System for tracking and analyzing the integrity of an application
First Claim
1. A method for detecting modifications in an application executing on a computer system comprising:
- connecting to the application on the computer system;
inventorying the application in order to discover a baseline inventory of existing items in the application, inventorying comprising the step of running commands or requests in order to enumerate the items in the application;
storing the baseline inventory to persistent storage;
collecting a second inventory list of items in the application by running commands or requests in order to enumerate a second set of items in the application;
comparing the second inventory list of items with the baseline inventory of the application to determine a set of differences between them by enumerating each item in the second inventory with items in the baseline inventory, determining if any item exists in the baseline inventory but not in the second inventory, determining if any item exists in the second inventory but not in the baseline inventory, determining if any item in both the baseline inventory and the second inventory has been changed;
reporting out the set of differences between the baseline inventory and the second inventory to enable a determination of whether unauthorized activity has occurred.
5 Assignments
0 Petitions
Accused Products
Abstract
The invention is a method for tracking and analyzing an application for modifications and changes. The method is used to ensure the integrity of the application remains intact. The application is inventoried upon setup. The application is then subsequently re-inventoried on a regular basis. Each new inventory is examined against the original inventory to determine if any changes have taken place. When a change is detected, the change is highlighted to be approved or examined to determine the specifics of the change in order that corrective action can be taken if deemed necessary.
-
Citations
16 Claims
-
1. A method for detecting modifications in an application executing on a computer system comprising:
-
connecting to the application on the computer system;
inventorying the application in order to discover a baseline inventory of existing items in the application, inventorying comprising the step of running commands or requests in order to enumerate the items in the application;
storing the baseline inventory to persistent storage;
collecting a second inventory list of items in the application by running commands or requests in order to enumerate a second set of items in the application;
comparing the second inventory list of items with the baseline inventory of the application to determine a set of differences between them by enumerating each item in the second inventory with items in the baseline inventory, determining if any item exists in the baseline inventory but not in the second inventory, determining if any item exists in the second inventory but not in the baseline inventory, determining if any item in both the baseline inventory and the second inventory has been changed;
reporting out the set of differences between the baseline inventory and the second inventory to enable a determination of whether unauthorized activity has occurred. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for detecting modifications in a database application executing on a computer system comprising:
-
connecting to a database;
inventorying the database in order to discover a baseline inventory of existing items in the database, inventorying comprising the step of running commands or requests in order to enumerate the items in the database;
storing the baseline inventory to persistent storage;
collecting a second inventory list of items in the database by running commands or requests in order to enumerate a second set of items in the database;
comparing the second inventory list of items with the baseline inventory of the database to determine a set of differences between them by enumerating each item in the second inventory with items in the baseline inventory, determining if an item exists in the baseline inventory but not in the second inventory, determining if an item exists in the second inventory but not in the baseline inventory, determining if an item in both the baseline inventory and the second inventory has been changed;
reporting out the set of differences between the baseline inventory and the second inventory to enable a determination of whether unauthorized activity has occurred. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for detecting modifications in a web application executing on a server comprising:
-
connecting to the web application on the server;
inventorying the web application in order to discover a baseline inventory of existing items in the web application, inventorying comprising the steps of crawling the web application and running commands in order to enumerate the items in the web application;
storing the baseline inventory to persistent storage;
collecting a second inventory list of items in the web application by crawling the web application and running commands in order to enumerate a second set of items in the web application;
comparing the second inventory list of items with the baseline inventory of the web application to determine a set of differences between them by enumerating each item in the second inventory with items in the baseline inventory, determining if an item exists in the baseline inventory but not in the second inventory, determining if an item exist in the second inventory but not in the baseline inventory, determining if an item in both the baseline inventory and the second inventory has been changed;
reporting out the set of differences between the baseline inventory and the second inventory to enable a determination of whether unauthorized activity has occurred. - View Dependent Claims (14, 15, 16)
-
Specification