System and method for network vulnerability detection and reporting
First Claim
1. A method comprising:
- sending a set of TCP packets to one or more computer devices in a plurality of computer devices on a network;
sending a set of UDP packets to one or more computer devices in the plurality of computer devices;
identifying responsive computer devices among the plurality of computer devices based at least in part on responses received to the sent sets of TCP packets and UDP packets;
identifying vulnerabilities of the responsive computer devices; and
determining a security score for the plurality of computer devices based at least in part on the identified vulnerabilities, wherein the security score is to indicate a relative security of the plurality of computer devices and is dependent on a vulnerability exposure level determined for the plurality of computer devices based at least in part on information included in the responses.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
279 Citations
19 Claims
-
1. A method comprising:
-
sending a set of TCP packets to one or more computer devices in a plurality of computer devices on a network; sending a set of UDP packets to one or more computer devices in the plurality of computer devices; identifying responsive computer devices among the plurality of computer devices based at least in part on responses received to the sent sets of TCP packets and UDP packets; identifying vulnerabilities of the responsive computer devices; and determining a security score for the plurality of computer devices based at least in part on the identified vulnerabilities, wherein the security score is to indicate a relative security of the plurality of computer devices and is dependent on a vulnerability exposure level determined for the plurality of computer devices based at least in part on information included in the responses. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. At least one non-transitory, machine-accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
send a set of TCP packets to one or more computer devices in a plurality of computer devices on a network; send a set of UDP packets to one or more computer devices in the plurality of computer devices; identify responsive computer devices among the plurality of computer devices based at least in part on responses received to the sent sets of TCP packets and UDP packets; identify vulnerabilities of the responsive computer devices; and determining a security score for the plurality of computer devices based at least in part on the identified vulnerabilities, wherein the security score is to indicate a relative security of the plurality of computer devices and is dependent on a vulnerability exposure level determined for the plurality of computer devices based at least in part on information included in the responses.
-
-
19. A system comprising:
-
at least one processor device; at least one memory element; and a network security engine, adapted when executed by the at least one processor device to; send a set of TCP packets to one or more computer devices in a plurality of computer devices on a network; send a set of UDP packets to one or more computer devices in the plurality of computer devices; identify responsive computer devices among the plurality of computer devices based at least in part on responses received to the sent sets of TCP packets and UDP packets; identify vulnerabilities of the responsive computer devices; and determine a security score for the plurality of computer devices based at least in part on the identified vulnerabilities, wherein the security score is to indicate a relative security of the plurality of computer devices and is dependent on a vulnerability exposure level determined for the plurality of computer devices based at least in part on information included in the responses.
-
Specification