System and Method for Managed Security Assessment and Mitigation
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for managed security assessment and mitigation are disclosed. An example system includes a security management system (SMS), a network device in a system under test (SUT), wherein the network device is privy to traffic in the SUT, and wherein the SMS is privy to traffic that is known by the network device and/or to one or more traffic observations that is known by the network device.
13 Citations
19 Claims
-
1. (canceled)
-
2. A method comprising:
-
transmitting captured traffic information for a network to a cloud-based scanning system outside an Internet firewall of the network; in response to detecting a request received from the cloud-based scanning system via a tunnel of the Internet firewall, capturing a network communication sent from a destination of the request; and transmitting the network communication to the cloud-based scanning system to scan the network communication for security vulnerabilities. - View Dependent Claims (3, 4, 5, 6, 7)
-
-
8. A tangible computer readable storage medium comprising instructions that, when executed, cause a network device to at least:
-
transmit captured traffic information for a network to a cloud-based scanning system outside an Internet firewall of the network; in response to detecting a request received from the cloud-based scanning system via a tunnel of the Internet firewall, capture a network communication sent from a destination of the request; and transmit the network communication to the cloud-based scanning system to scan the network communication for security vulnerabilities. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A system comprising:
-
a cloud-based scanning system to scan a network communication; and a network device within a network of a system under test to; transmit captured traffic information for the system under test to the cloud-based scanning system outside an Internet firewall of the network; in response to detecting a request received from the cloud-based scanning system via a tunnel of the Internet firewall, capture a network communication sent from a destination of the request; and transmit the network communication to the cloud-based scanning system to scan the network communication for security vulnerabilities. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification