Systems and methods for determining optimal remediation recommendations in penetration testing
First Claim
Patent Images
1. A method for providing, by a penetration testing system, a recommendation for improving the security of a networked system against attackers, the method comprising:
- a. carrying out one or more penetration tests of the networked system by the penetration testing system;
b. based on results of the one or more penetration tests of the networked system, determining multiple paths of attack available to the attackers, each path of attack of the determined multiple paths of attack being an ordered sequence of one or more attacker steps and one or more sub-goals;
c. assigning a calculated importance score to each of multiple sub-goals, wherein (i) each sub-goal of the multiple sub-goals is included in at least one of the determined multiple paths of attack, and (ii) for at least one given sub-goal of the multiple sub-goals, the importance score assigned to the given sub-goal is based on a number of paths of attack of the determined multiple paths of attack which include the given sub-goal;
d. selecting one sub-goal included in at least one of the determined multiple paths of attack, the selecting of the one sub-goal being based on the importance score assigned to at least one of the multiple sub-goals; and
e. providing a recommendation to protect the selected one sub-goal, the providing of the recommendation comprising at least one operation selected from the group consisting of;
i. causing a display device to display information about the recommendation;
ii. recording the information about the recommendation in a file; and
iii. electronically transmitting the information about the recommendation.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for providing a recommendation for improving the security of a networked system against attackers. The recommendation may include a recommendation of a single sub-goal to be protected to achieve optimal improvement in security, or of multiple such sub-goals. If the recommendation includes multiple sub-goals, the sub-goals may be ordered such that the first sub-goal is more important to protect, provides a greater benefit by being protected, or is more cost effective to protect than subsequent sub-goals in the ordered list of sub-goals.
128 Citations
20 Claims
-
1. A method for providing, by a penetration testing system, a recommendation for improving the security of a networked system against attackers, the method comprising:
-
a. carrying out one or more penetration tests of the networked system by the penetration testing system; b. based on results of the one or more penetration tests of the networked system, determining multiple paths of attack available to the attackers, each path of attack of the determined multiple paths of attack being an ordered sequence of one or more attacker steps and one or more sub-goals; c. assigning a calculated importance score to each of multiple sub-goals, wherein (i) each sub-goal of the multiple sub-goals is included in at least one of the determined multiple paths of attack, and (ii) for at least one given sub-goal of the multiple sub-goals, the importance score assigned to the given sub-goal is based on a number of paths of attack of the determined multiple paths of attack which include the given sub-goal; d. selecting one sub-goal included in at least one of the determined multiple paths of attack, the selecting of the one sub-goal being based on the importance score assigned to at least one of the multiple sub-goals; and e. providing a recommendation to protect the selected one sub-goal, the providing of the recommendation comprising at least one operation selected from the group consisting of; i. causing a display device to display information about the recommendation; ii. recording the information about the recommendation in a file; and iii. electronically transmitting the information about the recommendation. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing, by a penetration testing system, a recommendation for improving the security of a networked system against attackers, the method comprising:
-
a. initializing a list of sub-goals that should be protected to be an empty list; b. obtaining a halting condition, the halting condition including a Boolean condition applied to the list of sub-goals; c. carrying out one or more penetration tests of the networked system by the penetration testing system; d. based on results of the one or more penetration tests of the networked system, determining multiple paths of attack available to the attackers, each path of attack of the determined multiple paths of attack being an ordered sequence of one or more attacker steps and one or more sub-goals; e. initializing a group of relevant paths of attack to consist of the determined multiple paths of attack; f. assigning a calculated importance score to each of one or more sub-goals, wherein (i) each sub-goal of the one or more sub-goals is included in at least one path of attack included in the group of relevant paths of attack, and (ii) for at least one given sub-goal of the one or more sub-goals, the importance score assigned to the given sub-goal is based on a number of paths of attack in the group of relevant paths of attack which include the given sub-goal; g. selecting one sub-goal included in at least one member of the group of relevant paths of attack and adding the one sub-goal to the list of sub-goals, the selecting of the one sub-goal being based on the importance scores assigned to at least one of the one or more sub-goals; h. modifying the group of relevant paths of attack by removing from it every path of attack that includes the one sub-goal; i. evaluating the halting condition for the list of sub-goals; j. in response to determining that (i) the halting condition is not satisfied, and (ii) the group of relevant paths of attack is not empty, repeating steps f to j; and k. in response to determining that (i) the halting condition is satisfied, or (ii) the group of relevant paths of attack is empty, providing a recommendation to protect one or more sub-goals from the list of sub-goals, the providing of the recommendation comprising at least one operation selected from the group consisting of; i. causing a display device to display information about the recommendation; ii. recording the information about the recommendation in a file; and iii. electronically transmitting the information about the recommendation. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for providing a recommendation for improving the security of a networked system against attackers, the system comprising:
-
