Vulnerability assessment

US 20190311130A1
Filed: 04/10/2018
Published: 10/10/2019
Est. Priority Date: 04/10/2018
Status: Active Grant

First Claim

Patent Images

1. A method for assessing a vulnerability of a network device, the method comprising:

receiving a list of one or more services externally exposed on the network device;

receiving an indication of at least one vulnerability in at least one software package installed on the network device;

determining whether an externally exposed service is associated with a software package that includes at least one vulnerability; and

executing at least one remedial action upon determining that an externally exposed service is associated with a software package that includes at least one vulnerability.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for assessing a vulnerability of a network device. The systems and methods described herein combine data regarding locally discovered vulnerabilities and exposed services with data regarding what executables are provided by software installed on the network device.

Citations

20 Claims

1. A method for assessing a vulnerability of a network device, the method comprising:
- receiving a list of one or more services externally exposed on the network device;
  
  receiving an indication of at least one vulnerability in at least one software package installed on the network device;
  
  determining whether an externally exposed service is associated with a software package that includes at least one vulnerability; and
  
  executing at least one remedial action upon determining that an externally exposed service is associated with a software package that includes at least one vulnerability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein receiving the list of the one or more services externally exposed on the network device includes receiving at least one of a port and a protocol associated with each of the one or more externally exposed services.
  - 3. The method of claim 1, wherein the contents of the vulnerability indication include:
    - a list of services provided by a software package, anda list of ports or protocols to which each of the services provided by the software package are bound; and
      
      determining whether an externally exposed service is associated with a software package that includes at least one vulnerability includes matching at least some of the contents of the vulnerability indication to an externally exposed service.
  - 4. The method of claim 3 wherein receiving the list of one or more services externally exposed on the network device includes receiving data regarding a process responsible for an externally exposed service.
  - 5. The method of claim 4 wherein the contents of the vulnerability indication further include data regarding a process responsible for each of the services provided by a software package.
  - 6. The method of claim 1 further comprising using authentication credentials to connect to a service on the network device.
  - 7. The method of claim 1 wherein executing the at least one remedial action includes elevating the software package for further examination.
  - 8. The method of claim 1 wherein executing the at least one remedial action includes issuing an alert.

9. A system for assessing a vulnerability of a network device, the system comprising:
- an interface configured to receive at least;
  
  a list of one or more services externally exposed on the network device, andan indication of at least one vulnerability in at least one software package installed on the network device;
  
  a memory; and
  
  a vulnerability assessment module configured to execute instructions stored on the memory to;
  
  determine whether an externally exposed service is associated with a software package that includes at least one vulnerability, andexecute at least one remedial action upon determining that an externally exposed service is associated with a software package that includes at least one vulnerability.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9 wherein the received list of the one or more services externally exposed on the network device includes data regarding at least one of a port and a protocol associated with each of the one or more externally exposed services.
  - 11. The system of claim 9 wherein the contents of the vulnerability indication include:
    - a list of services provided by a software package, anda list of ports or protocols to which each of the services provided by the software package are bound; and
      
      the vulnerability assessment module determines whether an externally exposed service is associated with a software package that includes at least one vulnerability by matching at least some of the contents of the vulnerability indication to an externally exposed service.
  - 12. The system of claim 11 wherein the received list of one or more services externally exposed on the network device includes data regarding a process responsible for an externally exposed service.
  - 13. The system of claim 12 wherein the contents of the vulnerability indication further include data regarding a process responsible for each of the services provided by a software package.
  - 14. The system of claim 9 wherein the vulnerability assessment module is further configured to use authentication credentials to connect to a service on the network device.
  - 15. The system of claim 9 wherein the at least one remedial action includes elevating the software package for further examination.
  - 16. The system of claim 9 wherein the at least one remedial action includes issuing an alert via the interface.

17. A computer readable medium containing computer-executable instructions for a method for assessing a vulnerability of a network device, the medium comprising:
- computer-executable instructions for receiving a list of one or more services externally exposed on the network device;
  
  computer-executable instructions for receiving an indication of at least one vulnerability in at least one software package installed on the network device;
  
  computer-executable instructions for determining whether an externally exposed service is associated with a software package that includes at least one vulnerability; and
  
  computer-executable instructions for executing at least one remedial action upon determining that an externally exposed service is associated with a software package that includes at least one vulnerability.
- View Dependent Claims (18, 19, 20)
- - 18. The computer readable medium of claim 17 wherein the computer-executable instructions for receiving the list of the one or more services externally exposed on the network device includes computer-executable instructions for receiving at least one of a port and a protocol associated with one or more externally exposed services.
  - 19. The computer readable medium of claim 17 wherein the contents of the vulnerability indication include:
    - a list of services provided by a software package, anda list of ports or protocols to which each of the services provided by the software packages are bound; and
      
      the computer-executable instructions for determining whether an externally exposed service is associated with a software package that includes at least one vulnerability includes computer-executable instructions for matching at least some of the contents of the vulnerability indication to an externally exposed service.
  - 20. The computer readable medium of claim 19 wherein the received list of one or more services externally exposed on the network device includes data regarding a process responsible for an externally exposed service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Rapid7, Inc.
Original Assignee
Rapid7, Inc.
Inventors
Hodgman, Roy, Hart, Jonathan

Granted Patent

US 11,113,405 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/08   for authentication of entit...

H04L 63/1433   Vulnerability analysis

Vulnerability assessment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Vulnerability assessment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links