SYSTEM AND METHOD FOR IDENTIFYING NETWORK SECURITY THREATS AND ASSESSING NETWORK SECURITY

US 20180018465A1
Filed: 07/18/2017
Published: 01/18/2018
Est. Priority Date: 07/18/2016
Status: Active Grant

First Claim

Patent Images

1. (canceled)

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of security assessment of a network is described. The system may include one or more security assessment computers controlled by a security assessor, and connected to a network, and first executable program code for acting as an agent on a first end device on the network. The first executable program code is configured to be executed by a browser application of the first end device, and is configured to collect software information, hardware information, and/or vulnerability information of the first end device and transmit the same to a first security assessment computer of the one or more security assessment computers. The information may be transmitted as part of a domain name server (DNS) request. The DNS request may include information identifying the first end device to thus allow modification of the first end device in response to analysis of the collected information.

42 Citations

View as Search Results

21 Claims

1. (canceled)
- View Dependent Claims (11, 12)
- - 11. The method of claim 1, wherein:
    - the first executable program code is configured to be automatically deleted from the first end device.
  - 12. The method of claim 11, wherein:
    - the first executable program code is configured to be stored in a browser cache of the first end device.

2. A method for security assessment of a computer network, the method comprising:
- transmitting a first executable program code from a security assessor that controls one or more security assessment computers on a network to a first end device on the network, the first executable program code for acting as an agent on the first end device, and the first executable program code configured to be executed by a browser application of the first end device,wherein the first executable program code is configured to collect software and/or hardware attribute information regarding the first end device and transmit the same to at least a first security assessment computer of the one or more security assessment computers.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
- - 3. The method of claim 2, wherein:
    - the first executable program code is configured to form a URL that is used to include the software and/or hardware attribute information.
  - 4. The method of claim 2, wherein:
    - the first executable program code is configured to collect vulnerability information of the first end device; and
      
      the vulnerability information of the first end device is received by at least the first security assessment computer.
  - 5. The method of claim 4, further comprising:
    - transmitting a second executable program code from the security assessor to the first end device, the second executable program code for acting as an agent on the first end device, and the second executable program code configured to be executed by a browser application of the first end device,wherein the second executable program code is configured to run a security test on the first end device.
  - 6. The method of claim 5, wherein:
    - the second executable program code is selected based on the vulnerability information of the first end device received by at least the first security assessment computer.
  - 7. The method of claim 5, wherein:
    - the security test performs one or more of;
      
      exfiltration, destruction of data, or modification of data.
  - 8. The method of claim 5, wherein:
    - the security test performs denial of access to information.
  - 9. The method of claim 5, wherein:
    - the second executable program code is configured to be automatically deleted from the first end device.
  - 10. The method of claim 9, wherein:
    - the second executable program code is configured to be stored in a browser cache of the first end device.

13. A method for security assessment of a computer network, the method comprising:
- receiving a first executable program code at a first end device on the computer network, the first executable program code for acting as an agent on the first end device, and the first executable program code configured to be executed by a browser application of the first end device;
  
  executing the first executable program code via the browser application to collect software and/or hardware attribute information regarding the first end device; and
  
  transmitting the software and/or hardware attribute information from the first end device to at least a first security assessment computer of a security assessor.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, wherein:
    - the first executable program code is configured to form a URL that is used to include the software and/or hardware attribute information.
  - 15. The method of claim 13, wherein:
    - the first executable program code is configured to collect vulnerability information of the first end device; and
      
      the vulnerability information of the first end device is sent to at least the first security assessment computer.
  - 16. The method of claim 15, further comprising:
    - receiving a second executable program code from the security assessor at the first end device, the second executable program code for acting as an agent on the first end device, and the second executable program code configured to be executed by the browser application of the first end device; and
      
      executing the second executable program code by the browser application to run a security test on the first end device.
  - 17. The method of claim 16, wherein:
    - the second executable program code is selected based on the vulnerability information of the first end device sent to at least the first security assessment computer.
  - 18. The method of claim 17, further comprising:
    - displaying results of the security test on the first end device;
      
      selecting an artifact from the displayed results; and
      
      automatically querying a third party security database based on the selected artifact for security information related to the artifact.

19. A method comprising:
- loading a program code into a plurality of browsers at end user devices of an entity'"'"'s network;
  
  using the program code performing a vulnerability assessment that determines vulnerabilities of the entity'"'"'s network;
  
  based on the determined vulnerabilities, performing a set of security tests on the end user devices that include those vulnerabilities.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19, wherein performing the vulnerability assessment further includes:
    - sending information from the vulnerability assessment from the end user devices to a security assessment server as part of a URL.
  - 21. The method of claim 19, wherein performing the set of security tests includes:
    - sending a script to each of the end user devices, the script configured to execute in a browser and perform a security assessment using the browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Reliaquest Holdings, LLC
Original Assignee
vThreat, Inc. (ReliaQuest LLC)
Inventors
Carey, Marcus J., Oyeniyi, Tolulope

Granted Patent

US 10,395,040 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/50   Monitoring users, programs ...

G06F 21/53   by executing in a restricte...

G06F 21/55   Detecting local intrusion o...

G06F 21/562   Static detection

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1433   Vulnerability analysis

SYSTEM AND METHOD FOR IDENTIFYING NETWORK SECURITY THREATS AND ASSESSING NETWORK SECURITY

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR IDENTIFYING NETWORK SECURITY THREATS AND ASSESSING NETWORK SECURITY

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links