Security assessment incentive method for promoting discovery of computer software vulnerabilities

US 10,521,593 B2
Filed: 06/16/2017
Issued: 12/31/2019
Est. Priority Date: 05/06/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented data processing method comprising:

electronically inviting, using a Launch Point computer, a distributed plurality of researcher computers to participate in research projects of identifying computer vulnerabilities of one or more third party computer networks;

monitoring, using the Launch Point computer, communications between a particular researcher computer among the distributed plurality of researcher computers and a particular third party computer network among the one or more third party computer networks,the monitoring comprising assessing whether the particular researcher computer is attempting to access resources of the particular third party computer network for which access is prohibited or out of scope of a research project of identifying computer vulnerabilities of the third party computer network by the particular researcher computer;

wherein the communications relate to identifying a security vulnerability of the particular third party computer network and the communications include electronic communications;

receiving, from the particular researcher computer, a report regarding security vulnerabilities of the particular third party computer network;

evaluating the report based on the monitored communications,the evaluating comprising re-performing a sequence of operations performed by the particular researcher in the monitored communications.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one aspect, the disclosure provides: A method comprising: assessing a plurality of researchers as a precondition for receiving an invitation to be a researcher of a distributed plurality of researchers, resulting in the distributed plurality of researchers wherein each researcher is associated with one or more tags in records that identify the researcher for one or more attributes; inviting a subset of the distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more computers that are owned or operated by a third party, the subset of the distributed plurality of researchers selected based on the one or more tags in records that identify the researcher and a description of the computer vulnerabilities of the one or more computers; using a computer that is communicatively coupled to a particular researcher among the subset of the distributed plurality of researchers and a network under test among the one or more computers, monitoring communications between the particular researcher and the particular third party computer, wherein the communications relate to attempting to identify a candidate security vulnerability of the particular third party computer; in response to a report of the candidate security vulnerability of the particular third party computer that is received from the particular researcher, evaluating the report of the candidate security vulnerability.

Citations

20 Claims

1. A computer-implemented data processing method comprising:
- electronically inviting, using a Launch Point computer, a distributed plurality of researcher computers to participate in research projects of identifying computer vulnerabilities of one or more third party computer networks;
  
  monitoring, using the Launch Point computer, communications between a particular researcher computer among the distributed plurality of researcher computers and a particular third party computer network among the one or more third party computer networks,the monitoring comprising assessing whether the particular researcher computer is attempting to access resources of the particular third party computer network for which access is prohibited or out of scope of a research project of identifying computer vulnerabilities of the third party computer network by the particular researcher computer;
  
  wherein the communications relate to identifying a security vulnerability of the particular third party computer network and the communications include electronic communications;
  
  receiving, from the particular researcher computer, a report regarding security vulnerabilities of the particular third party computer network;
  
  evaluating the report based on the monitored communications,the evaluating comprising re-performing a sequence of operations performed by the particular researcher in the monitored communications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The computer-implemented data processing method of claim 1, wherein the monitoring comprises determining a number of communications between the particular researcher computer and the third party computer network or another diligence or competence metrics related to the particular researcher computer from the communications.
  - 3. The computer-implemented data processing method of claim 1, wherein the communications comprise any of:
    - network data associated with the particular third party computer network that is accessed by the particular researcher computer;
      
      input data received from a user by the particular researcher computer in communicating with the particular third party computer network;
      
      network data that was dynamically generated by the particular third party computer network in communicating with the particular researcher computer;
      
