WEB FIREWALL AND METHOD FOR AUTOMATICALLY CHECKING WEB SERVER FOR VULNERABILITIES
First Claim
1. A web firewall for automatically checking for vulnerabilities, comprising:
- an administrating server scheduling part for ordering the examination of an administrating web server according to a predetermined examination schedule;
a vulnerability search database calling part for calling a vulnerability search database previously stored according to the order of the administrating server scheduling part;
a vulnerability searching part for searching for potential vulnerabilities of the administrating web server corresponding to data included in the called vulnerability search database;
a vulnerability information deducing part for optimizing the results searched in the vulnerability searching part to deduce vulnerability information;
a vulnerability checking part for checking the vulnerabilities of the administrating web server based on the results deduced from the vulnerability information deducing part; and
a detailed vulnerability information reporting part for reporting detailed information on the checked vulnerabilities.
5 Assignments
0 Petitions
Accused Products
Abstract
Provided is a web firewall for automatically checking for vulnerabilities, including: an administrating server scheduling part for ordering the examination of an administrating web server according to a predetermined examination schedule; a vulnerability search database calling part for calling a vulnerability search database previously stored according to the order of the administrating server scheduling part; a vulnerability searching part for searching for potential vulnerabilities of the administrating web server corresponding to data included in the called vulnerability search database; a vulnerability information deducing part for optimizing the results searched in the vulnerability searching part to deduce vulnerability information; a vulnerability checking part for checking the vulnerabilities of the administrating web server based on the results deduced from the vulnerability information deducing part; and a detailed vulnerability information reporting part for reporting detailed information on the checked vulnerabilities.
-
Citations
14 Claims
-
1. A web firewall for automatically checking for vulnerabilities, comprising:
-
an administrating server scheduling part for ordering the examination of an administrating web server according to a predetermined examination schedule; a vulnerability search database calling part for calling a vulnerability search database previously stored according to the order of the administrating server scheduling part; a vulnerability searching part for searching for potential vulnerabilities of the administrating web server corresponding to data included in the called vulnerability search database; a vulnerability information deducing part for optimizing the results searched in the vulnerability searching part to deduce vulnerability information; a vulnerability checking part for checking the vulnerabilities of the administrating web server based on the results deduced from the vulnerability information deducing part; and a detailed vulnerability information reporting part for reporting detailed information on the checked vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of automatically checking for vulnerabilities using a web firewall for automatically checking for vulnerabilities, comprising the steps of:
-
setting a time schedule for checking administrating web server vulnerabilities corresponding to a predetermined examination schedule; confirming a time corresponding to the set schedule and measuring available system resources when the set time has arrived; calling a vulnerability search database when the system resources exceed a predetermined standard value; searching for potential vulnerabilities of the administrating web server corresponding to data extracted from the called vulnerability search database; optimizing the results of the potential vulnerability search; checking the vulnerabilities of the administrating web server corresponding to the optimized results; and making a detailed report on the results of the vulnerability check of the administrating web server. - View Dependent Claims (11, 12, 13, 14)
-
Specification