a. a penetration-testing-campaign module including; i. one or more penetration-testing-campaign hardware processors; and ii. a penetration-testing-campaign non-transitory computer readable storage medium for instructions execution by the one or more penetration-testing-campaign hardware processors, the penetration-testing-campaign non-transitory computer readable storage medium having stored instructions to carry out one or more penetration tests of the networked system; b. a sub-goal-selection module including; i. one or more sub-goal-selection hardware processors; and ii. a sub-goal-selection non-transitory computer readable storage medium for instructions execution by the one or more sub-goal-selection hardware processors, the sub-goal-selection non-transitory computer readable storage medium having stored; 1) instructions to receive, from the penetration-testing-campaign module, results of the one or more penetration tests of the networked system; 2) instructions to determine, based on said received results, multiple paths of attack available to the attackers, each path of attack of the determined multiple paths of attack being an ordered sequence of one or more attacker steps and one or more sub-goals; 3) instructions to assign a calculated importance score to each of multiple sub-goals, wherein (i) each sub-goal of the multiple sub-goals is included in at least one of the determined multiple paths of attack, and (ii) for at least one given sub-goal of the multiple sub-goals, the importance score assigned to the given sub-goal is based on a number of paths of attack of the determined multiple paths of attack which include the given sub-goal; and 4) instructions to select one sub-goal included in at least one of the determined multiple paths of attack, the selecting of the one sub-goal being based on the importance score assigned to at least one of the multiple sub-goals; and c. a reporting module including; i. one or more reporting hardware processors; and ii. a reporting non-transitory computer readable storage medium for instructions execution by the one or more reporting hardware processors, the reporting non-transitory computer readable storage medium having stored; 1) instructions to receive, from the sub-goal-selection module, an identification of the selected one sub-goal; and 2) instructions to provide a recommendation to protect the selected one sub-goal, the instructions to provide the recommendation including at least one member selected from the group consisting of; I. instructions to cause a display device to display information about the recommendation; II. instructions to record the information about the recommendation in a file; and III. instructions to electronically transmit the information about the recommendation.
-
-
20. A system for providing a recommendation for improving the security of a networked system against attackers, the system comprising:
-
a. a penetration-testing-campaign module including; i. one or more penetration-testing-campaign hardware processors; and ii. a penetration-testing-campaign non-transitory computer readable storage medium for instructions execution by the one or more penetration-testing-campaign hardware processors, the penetration-testing-campaign non-transitory computer readable storage medium having stored instructions to carry out one or more penetration tests of the networked system; b. a sub-goals-selection module including; i. one or more sub-goals-selection hardware processors; and ii. a sub-goals-selection non-transitory computer readable storage medium for instructions execution by the one or more sub-goals-selection hardware processors, the sub-goals-selection non-transitory computer readable storage medium having stored; 1) first instructions to initialize a list of sub-goals that should be protected to be an empty list; 2) second instructions to obtain a halting condition, the halting condition including a Boolean condition applied to the list of sub-goals; 3) third instructions to receive, from the penetration-testing-campaign module, results of the one or more penetration tests of the networked system; 4) fourth instructions to determine, based on said received results of the one or more tests of the networked system, multiple paths of attack available to the attackers, each path of attack of the determined multiple paths of attack being an ordered sequence of one or more attacker steps and one or more sub-goals; 5) fifth instructions to initialize a group of relevant paths of attack to consist of the determined multiple paths of attack; 6) sixth instructions to assign a calculated importance score to each of one or more sub-goals, wherein (i) each sub-goal of the one or more sub-goals is included in at least one path of attack included in the group of relevant paths of attack, and (ii) for at least one given sub-goal of the one or more sub-goals, the importance score assigned to the given sub-goal is based on a number of paths of attack in the group of relevant paths of attack which include the given sub-goal; 7) seventh instructions to select one sub-goal included in at least one member of the group of relevant paths of attack and to add the one sub-goal to the list of sub-goals, the selecting of the one sub-goal being based on the importance scores assigned to at least one of the one or more sub-goals; 8) eighth instructions to modify the group of relevant paths of attack by removing from it every path of attack that includes the one sub-goal; 9) ninth instructions to evaluate the halting condition for the list of sub-goals; 10) tenth instructions, to be carried out in response to determining that (i) the halting condition is not satisfied, and (ii) the group of relevant paths of attack is not empty, to repeat the sixth instructions to the tenth instructions; and 11) eleventh instructions, to be carried out in response to determining that (i) the halting condition is satisfied, or (ii) the group of relevant paths of attack is empty, to select one or more sub-goals from the list of sub-goals; and c. a reporting module including; i. one or more reporting hardware processors; and ii. a reporting non-transitory computer readable storage medium for instructions execution by the one or more reporting hardware processors, the reporting non-transitory computer readable storage medium having stored; 1) instructions to receive, from the sub-goals-selection module, an identification of the one or more selected sub-goals; and 2) instructions to provide a recommendation to protect the one or more selected sub-goals, the instructions to provide the recommendation including at least one member selected from the group consisting of; I. instructions to cause a display device to display information about the recommendation; II. instructions to record the information about the recommendation in a file; and III. instructions to electronically transmit the information about the recommendation.
-
Specification