Identifying taint specification plays an important role in vulnerability detection and remains as one of the most challenging task in the field. In this paper, we report our semi-automated scheme for inferencing and maintaining taint specifications at industrial scale. Knowledge graph is adopted as the core engine in representing the the accumulated knowledge we gathered in this domain, and taint rules are generated based on nodes in the graph to achieve the desired taint track functionality. We propose the mining plus human-in-the-loop labeling approach to discover candidate taint specifications, assign concrete APIs to nodes in the knowledge graph and further form taint rules. We also propose a novel multi-view active machine learning based approach to characterize an API via collective matrix factorization which combines different aspects of API use-pattern and its naming together. The obtained API embedding is then used to perform similarity reasoning to expand taint specification starting from a small list of well-known APIs (seeds) with potential vulnerabilities. With the proposed technology, we expanded the taint seeds for the CodeGuru Reviewer’s configurable taint rules, and it not only improved the coverage of these rules but maintained high acceptance rate in real production.