Systems and Methods for Security And Risk Assessment And Testing Of Applications
First Claim
1. An application security system, the system comprising:
- an application security server having a processing device in communication with one or more storage systems;
a plurality of computing devices, the computing devices executing a plurality of application instances configured to receive and transmit information over a network; and
a security testing system including a plurality of security test modules, wherein the test modules include a first test module associated with a first application associated with one or more of the application instances; and
wherein the processing device of the application security server;
retrieves information about the first application, the information including current dependency information of the first application,calculates a security risk score for the first application, the security risk score calculated based on the information about the first application,determines a security priority level associated with first application, the security priority level of the first application being based on the security risk score for the first application, andassociates the security priority level of the first application with the first application in a database of application security information.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided herein are systems and methods for monitoring and assessing the security and risk presented by applications deployed in a complex computing environment. An exemplary application security system includes a server having a processing device in communication with storage systems, computing devices executing application instances configured to receive and transmit information over a network, and a security testing system including a first test module that is associated with a first application, which is associated with one or more of the application instances. The processing device of the server retrieves information about the first application, including current dependency information of the first application, calculates a security risk score for the first application based on the information, determines a security priority level associated with first application, and associates the security priority level of the first application with the first application in a database of application security information.
137 Citations
20 Claims
-
1. An application security system, the system comprising:
-
an application security server having a processing device in communication with one or more storage systems; a plurality of computing devices, the computing devices executing a plurality of application instances configured to receive and transmit information over a network; and a security testing system including a plurality of security test modules, wherein the test modules include a first test module associated with a first application associated with one or more of the application instances; and wherein the processing device of the application security server; retrieves information about the first application, the information including current dependency information of the first application, calculates a security risk score for the first application, the security risk score calculated based on the information about the first application, determines a security priority level associated with first application, the security priority level of the first application being based on the security risk score for the first application, and associates the security priority level of the first application with the first application in a database of application security information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An application security system, comprising:
-
a processing device in communication with one or more storage devices, the one or more storage devices including instructions stored thereon; and a network interface enabling the processing device to communicate over a network with one or more other devices, and wherein the processing device executes the instructions to; receive, over the network, a list of applications deployed in a computing environment; calculate a security risk score for a first application included in the list of applications; determine a security priority level associated with first application, the security priority level of the first application being based on the security risk score for the first application; and transmit a prioritized list of applications deployed in the computing environment to a client device over the network for display to a user of the client device in a user interface. - View Dependent Claims (12, 13, 14)
-
-
15. A method comprising:
-
receiving, by a processing device of a first computing device and over a network, application security information associated with a first application; calculating a security risk score for a first application based on the application security information received over the network; generating a security testing regime recommendation for the first application based on the calculated security risk score; and transmitting the security testing regime recommendation over the network to a second computing device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification