Detecting Software Vulnerabilities in an Isolated Computing Environment
First Claim
1. In a computing environment, a method performed at least in part on at least one processor, comprising, detecting software vulnerabilities using an isolated computing environment, including automatically generating tasks for evaluating an input submission, defining various configurations of one or more computing units that are running within the isolated computing environment, executing the tasks on the one or more computing units, and producing a report associated with the executing of the tasks.
2 Assignments
0 Petitions
Accused Products
Abstract
The subject disclosure is directed towards detecting software vulnerabilities in an isolated computing environment. In order to evaluate each input submission from an external computer, a plurality of tasks are automatically generated for execution on one or more computing units running within the isolated computing environment. Various configurations of the one or more computing units are defined in which each computing unit executes the plurality of tasks. A report is produced comprising results associated with such an execution.
-
Citations
20 Claims
- 1. In a computing environment, a method performed at least in part on at least one processor, comprising, detecting software vulnerabilities using an isolated computing environment, including automatically generating tasks for evaluating an input submission, defining various configurations of one or more computing units that are running within the isolated computing environment, executing the tasks on the one or more computing units, and producing a report associated with the executing of the tasks.
- 10. In a computing environment, a system, comprising, a detection system configured to identify software vulnerabilities using an isolated computing environment, the detection system further configured to segregate one or more computing units from an external computer using a firewall, automatically generate tasks for evaluating an input submission on various configurations of the one or more computing units, and while executing the tasks on the one or more computing units, the detection system further configured to monitor resources within the one or more computing units for the software vulnerabilities.
-
17. One or more computer-readable media having computer-executable instructions, which when executed perform steps, comprising:
-
preventing data communications between one or more computing units from communicating with an external computer except for one or more proxy servers; configuring the one or more computing units to execute tasks on an input submission from the external computer; altering an execution environment of the one or more computing units to cause a crash in response to a software vulnerability; and producing a report comprising results associated with the tasks. - View Dependent Claims (18, 19, 20)
-
Specification