System and method for network vulnerability detection and reporting
First Claim
1. A system comprising:
- a processor;
a scanning module executable by the processor to scan a target network to identify security vulnerabilities within specific host computers of the target network, wherein the scanning module is responsive to identification of a security vulnerability within a host computer by generating a vulnerability record that specifies the vulnerability and the host computer;
a vulnerability record management module executable by the processor to provide functionality for assigning the vulnerability records to specific users for correction of the security vulnerabilities specified therein, and to further provide functionality for tracking a status of each such vulnerability record; and
a fix verification module executable by the processor to perform a vulnerability-record-specific vulnerability test to evaluate whether the security vulnerability specified by the vulnerability record has been corrected within a corresponding host computer;
wherein the system is operable such that the vulnerability record is capable of being used to track user actions taken with respect to remedying the vulnerability;
wherein the vulnerability record management module is executable by the processor to inhibit closure of the vulnerability record for which the fix verification module has not yet verified correction of the security vulnerability;
wherein use of the vulnerability record enables the avoidance of a rescanning of the host computer to determine whether the security vulnerability has been corrected;
wherein the vulnerability record includes a plurality of fields including a user to which the vulnerability record has been assigned;
wherein the scanning module tests a target host computer for each of a plurality of vulnerabilities, and the fix verification module performs the vulnerability-record-specific vulnerability test of the target host computer without re-testing for all of the plurality of vulnerabilities.
13 Assignments
0 Petitions
Accused Products
Abstract
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
139 Citations
18 Claims
-
1. A system comprising:
-
a processor; a scanning module executable by the processor to scan a target network to identify security vulnerabilities within specific host computers of the target network, wherein the scanning module is responsive to identification of a security vulnerability within a host computer by generating a vulnerability record that specifies the vulnerability and the host computer; a vulnerability record management module executable by the processor to provide functionality for assigning the vulnerability records to specific users for correction of the security vulnerabilities specified therein, and to further provide functionality for tracking a status of each such vulnerability record; and a fix verification module executable by the processor to perform a vulnerability-record-specific vulnerability test to evaluate whether the security vulnerability specified by the vulnerability record has been corrected within a corresponding host computer; wherein the system is operable such that the vulnerability record is capable of being used to track user actions taken with respect to remedying the vulnerability; wherein the vulnerability record management module is executable by the processor to inhibit closure of the vulnerability record for which the fix verification module has not yet verified correction of the security vulnerability; wherein use of the vulnerability record enables the avoidance of a rescanning of the host computer to determine whether the security vulnerability has been corrected; wherein the vulnerability record includes a plurality of fields including a user to which the vulnerability record has been assigned; wherein the scanning module tests a target host computer for each of a plurality of vulnerabilities, and the fix verification module performs the vulnerability-record-specific vulnerability test of the target host computer without re-testing for all of the plurality of vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of network security vulnerability testing, comprising:
-
scanning each of a plurality of host computers on a target network to test for an existence of known security vulnerabilities within the host computers, the scanning performed by a processor; in response to detection of a security vulnerability within a host computer, generating a vulnerability record that is specific to the host computer, the vulnerability record specifying the detected security vulnerability; and providing a user interface through which user actions taken with respect to the vulnerability record may be tracked, and through which a vulnerability-record-specific fix verification test may be initiated to determine whether the detected security vulnerability specified by the vulnerability record has been corrected within the host computer; wherein the vulnerability record provides functionality for assigning the vulnerability record to a specific user for correction of the security vulnerability specified therein, and further provides functionality for tracking a status of the vulnerability record; wherein use of the vulnerability record enables the avoidance of a rescanning of the host computer to determine whether the detected security vulnerability has been eliminated; wherein the vulnerability record includes a plurality of fields including a user to which the vulnerability record has been assigned; wherein closure of the vulnerability record for which the vulnerability-record-specific fix verification test has not yet verified correction of the security vulnerability is inhibited; wherein the vulnerability-record-specific fix verification test is performed without re-testing for all security vulnerabilities assessed during scanning. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer readable medium having computer code stored thereon, the computer readable medium, comprising:
-
computer code for scanning a plurality of host computers on a target network to test for an existence of known security vulnerabilities within the host computers; computer code for generating a vulnerability record that is specific to a host computer in response to detection of a security vulnerability within a host computer, the vulnerability record specifying the detected security vulnerability; and computer code for inhibiting closure of the vulnerability record for a vulnerability which has not yet been corrected; wherein the vulnerability record provides functionality for assigning the vulnerability record to a specific user for correction of the security vulnerability specified therein, and further provides functionality for tracking a status of the vulnerability record; wherein the computer code is operable such that the vulnerability record is capable of being used to track user actions taken with respect to correcting the vulnerability; wherein computer code is operable such that a vulnerability-record-specific fix verification test is initiated to determine whether the detected security vulnerability specified by the vulnerability record has been corrected within the host computer; wherein computer code is operable such that use of the vulnerability record enables the avoidance of a rescanning of the host computer to determine whether the detected security vulnerability has been corrected; wherein the vulnerability record includes a plurality of fields including a user to which the vulnerability record has been assigned; wherein computer code is operable such that the vulnerability-record-specific fix verification test is performed without re-testing for all security vulnerabilities assessed during scanning. - View Dependent Claims (17, 18)
-
Specification