected to at least another node of the plurality of nodes.
  • 12. A system application discovery in a computing environment utilizing static analysis, comprising: a processing circuitry; anda memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: receive data of an application, the application deployed on a workload in a first computing environment;detect a plurality of anchor points in the data; andgenerate an application graph, including a plurality of first nodes, based on the plurality of anchor points, wherein each anchor point corresponds to a first node, and wherein at least a first node of the plurality of nodes is connected to at least another node of the plurality of nodes.
  • 13. The system of claim 12, wherein the application is configured to interact with at least another application, wherein the another application is deployed on another workload.
  • 14. The system of claim 13, wherein the data includes at least computer executable code, and at least a first anchor point of the plurality of anchor points is a code object in the computer executable code.
  • 15. The system of claim 14, wherein the memory further contains instructions that when executed by the processing circuitry further configure the system to: detect the at least a first anchor point from the application, anddetect a second anchor point in the at least another application, wherein the first anchor point and the second anchor point are connected to each other in the application graph.
  • 16. The system of claim 15, wherein the memory further contains instructions that when executed by the processing circuitry further configure the system to: configure a collector to collect data from the another workload.
  • 17. The system of claim 12, wherein the memory further contains instructions that when executed by the processing circuitry further configure the system to: update the application graph with a plurality of secondary nodes, each secondary node representing an object which has a relationship with an anchor point.
  • 18. The system of claim 17, wherein the memory further contains instructions that when executed by the processing circuitry further configure the system to: receive runtime data of the application; anddetermine the relationship between each secondary node and the anchor point based on the received runtime data.
  • 19. The system of claim 12, wherein the memory further contains instructions that when executed by the processing circuitry further configure the system to: generate a path based on the application graph between a node representing a first anchor point and a node representing second anchor point, wherein the path indicates that data flows in the application from the first anchor point to the second anchor point.
  • 20. The system of claim 12, wherein an anchor point is any one of: a function calling a database, a representational state transfer (REST) application programming interface (API) call, and a service request.