PERFORMING SECURITY ASSESSMENTS IN AN ONLINE SERVICES SYSTEM

US 20120054871A1
Filed: 08/26/2010
Published: 03/01/2012
Est. Priority Date: 08/26/2010
Status: Active Grant

First Claim

Patent Images

1. A method for performing security assessments in an online services system, the method comprising:

receiving an accepted security assessment agreement from a user, wherein the security assessment agreement is associated with a software application utilized in an online services system;

receiving configuration data associated with the software application;

receiving scanning data associated with the software application; and

sending the configuration data and scanning data to one or more security assessment systems.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for performing security assessments in an online services system. In one embodiment, a method includes receiving an accepted security assessment agreement from a user, where the security assessment agreement is associated with a software application utilized in an online services system. The method also includes receiving configuration data associated with the software application; receiving scanning data associated with the software application; and sending the configuration data and scanning data to one or more security assessment systems.

38 Citations

View as Search Results

20 Claims

1. A method for performing security assessments in an online services system, the method comprising:
- receiving an accepted security assessment agreement from a user, wherein the security assessment agreement is associated with a software application utilized in an online services system;
  
  receiving configuration data associated with the software application;
  
  receiving scanning data associated with the software application; and
  
  sending the configuration data and scanning data to one or more security assessment systems.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the security assessment agreement permits security assessments on the software application.
  - 3. The method of claim 1, wherein the configuration data comprises testing parameters for testing the software application and requirements for starting security assessments on the software application.
  - 4. The method of claim 1, further comprising creating a test environment for performing security assessments on the software application.
  - 5. The method of claim 1, further comprising creating a test environment for performing security assessments on the software application, wherein the test environment is based on the configuration data.
  - 6. The method of claim 1, further comprising determining if the online services system communicates with an unauthorized computer system
  - 7. The method of claim 1, further comprising creating a test environment for performing security assessments on the software application, wherein creating the test environment is conditioned upon receiving the agreement.

8. A computer-readable storage medium having one or more instructions thereon for performing security assessments in an online services system, the instructions when executed by a processor causing the processor to:
- receive an accepted security assessment agreement from a user, wherein the security assessment agreement is associated with a software application utilized in an online services system;
  
  receive configuration data associated with the software application;
  
  receive scanning data associated with the software application; and
  
  send the configuration data and scanning data to one or more security assessment systems.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable storage medium of claim 8, wherein the security assessment agreement permits security assessments on the software application.
  - 10. The computer-readable storage medium of claim 8, wherein the configuration data comprises testing parameters for testing the software application and requirements for starting security assessments on the software application.
  - 11. The computer-readable storage medium of claim 8, wherein the instructions further cause the processor to create a test environment for performing security assessments on the software application.
  - 12. The computer-readable storage medium of claim 8, wherein the instructions further cause the processor to create a test environment for performing security assessments on the software application, wherein the test environment is based on the configuration data.
  - 13. The computer-readable storage medium of claim 8, wherein the instructions further cause the processor to determine if the online services system communicates with an unauthorized computer system
  - 14. The computer-readable storage medium of claim 8, wherein the instructions further cause the processor to create a test environment for performing security assessments on the software application, wherein creating the test environment is conditioned upon receiving the agreement.

15. An apparatus for performing security assessments in an online services system, the apparatus comprising:
- a processor; and
  
  a storage device storing one or more stored sequences of instructions which when executed by the processor cause the processor to;
  
  receive an accepted security assessment agreement from a user, wherein the security assessment agreement is associated with a software application utilized in an online services system;
  
  receive configuration data associated with the software application;
  
  receive scanning data associated with the software application; and
  
  send the configuration data and scanning data to one or more security assessment systems.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15, wherein the security assessment agreement permits security assessments on the software application.
  - 17. The apparatus of claim 15, wherein the configuration data comprises testing parameters for testing the software application and requirements for starting security assessments on the software application.
  - 18. The apparatus of claim 15, wherein the instructions further cause the processor to create a test environment for performing security assessments on the software application.
  - 19. The apparatus of claim 15, wherein the instructions further cause the processor to create a test environment for performing security assessments on the software application, wherein the test environment is based on the configuration data.
  - 20. The apparatus of claim 15, wherein the instructions further cause the processor to determine if the online services system communicates with an unauthorized computer system

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Soby, Brian, Fly, Robert

Granted Patent

US 8,904,541 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 11/3664   Environments for testing or...

G06F 11/3688   for test execution, e.g. sc...

G06F 21/00   Security arrangements for p...

G06F 21/577   Assessing vulnerabilities a...

PERFORMING SECURITY ASSESSMENTS IN AN ONLINE SERVICES SYSTEM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

38 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PERFORMING SECURITY ASSESSMENTS IN AN ONLINE SERVICES SYSTEM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links