Web application exploit mitigation in an information technology environment
First Claim
1. A method for facilitating security in an information technology environment, the method comprising:
- inspecting, by a processor, behavior of a web application during execution thereof in the information technology environment, the inspecting determining whether a security vulnerability associated with execution of the web application in the information technology environment exists based on comparing baseline behavior of the web application to behavior of the web application observed in response to executing modified versions of requests issued to the web application to generate the baseline behavior; and
responsive to determining that the security vulnerability exists, generating at least one virtual patch, the at least one virtual patch comprising one or more logical pattern expressions representative of the security vulnerability determined based on the behavior of the web application during execution thereof, and the at least one virtual patch for patching one or more infrastructure components of the information technology environment to prevent exploitation of the security vulnerability in the information technology environment.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer program products are provided herein for facilitating security in an information technology environment. Web application security vulnerabilities are discovered and addressed by means of virtual patches deployed to components of the information technology environment. An intelligent feedback loop is created to fill the void in the security of the web application when implemented in the specific information technology environment, thereby providing end-to-end security application management through dynamic, pre-emptive, and proactive security awareness and protection in the information technology environment. As new web application security vulnerabilities are discovered, the vulnerability is diagnosed and resolved to preemptively prevent exploitation of the security vulnerability.
38 Citations
25 Claims
-
1. A method for facilitating security in an information technology environment, the method comprising:
-
inspecting, by a processor, behavior of a web application during execution thereof in the information technology environment, the inspecting determining whether a security vulnerability associated with execution of the web application in the information technology environment exists based on comparing baseline behavior of the web application to behavior of the web application observed in response to executing modified versions of requests issued to the web application to generate the baseline behavior; and responsive to determining that the security vulnerability exists, generating at least one virtual patch, the at least one virtual patch comprising one or more logical pattern expressions representative of the security vulnerability determined based on the behavior of the web application during execution thereof, and the at least one virtual patch for patching one or more infrastructure components of the information technology environment to prevent exploitation of the security vulnerability in the information technology environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer system for facilitating security in an information technology environment, the computer system comprising:
-
a memory; and a processor, in communications with the memory, wherein the computer system is configured to perform; inspecting behavior of a web application during execution thereof in the information technology environment, the inspecting, determining whether a security vulnerability associated with execution of the web application in the information technology environment exists based on comparing baseline behavior of the web application to behavior of the web application observed in response to executing modified versions of requests to the web application to generate the baseline behavior; and responsive to determining that the security vulnerability exists, generating at least one virtual patch, the at least one Virtual patch comprising one or more logical pattern expressions representative of the security vulnerability determined based on the behavior of the web application during execution thereof, and the at least one virtual patch for patching one or more infrastructure components of the information technology environment to prevent exploitation of the security vulnerability in the information technology environment. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A computer program product for facilitating security in an information technology environment, the computer program product comprising:
-
computer readable program code configured to inspect behavior of a web application during execution thereof in the information technology environment, the inspecting whether a security vulnerability associated with execution of the web application in the information technology environment exists based on comparing baseline behavior of the web application to behavior of the web application observed in response to executing modified versions of requests issues to the web application to generate the baseline behavior; and computer readable program code configured to, responsive to determining that the security vulnerability exists, generate at least one virtual patch, the at least one virtual patch comprising one or more logical pattern expressions representative of the security vulnerability determined based on the behavior of the web application during execution thereof, and the at least one virtual patch for patching one or more infrastructure components of the information technology environment to prevent exploitation of the security vulnerability in the information technology environment. - View Dependent Claims (22, 23, 24)
-
-
25. A method for facilitating on demand security in an information technology environment of a customer, the method comprising:
-
responsive to a customer request, inspecting behavior of a web application during execution thereof in the information technology environment of the customer, the inspecting determining whether a security vulnerability associated with execution of the web application in the information technology environment of the customer exists based on comparing baseline behavior of the web application to behavior of the web application observed in response to executing modified versions of requests issued to the web application to generate the baseline behavior; and responsive to determining that the security vulnerability exists, generating at least one virtual patch, the at least one virtual patch comprising one or more logical pattern expressions representative of the security vulnerability determined based on the behavior of the web application during execution thereof, and the at least one virtual patch to be provided to the customer for patching one or more infrastructure components of the information technology environment of the customer to prevent exploitation of the security vulnerability in the information technology environment of the customer.
-
Specification