AUTOMATED NETWORK INTERFACE ATTACK RESPONSE
First Claim
1. A method of scanning for security threats, the method comprising:
- detecting, in real-time, an attack on a web interface of a computing system having a plurality of web interfaces;
gathering data on the attack;
determining variants of the attack based on data of the attack, wherein the variants are a subset of a predetermined set of attack variants;
scanning, based on the attack, the web interface with the variants of the attack;
determining vulnerability of the web interface to the variants of the attack; and
responding to the attack without human intervention based on the determined vulnerability of the web interface to the variants of the attack.
1 Assignment
0 Petitions
Accused Products
Abstract
An attack upon a web interface is detected in real-time. The web interface is one of many web interfaces across many ports across many computer systems within a network. Data on the attack is gathered. The attack data includes traffic data. Variants of the attack are determined based on data of the attack. The variants are selected from a predetermined set of attack variants. The attacked interface is scanned with the selected attack variants. The web interface is identified as vulnerable to at least one variant of the attack. In response to this identification, the attack is responded to without human intervention.
-
Citations
20 Claims
-
1. A method of scanning for security threats, the method comprising:
-
detecting, in real-time, an attack on a web interface of a computing system having a plurality of web interfaces; gathering data on the attack; determining variants of the attack based on data of the attack, wherein the variants are a subset of a predetermined set of attack variants; scanning, based on the attack, the web interface with the variants of the attack; determining vulnerability of the web interface to the variants of the attack; and responding to the attack without human intervention based on the determined vulnerability of the web interface to the variants of the attack. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system comprising:
-
a memory; and one or more processing circuits communicatively coupled to the memory, wherein the one or more processing circuits are configured to; detect, in real-time, an attack on a web interface of a computing system having a plurality of web interfaces; gather data on the attack; determine variants of the attack based on data of the attack, wherein the variants are a subset of a predetermined set of attack variants; scan, based on the attack, the web interface with the variants of the attack; determine vulnerability of the web interface to the variants of the attack; and respond to the attack without human intervention based on the determined vulnerability of the web interface to the variants of the attack. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer program product for scanning for security threats, the computer program product disposed upon a computer readable storage medium, the computer program product comprising computer program instructions that, when executed by a computer processor of a computer, cause the computer to:
-
detect, in real-time, an attack on a web interface of a computing system having a plurality of web interfaces; gather data on the attack; determine variants of the attack based on data of the attack, wherein the variants are a subset of a predetermined set of attack variants; scan, based on the attack, the web interface with the variants of the attack; determine vulnerability of the web interface to the variants of the attack; and respond to the attack without human intervention based on the determined vulnerability of the web interface to the variants of the attack. - View Dependent Claims (17, 18, 19, 20)
-
Specification