System and method for network vulnerability detection and reporting
First Claim
1. A method comprising:
- identifying a set of active computer devices on a network;
assessing each computer device in the set against a first vulnerability in a plurality of known vulnerabilities, wherein each vulnerability in the plurality of known vulnerabilities has a corresponding vulnerability script adapted to perform an automated assessment of a computer device against the respective vulnerability, and assessing each computer device against the first vulnerability includes executing a first vulnerability script;
storing, in memory, results of the assessments of each computer device in the set against the first vulnerability as returned from the executed first vulnerability script; and
providing at least a portion of the results for use by a second vulnerability script in an automated assessment of at least a portion of the computer devices in the set against a second vulnerability included in the plurality of known vulnerabilities, wherein the results identify that the portion of the computer devices include one or more of a set of characteristics capable of being exploited during execution of the second vulnerability script to determine whether the second vulnerability is present on at least the portion of the computer devices in the set.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
155 Citations
18 Claims
-
1. A method comprising:
-
identifying a set of active computer devices on a network; assessing each computer device in the set against a first vulnerability in a plurality of known vulnerabilities, wherein each vulnerability in the plurality of known vulnerabilities has a corresponding vulnerability script adapted to perform an automated assessment of a computer device against the respective vulnerability, and assessing each computer device against the first vulnerability includes executing a first vulnerability script; storing, in memory, results of the assessments of each computer device in the set against the first vulnerability as returned from the executed first vulnerability script; and providing at least a portion of the results for use by a second vulnerability script in an automated assessment of at least a portion of the computer devices in the set against a second vulnerability included in the plurality of known vulnerabilities, wherein the results identify that the portion of the computer devices include one or more of a set of characteristics capable of being exploited during execution of the second vulnerability script to determine whether the second vulnerability is present on at least the portion of the computer devices in the set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
identifying a set of active computer devices on a network; assessing each computer device in the set against a first vulnerability in a plurality of known vulnerabilities, wherein each vulnerability in the plurality of known vulnerabilities has a corresponding vulnerability script adapted to perform an automated assessment of a computer device against the respective vulnerability, and assessing each computer device against the first vulnerability includes executing a first vulnerability script; storing, in memory, results of the assessments of each computer device in the set against the first vulnerability as returned from the executed first vulnerability script; and providing at least a portion of the results for use by a second vulnerability script in an automated assessment of at least a portion of the computer devices in the set against a second vulnerability included in the plurality of known vulnerabilities, wherein the results identify that the portion of the computer devices include one or more of a set of characteristics capable of being exploited during execution of the second vulnerability script to determine whether the second vulnerability is present on at least the portion of the computer devices in the set.
-
-
17. A system comprising:
-
at least one processor device; at least one memory element; and a network security engine, adapted when executed by the at least one processor device to; identify a set of active computer devices on a network; assess each computer device in the set against a first vulnerability in a plurality of known vulnerabilities, wherein each vulnerability in the plurality of known vulnerabilities has a corresponding vulnerability script adapted to perform an automated assessment of a computer device against the respective vulnerability, and assessing each computer device against the first vulnerability includes executing a first vulnerability script; store, in memory, results of the assessments of each computer device in the set against the first vulnerability as returned from the executed first vulnerability script; and provide at least a portion of the results for use by a second vulnerability script in an automated assessment of at least a portion of the computer devices in the set against a second vulnerability included in the plurality of known vulnerabilities, wherein the results identify that the portion of the computer devices include one or more of a set of characteristics capable of being exploited during execution of the second vulnerability script to determine whether the second vulnerability is present on at least the portion of the computer devices in the set. - View Dependent Claims (18)
-
Specification