System and method for web-based log analysis
First Claim
Patent Images
1. A method for web-based log analysis comprising the steps of:
- storing log data of one or more devices;
determining a vulnerability exists at a device, the device being one of the one or more devices;
determining a trace related to the vulnerability, wherein determining the trace comprises;
executing an exploit related to the vulnerability;
monitoring log data created responsive to executing the exploit; and
generating the trace based upon the log data;
scanning the log data of the device for the trace; and
in response to finding the trace in the log data of the device, determining the device is vulnerable to the exploit related to the vulnerability.
1 Assignment
0 Petitions
Accused Products
Abstract
The technology described herein provides a novel system and method for web-based log analysis. The analysis combines the benefits of typical log monitoring systems with those of typical vulnerability managements systems. The synergy of the combined log monitoring and vulnerability management results in a single provider detecting vulnerability and subsequently accessing archived log data to detect if the vulnerability has been exploited in the past, identifying compromised machines for customers.
-
Citations
17 Claims
-
1. A method for web-based log analysis comprising the steps of:
-
storing log data of one or more devices; determining a vulnerability exists at a device, the device being one of the one or more devices; determining a trace related to the vulnerability, wherein determining the trace comprises; executing an exploit related to the vulnerability; monitoring log data created responsive to executing the exploit; and generating the trace based upon the log data; scanning the log data of the device for the trace; and in response to finding the trace in the log data of the device, determining the device is vulnerable to the exploit related to the vulnerability. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17)
-
-
9. A system for web-based log analysis comprising:
-
one or more hardware processors configured to; store log data of one or more devices; determine a vulnerability exists at a device, the device being one of the one or more devices; determine a trace related to the vulnerability, wherein determining the trace comprises; executing an exploit related to the vulnerability; monitoring log data created responsive to executing the exploit; generating the trace based upon the log data; scan the log data of the device for the trace, and in response to finding the trace in the log data of the device, determine the device is vulnerable to the exploit related to the vulnerability. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification