SYSTEM AND METHOD FOR EXTENDING AUTOMATED PENETRATION TESTING TO DEVELOP AN INTELLIGENT AND COST EFFICIENT SECURITY STRATEGY
First Claim
1. A method for extending automated penetration testing of a target network comprising, the steps of:
- a. computing a scenario, wherein the step of computing the scenario comprises the steps ofi. translating a workspace having at least one target computer in the target network, to a planning definition language;
ii. translating penetration modules available in a penetration testing framework to a planning definition language; and
iii. defining a goal in the target network and translating the goal into a planning definition language;
b. building a knowledge database with information regarding the target network, properties of hosts in the network, parameters and running history of modules in the penetration testing framework; and
c. running an attack plan solver module, wherein the attack plan solver module performs the steps of;
i. running an attack planner using the scenario as input, to produce at least one attack plan that achieves the goal; and
ii. executing actions defined in the at least one attack plan against the target network from the penetration testing framework.
12 Assignments
0 Petitions
Accused Products
Abstract
A system and method for extending automated penetration testing of a target network is provided. The method comprises: computing a scenario, comprises the steps of: translating a workspace having at least one target computer in the target network, to a planning definition language, translating penetration modules available in a penetration testing framework to a planning definition language, and defining a goal in the target network and translating the goal into a planning definition language; building a knowledge database with information regarding the target network, properties of hosts in the network, parameters and running history of modules in the penetration testing framework; and running an attack plan solver module, comprising: running an attack planner using the scenario as input, to produce at least one attack plan that achieves the goal, and executing actions defined in the at least one attack plan against the target network from the penetration testing framework.
99 Citations
10 Claims
-
1. A method for extending automated penetration testing of a target network comprising, the steps of:
-
a. computing a scenario, wherein the step of computing the scenario comprises the steps of i. translating a workspace having at least one target computer in the target network, to a planning definition language; ii. translating penetration modules available in a penetration testing framework to a planning definition language; and iii. defining a goal in the target network and translating the goal into a planning definition language; b. building a knowledge database with information regarding the target network, properties of hosts in the network, parameters and running history of modules in the penetration testing framework; and c. running an attack plan solver module, wherein the attack plan solver module performs the steps of; i. running an attack planner using the scenario as input, to produce at least one attack plan that achieves the goal; and ii. executing actions defined in the at least one attack plan against the target network from the penetration testing framework. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification