System and Method for Managed Security Assessment and Mitigation

US 20170230405A1
Filed: 01/09/2017
Published: 08/10/2017
Est. Priority Date: 03/02/2012
Status: Abandoned Application

First Claim

Patent Images

1. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for managed security assessment and mitigation are disclosed. An example system includes a security management system (SMS), a network device in a system under test (SUT), wherein the network device is privy to traffic in the SUT, and wherein the SMS is privy to traffic that is known by the network device and/or to one or more traffic observations that is known by the network device.

13 Citations

19 Claims

1. (canceled)

2. A method comprising:
- transmitting captured traffic information for a network to a cloud-based scanning system outside an Internet firewall of the network;
  
  in response to detecting a request received from the cloud-based scanning system via a tunnel of the Internet firewall, capturing a network communication sent from a destination of the request; and
  
  transmitting the network communication to the cloud-based scanning system to scan the network communication for security vulnerabilities.
- View Dependent Claims (3, 4, 5, 6, 7)
- - 3. A method as defined in claim 2, further including modifying an application delivery controller to install an extension to accept requests from the cloud-based scanning system that is external from the network.
  - 4. A method as defined in claim 2, wherein the network communication is transmitted within a system under test.
  - 5. A method as defined in claim 4, wherein the tunnel is setup by a network device in the system under test.
  - 6. A method as defined in claim 4, further including receiving the captured traffic information from a network device in the system under test.
  - 7. A method as defined in claim 4, wherein the system under test includes a firewall configured to filter traffic from the Internet to devices in the system under test and to block the request when the request is transmitted to a server in the system under test server by a device outside the system under test.

8. A tangible computer readable storage medium comprising instructions that, when executed, cause a network device to at least:
- transmit captured traffic information for a network to a cloud-based scanning system outside an Internet firewall of the network;
  
  in response to detecting a request received from the cloud-based scanning system via a tunnel of the Internet firewall, capture a network communication sent from a destination of the request; and
  
  transmit the network communication to the cloud-based scanning system to scan the network communication for security vulnerabilities.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. A tangible computer readable storage medium as defined in claim 8, wherein the instructions, when executed, further cause the network device to modify an application delivery controller to install an extension to accept requests from the cloud-based scanning system that is external from the network.
  - 10. A tangible computer readable storage medium as defined in claim 8, wherein the network communication is transmitted within a system under test.
  - 11. A tangible computer readable storage medium as defined in claim 10, wherein the instructions, when executed, cause the network device to setup a tunnel in the system under test.
  - 12. A tangible computer readable storage medium as defined in claim 10, wherein the instructions, when executed, cause the network device to capture the traffic information within the system under test.
  - 13. A tangible computer readable storage medium as defined in claim 10, wherein the system under test includes a firewall configured to filter traffic from the Internet to devices in the system under test and to block the request when the request is transmitted to a server in the system under test server by a device outside the system under test.

14. A system comprising:
- a cloud-based scanning system to scan a network communication; and
  
  a network device within a network of a system under test to;
  
  transmit captured traffic information for the system under test to the cloud-based scanning system outside an Internet firewall of the network;
  
  in response to detecting a request received from the cloud-based scanning system via a tunnel of the Internet firewall, capture a network communication sent from a destination of the request; and
  
  transmit the network communication to the cloud-based scanning system to scan the network communication for security vulnerabilities.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. A system as defined in claim 14, wherein the network device is further to modify an application delivery controller to install an extension to accept requests from the cloud-based scanning system that is external from the network.
  - 16. A system as defined in claim 14, wherein the network communication is transmitted within the system under test.
  - 17. A system as defined in claim 16, wherein network device is to setup the tunnel in the system under test.
  - 18. A system as defined in claim 16, wherein the network device is to capture the traffic information within the system under test.
  - 19. A system as defined in claim 16, further including a firewall configured to filter traffic from the Internet to devices in the system under test and to block the request when the request is transmitted to a server in the system under test server by a device outside the system under test.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trustwave Holdings Incorporated (Singapore Telecommunications Limited)
Original Assignee
Trustwave Holdings Incorporated (Singapore Telecommunications Limited)
Inventors
Parcel, Scott

Application Number

US15/402,200
Publication Number

US 20170230405A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/2358   Change logging, detection, ...

G06F 21/55   Detecting local intrusion o...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/70   Protecting specific interna...

G06F 2221/03   Indexing scheme relating to...

G06F 2221/034   Test or assess a computer o...

H04L 43/50   Testing arrangements

H04L 63/0227   Filtering policies mail mes...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

System and Method for Managed Security Assessment and Mitigation

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Managed Security Assessment and Mitigation

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links