Method and apparatus for security assessment of a computing platform
First Claim
Patent Images
1. A system for detecting security vulnerabilities in a computing platform, the computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to the one or more front end components to fulfill the services, the system comprising:
- one or more first monitoring modules communicatively linked to the one or more front end components, and operatively configured to monitor the one or more front end components while communicating data with the one or more front end components;
one or more second monitoring modules communicatively linked to the one or more back end components, and operatively configured to monitor the one or more back end components while the one or more back end components supply required information to the one or more front end components;
wherein the one or more first monitoring modules is further operatively configured to communicate data of a testing type with the one or more front end components via a communication protocol and monitors activities of the one or more front end components via a protocol other than the communication protocol while communicating the data with the one or more front end components, while the one or more second monitoring modules monitor activities of the one or more back end components responsive to communicating the data;
wherein information extracted that is associated with the activities of the one or more front end components is combinable with information extracted that is associated with the activities of the one or more back end components to contribute to identification of one or more security vulnerabilities within the computing platform;
wherein at least one of the one or more first monitoring modules and the one or more second monitoring modules further operatively configured to combine and store all of the information extracted that is associated with the activities of the one or more front end components and all of the information extracted that is associated with the activities of the one or more back end components in an activity log; and
at least one of the one or more first monitoring modules and the one or more second monitoring modules further operatively configured to change the testing type to suit the activities of at least one of the one or more front end components and the activities of the one or more back end components based on the combined information stored in the activity log.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for automated security testing are disclosed. The disclosure provides for automated discovery of security vulnerabilities through the monitoring of activities that occur throughout the separate components of a computing platform during a testing session through a communications interface.
38 Citations
25 Claims
-
1. A system for detecting security vulnerabilities in a computing platform, the computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to the one or more front end components to fulfill the services, the system comprising:
-
one or more first monitoring modules communicatively linked to the one or more front end components, and operatively configured to monitor the one or more front end components while communicating data with the one or more front end components; one or more second monitoring modules communicatively linked to the one or more back end components, and operatively configured to monitor the one or more back end components while the one or more back end components supply required information to the one or more front end components; wherein the one or more first monitoring modules is further operatively configured to communicate data of a testing type with the one or more front end components via a communication protocol and monitors activities of the one or more front end components via a protocol other than the communication protocol while communicating the data with the one or more front end components, while the one or more second monitoring modules monitor activities of the one or more back end components responsive to communicating the data; wherein information extracted that is associated with the activities of the one or more front end components is combinable with information extracted that is associated with the activities of the one or more back end components to contribute to identification of one or more security vulnerabilities within the computing platform; wherein at least one of the one or more first monitoring modules and the one or more second monitoring modules further operatively configured to combine and store all of the information extracted that is associated with the activities of the one or more front end components and all of the information extracted that is associated with the activities of the one or more back end components in an activity log; and at least one of the one or more first monitoring modules and the one or more second monitoring modules further operatively configured to change the testing type to suit the activities of at least one of the one or more front end components and the activities of the one or more back end components based on the combined information stored in the activity log. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of detecting security vulnerabilities in a computing platform, the computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to the one or more front end components to fulfill the services, the method comprising:
-
connecting to the one or more front end components via one or more front end communication protocol connections; connecting to the one or more back end components using one or more application-specific protocol connections for communicating with an application; communicating data of a testing type with the one or more front end components via the one or more communication protocol connections; monitoring activities of the one or more front end components via one or more protocol connections other than the one or more communication protocol connections while communicating the data with the one or more front end components; monitoring activities of the one or more back end components responsive to communicating the data; extracting activity information from the one or more front end components and from the one or more back end components, wherein information extracted that is associated with the activities of the one or more front end components is combinable with information extracted that is associated with the activities of the one or more back end components to contribute to identification of one or more security vulnerabilities within the computing platform; combining and storing all of the information extracted that is associated with the activities of the one or more front end components and all of the information extracted that is associated with the activities of the one or more back end components in an activity log; and changing the testing type to suit the activities of at least one of the one or more front end components and the activities of the one or more back end components based on the combined information stored in the activity log. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer readable medium having recorded thereon statements and instructions for execution by a computer for detecting security vulnerabilities in a computing platform, the computing platform comprising one or more front end components which provide services to other applications or users, and one or more back end components which supply required information to the one or more front end components to fulfill the services, by carrying out operations comprising:
-
connecting to the one or more front end components; connecting to the one or more back end components; communicating data of a testing type with the one or more front end components via a communication protocol; monitoring activities of the one or more front end components via a protocol other than the communication protocol while communicating the data with the one or more front end components; monitoring activities of the one or more back end components responsive to communicating the data; extracting activity information from the one or more front end components and from the one or more back end components, wherein information extracted that is associated with the activities of the one or more front end components is combinable with information extracted that is associated with the activities of the one or more back end components to contribute to identification of one or more security vulnerabilities within the computing platform; combining and storing all of the information extracted that is associated with the activities of the one or more front end components and all of the information extracted that is associated with the activities of the one or more back end components in an activity log; and changing the testing type to suit the activities of at least one of the one or more front end components and the activities of the one or more back end components based on the combined information stored in the activity log. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification