Method and system for identification of security vulnerabilities
First Claim
1. A system, comprising:
- a processor; and
a memory medium that is coupled to the processor and that includes instructions, when executed by the processor, cause the system to;
analyze an application file structure of an application and an import table of the application to identify, via the at least one of the application file structure of the application and the import table of the application, one or more uniquely identified application components;
determine vulnerabilities associated with a given application component of the one or more uniquely identified application components, the vulnerabilities including vulnerabilities of one or more additional components to be accessed by the given application component;
take remedial action based at least upon the vulnerabilities;
after the remedial action is taken;
repeat a scan of the given application component;
determine, based at least on the repeat of the scan of the given application component, that the remedial action corrected at least one of the vulnerabilities associated with the given application component, present before the remedial action is taken on the given application component;
determine, based at least on the repeat of the scan of the given application component, one or more new vulnerabilities associated with the given application component;
determine from an interplay of the vulnerabilities of the given application component, that includes the one or more new vulnerabilities, that corrective action is necessary; and
adjust a network security device to defeat at least one of the one or more new vulnerabilities for the corrective action.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for securing an electronic device may include a processor and a memory. The memory may be communicatively coupled to the processor and include instructions. The instructions, when loaded and executed by the processor, cause the processor to scan data including one or more application components to uniquely identify elements therein, determine from a given application component additional components to be accessed by the given application component, scan the additional components to uniquely identify elements therein, determine whether the additional components include any known vulnerabilities, associate one or more known vulnerabilities of the additional components with the given application component, record the known vulnerabilities and the given application component. The given application component may be uniquely identified.
-
Citations
39 Claims
-
1. A system, comprising:
-
a processor; and a memory medium that is coupled to the processor and that includes instructions, when executed by the processor, cause the system to; analyze an application file structure of an application and an import table of the application to identify, via the at least one of the application file structure of the application and the import table of the application, one or more uniquely identified application components; determine vulnerabilities associated with a given application component of the one or more uniquely identified application components, the vulnerabilities including vulnerabilities of one or more additional components to be accessed by the given application component; take remedial action based at least upon the vulnerabilities; after the remedial action is taken; repeat a scan of the given application component; determine, based at least on the repeat of the scan of the given application component, that the remedial action corrected at least one of the vulnerabilities associated with the given application component, present before the remedial action is taken on the given application component; determine, based at least on the repeat of the scan of the given application component, one or more new vulnerabilities associated with the given application component; determine from an interplay of the vulnerabilities of the given application component, that includes the one or more new vulnerabilities, that corrective action is necessary; and adjust a network security device to defeat at least one of the one or more new vulnerabilities for the corrective action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. At least one non-transitory machine readable storage medium that includes instructions that, when executed by a processor of a system, cause the system to:
-
analyze an application file structure of an application and an import table of the application to identify, via the at least one of the application file structure of the application and the import table of the application, one or more uniquely identified application components; determine vulnerabilities associated with a given application component of the one or more uniquely identified application components, the vulnerabilities including vulnerabilities of one or more additional components to be accessed by the given application component; take remedial action based at least upon the vulnerabilities; after the remedial action is taken; repeat a scan of the given application component; determine, based at least on the repeat of the scan of the given application component, that the remedial action corrected at least one of the vulnerabilities associated with the given application component, present before the remedial action is taken on the given application component; determine, based at least on the repeat of the scan of the given application component, one or more new vulnerabilities associated with the given application component; determine from an interplay of the vulnerabilities of the given application component, that includes the one or more new vulnerabilities, that corrective action is necessary; and adjust a network security device to defeat at least one of the one or more new vulnerabilities for the corrective action. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method, comprising:
-
analyzing an application file structure of an application and an import table of the application to identify, via the at least one of the application file structure of the application and the import table of the application, one or more uniquely identified application components; determining vulnerabilities associated with a given application component of the one or more uniquely identified application components, the vulnerabilities including vulnerabilities of one or more additional components to be accessed by the given application component; taking remedial action based at least upon the vulnerabilities; after the remedial action is taken; repeating a scan of the given application component; determining, based at least on the repeat of the scan of the given application component, that the remedial action corrected at least one of the vulnerabilities associated with the given application component, present before the remedial action is taken on the given application component; determining, based at least on the repeat of the scan of the given application component, one or more new vulnerabilities associated with the given application component; determining from an interplay of the vulnerabilities of the given application component, that includes the one or more new vulnerabilities, that corrective action is necessary; and adjusting a network security device to defeat at least one of the one or more new vulnerabilities for the corrective action. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification