SYSTEM AND METHOD OF IDENTIFYING INTERNET-FACING ASSETS
First Claim
1. A method comprising:
- receiving a seed at a computing device, wherein the seed identifies a domain name system (DNS) name server, a whois contact, an autonomous system number (ASN), a domain name, or a combination thereof;
identifying, based on first DNS data retrieved from a DNS database based on the seed, first border gateway protocol (BGP) data retrieved from a BGP database based on the seed, first whois data retrieved from a whois database based on the seed, or a combination thereof, a plurality of first internet-facing assets related to the seed;
identifying, based on second DNS data retrieved from the DNS database based on at least one of the plurality of first internet-facing assets, second BGP data retrieved from the BGP database based on the at least one first internet-facing asset, second whois data retrieved from the whois database based on the at least one first internet-facing asset, or a combination thereof, a plurality of second internet-facing assets related to the at least one first internet-facing asset; and
generating a graphical user interface (GUI) that includes a list of internet-facing assets related to the seed, wherein the list includes the plurality of first internet-facing assets and the plurality of second internet-facing assets.
3 Assignments
0 Petitions
Accused Products
Abstract
A method includes receiving a seed at a computing device. The method further includes identifying, based on first domain name system (DNS) data, first border gateway protocol (BGP) data, first whois data, or a combination thereof, a plurality of first internet-facing assets related to the seed. The method further includes identifying, based on second DNS data, second BGP data, second whois data, or a combination thereof, a plurality of second internet-facing assets related to at least one of the first internet-facing assets. The method further includes generating a graphical user interface (GUI) that includes a list of internet-facing assets related to the seed, where the list includes the plurality of first internet-facing assets and the plurality of second internet-facing assets.
129 Citations
21 Claims
-
1. A method comprising:
-
receiving a seed at a computing device, wherein the seed identifies a domain name system (DNS) name server, a whois contact, an autonomous system number (ASN), a domain name, or a combination thereof; identifying, based on first DNS data retrieved from a DNS database based on the seed, first border gateway protocol (BGP) data retrieved from a BGP database based on the seed, first whois data retrieved from a whois database based on the seed, or a combination thereof, a plurality of first internet-facing assets related to the seed; identifying, based on second DNS data retrieved from the DNS database based on at least one of the plurality of first internet-facing assets, second BGP data retrieved from the BGP database based on the at least one first internet-facing asset, second whois data retrieved from the whois database based on the at least one first internet-facing asset, or a combination thereof, a plurality of second internet-facing assets related to the at least one first internet-facing asset; and generating a graphical user interface (GUI) that includes a list of internet-facing assets related to the seed, wherein the list includes the plurality of first internet-facing assets and the plurality of second internet-facing assets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-readable storage device storing instructions that, when executed by a processor, cause the processor to perform operations including:
-
receiving a seed at a computing device; identifying, based on first domain name system (DNS) data, first border gateway protocol (BGP) data, first whois data, or a combination thereof, a plurality of first internet-facing assets related to the seed; identifying, based on second DNS data, second BGP data, second whois data, or a combination thereof, a plurality of second internet-facing assets related to at least one of the plurality of first internet-facing assets; generating a graphical user interface (GUI) that includes a list of internet-facing assets related to the seed, wherein the list includes the plurality of first internet-facing assets and the plurality of second internet-facing assets; receiving input via the GUI, the input indicating that a particular internet-facing asset is to be added to a scanning list; scanning the particular internet-facing asset; and generating an alert in response to determining, based on scanning the particular internet-facing asset, that the particular internet-facing asset violates a policy. - View Dependent Claims (21)
-
-
19. (canceled)
-
20. An apparatus comprising:
-
a processor; and memory storing instructions that, when executed by the processor, cause the processor to perform operations including; receiving a seed at a computing device; identifying, based on first domain name system (DNS) data, first border gateway protocol (BGP) data, first whois data, or a combination thereof, a plurality of first internet-facing assets related to the seed; identifying, based on second DNS data, second BGP data, second whois data, or a combination thereof, a plurality of second internet-facing assets related to at least one of the plurality of first internet-facing assets; generating a graphical user interface (GUI) that includes a list of internet-facing assets related to the seed, wherein the list includes the plurality of first internet-facing assets and the plurality of second internet-facing assets; and accessing at least one of the plurality of first internet-facing assets or the plurality of second internet-facing assets based on one or more proxy servers to simulate requests from different geographic regions, different domains, different user agents, or a combination thereof.
-
Specification