      or packet flows between the particular researcher computer and the particular third party computer in the communications.
  - 4. The computer-implemented data processing method of claim 3, the communications comprising network data associated with the particular third party computer network that is accessed by the particular researcher computer, including URLs of the network data associated with the particular third party computer network.
  - 5. The computer-implemented data processing method of claim 3, the communications comprising input data received from a user by the particular researcher computer in communicating with the particular third party computer network, including information regarding keystrokes received by the particular researcher computer.
  - 6. The computer-implemented data processing method of claim 3, the communications comprising network data that was dynamically generated by the particular third party computer network in communicating with the particular researcher computer, including URLs of the network data generated by the particular third party computer network.
  - 7. The computer-implemented data processing method of claim 1, further comprising performing a remedial action on the particular third party computer network based on the evaluating.
  - 8. The computer-implemented data processing method of claim 7, wherein the remedial action is a recommendation in the report.
  - 9. The computer-implemented data processing method of claim 7, wherein performing the remedial action comprises:
    - installing a software update on the particular third party computer network, orupdating system configuration data for the third party computer network.
  - 10. The computer-implemented data processing method of claim 9, wherein updating system configuration data comprises:
    - reconfiguring a network topology of the third party computer network, orreconfiguring an automatic attack detection system within the third party computer network.
  - 11. The computer-implemented data processing method of claim 1,wherein the report includes an executed questionnaire,wherein the evaluating comprises comparing the report against a database of existing reports including other executed questionnaires and determining whether the security vulnerabilities have been previously reported.
  - 12. The computer-implemented data processing method of claim 1, further comprisingdelivering a result of evaluating to a client computer over a communication network,wherein the report identifies one or more computer vulnerabilities of the third party computer network.
  - 13. The computer-implemented data processing method of claim 12, further comprisingreceiving status information regarding one of the one identified computer vulnerability from the client computer,wherein the status information indicates whether the one computer vulnerability has been addressed.
  - 14. The computer-implemented data processing method of claim 1, further comprisingperforming an initial assessment of the one or more third party computer networks,wherein the electronically inviting is based on a result of the performing.
  - 15. The computer-implemented data processing method of claim 1, further comprising creating records of specific projects to identify computer vulnerabilities in the one or more third party computer networks.
  - 16. The computer-implemented data processing method of claim 15, the records of specific projects including a description of specific computer assets in which the computer vulnerabilities are to be identified.
  - 17. The computer-implemented data processing method of claim 1, further comprising:
    - generating, using an automated scanning system, baseline vulnerability data regarding the particular third party computer network communicatively coupled to the automatic scanning system;
      
      before the electronically inviting, defining the research project of identifying computer vulnerabilities of the third party computer network using the baseline vulnerability data as a baseline for evaluating performance of the particular research computer;
      
      receiving feedback related to the report regarding security vulnerabilities of the particular third party computer network;
      
      updating the automated scanning system based on the received feedback.
  - 18. The computer-implemented data processing method of claim 17, wherein the updating comprises transforming the feedback into a more generic form that is compatible with the automated scanning system.

19. A non-transitory machine-readable medium having instructions stored thereon, the instructions executable by the one or more processors to perform:
- using a Launch Point computer, assessing a plurality of researchers as a precondition for receiving an invitation to be a researcher of a distributed plurality of researchers, resulting in forming the distributed plurality of researchers in which each researcher is associated in digitally stored data records with one or more tags that identify the researcher for one or more attributes;
  
  using the Launch Point computer, electronically inviting a subset of the distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more third party computers that are owned or operated by a third party, the subset of the distributed plurality of researchers selected based on the one or more tags in records that identify the researcher and a description of the computer vulnerabilities of the one or more third party computers;
  
  using the Launch Point computer that is communicatively coupled to a particular researcher among the subset of the distributed plurality of researchers and a particular third party computer under test among the one or more third party computers, monitoring communications between the particular researcher and the particular third party computer under test, wherein the communications relate to attempting to identify a candidate security vulnerability of the particular third party computer under test and the communications include electronic communications;
  
  in response to a report of the candidate security vulnerability of the particular third party computer that is received from the particular researcher, evaluating the report of the candidate security vulnerability based upon the candidate security vulnerability identified in the report by the particular researcher in the report and the monitored communications between the particular researcher and the particular third party computer under test.
- View Dependent Claims (20)
- - 20. The non-transitory machine-readable medium of claim 19, the instructions executable to further perform, using the Launch Point computer, comparing the one or more tags in records that identify the researcher for one or more attributes to a description of the one or more third party computers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Synack, Inc.
Original Assignee
Synack, Inc.
Inventors
Kaplan, Jay, Kuhr, Mark
Primary Examiner(s)
Jhaveri, Jayesh M

Application Number

US15/625,974
Publication Number

US 20170289174A1
Time in Patent Office

928 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/0748   in a remote unit communicat...

G06F 11/2733   Test interface between test...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

G06Q 30/0208   Trade or exchange of goods ...

H04L 63/14   for detecting or protecting...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

Security assessment incentive method for promoting discovery of computer software vulnerabilities

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security assessment incentive method for promoting discovery of computer software vulnerabilities

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links