REAL-TIME VULNERABILITY MONITORING
First Claim
Patent Images
1. An apparatus, comprising:
- an intrusion prevention system configured to;
receive a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for;
identifying at least one configuration associated with the at least one networked device, anddetermining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable;
cause display, via at least one user interface, a plurality of techniques including a first technique for utilizing an intrusion prevention system component for occurrence mitigation, and a second technique for utilizing a firewall for occurrence mitigation;
allow receipt of;
user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation;
user input causing selection of the second technique for utilizing the firewall for occurrence mitigation;
apply, based on the user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation, the first technique for utilizing the intrusion prevention system component for occurrence mitigation;
apply, based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, the second technique for utilizing the firewall for occurrence mitigation;
identify;
for the at least one networked device, a first occurrence including at least one first occurrence packet, andfor the at least one networked device, a second occurrence including at least one second occurrence packet;
determine;
that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable;
that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and
cause a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable.
0 Assignments
0 Petitions
Accused Products
Abstract
An apparatus is provided including at least one platform; an intrusion prevention system configured to communicative couple with the at least one platform; a firewall configured to communicative couple with the at least one platform; at least one first data storage configured to communicative couple with the at least one platform; and at least one second data storage configured to communicative couple with the at least one platform. The at least one platform is configured to perform a plurality of operations that collective protect one or more networked devices.
-
Citations
18 Claims
-
1. An apparatus, comprising:
-
an intrusion prevention system configured to; receive a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; cause display, via at least one user interface, a plurality of techniques including a first technique for utilizing an intrusion prevention system component for occurrence mitigation, and a second technique for utilizing a firewall for occurrence mitigation; allow receipt of; user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation; user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; apply, based on the user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation, the first technique for utilizing the intrusion prevention system component for occurrence mitigation; apply, based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, the second technique for utilizing the firewall for occurrence mitigation; identify; for the at least one networked device, a first occurrence including at least one first occurrence packet, and for the at least one networked device, a second occurrence including at least one second occurrence packet; determine; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and cause a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus, comprising:
-
at least one platform; an intrusion prevention system configured to communicative couple with the at least one platform; a firewall configured to communicative couple with the at least one platform; at least one first data storage configured to communicative couple with the at least one platform; and at least one second data storage configured to communicative couple with the at least one platform; said at least one platform configured to; receive a result of at least one operation in connection with at least one of a plurality of networked devices, the at least one operation based on first information from the at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in the at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; cause display, via at least one user interface, a plurality of techniques including a first technique for utilizing the intrusion prevention system for occurrence mitigation, a second technique for utilizing the firewall for occurrence mitigation; allow receipt of; user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, and user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, automatically apply the first technique for utilizing the intrusion prevention system for occurrence mitigation; based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, automatically apply the second technique for utilizing the firewall for occurrence mitigation; cause identification of; in connection with the at least one networked device, a first occurrence including at least one first occurrence packet directed to the at least one networked device, and in connection with the at least one networked device, a second occurrence including at least one second occurrence packet directed to the at least one networked device; determine; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and cause a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. An intrusion prevention system, comprising:
-
means for receiving a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; means for causing display of, via at least one user interface, a plurality of techniques including a first technique for utilizing an intrusion prevention system for occurrence mitigation, and a second technique for utilizing a firewall for occurrence mitigation; means for receiving user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation and user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; means for;
based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, applying the first technique for utilizing the intrusion prevention system for occurrence mitigation; and
based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, applying the second technique for utilizing the firewall for occurrence mitigation;means for identifying; for the at least one networked device, a first occurrence including at least one first occurrence packet, and for the at least one networked device, a second occurrence including at least one second occurrence packet; code for determining; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable, and that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and means for causing a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification