Method and Apparatus for Security Assessment of a Computing Platform
First Claim
Patent Images
1. A system for detecting security vulnerabilities in a computing platform, said computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to said one or more front end components to fulfill said services, said system comprising:
- one or more first monitoring modules communicatively linked to said one or more front end components, and operatively configured to monitor said one or more front end components while communicating data with said one or more front end components;
one or more second monitoring modules communicatively linked to said one or more back end components, and operatively configured to monitor said one or more back end components while said one or more back end components supply required information to said one or more front end components;
wherein said one or more first monitoring modules communicate data with said one or more front end components and monitors the activities of said one or more front end components, while said one or more second monitoring modules monitor the activities of said one or more back end components; and
wherein the resulting activity information extracted may be combined to contribute to identification of one or more security vulnerabilities within said computing platform.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for automated security testing are disclosed. The disclosure provides for automated discovery of security vulnerabilities through the monitoring of activities that occur throughout the separate components of a computing platform during a testing session through a communications interface.
121 Citations
28 Claims
-
1. A system for detecting security vulnerabilities in a computing platform, said computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to said one or more front end components to fulfill said services, said system comprising:
-
one or more first monitoring modules communicatively linked to said one or more front end components, and operatively configured to monitor said one or more front end components while communicating data with said one or more front end components; one or more second monitoring modules communicatively linked to said one or more back end components, and operatively configured to monitor said one or more back end components while said one or more back end components supply required information to said one or more front end components; wherein said one or more first monitoring modules communicate data with said one or more front end components and monitors the activities of said one or more front end components, while said one or more second monitoring modules monitor the activities of said one or more back end components; and wherein the resulting activity information extracted may be combined to contribute to identification of one or more security vulnerabilities within said computing platform. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of detecting security vulnerabilities in a computing platform, said computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to said one or more front end components to fulfill said services, said method comprising:
-
connecting to said one or more front end components using one or more front end communication protocol connections; connecting to said one or more back end components using one or more application-specific protocol connections for communicating with an application; communicating data with said one or more front end components; monitoring activities of said one or more front end components while communicating said data; monitoring activities of said one or more back end components; extracting activity information from said one or more front end components and from said one or more back end components; and storing said activity information. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer readable medium having recorded thereon statements and instructions for execution by a computer for detecting security vulnerabilities in a computing platform, the computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to the one or more front end components to fulfill the services, by carrying out the steps of:
-
connecting to said one or more front end components; connecting to said one or more back end components; communicating data with said one or more front end components; monitoring activities of said one or more front end components while communicating data therewith; monitoring activities of said one or more back end components; extracting activity information from said one or more front end components and from said one or more back end components; and storing said activity information. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
-
26. An apparatus for detecting security vulnerabilities in a computing platform, said computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to said one or more front end components to fulfill said services, said apparatus comprising:
-
means for connecting to said one or more front end components; means for connecting to said one or more back end components; means for communicating data with said one or more front end components; means for monitoring activities of said one or more front end components while communicating therewith; means for monitoring activities of said one or more back end components; means for extracting activity information from said one or more front end components and from said one or more back end components; and means for storing said activity information. - View Dependent Claims (27, 28)
-
Specification