Data exfiltration attack simulation technology
First Claim
1. A computer-implemented method for testing network security, the method comprising:
- storing on a monitoring system at least one specified data message and a at least one specified access credential to at least one third-party web-based service;
installing on at least one testing system to be tested on a network, at least one software agent configured with the at least one specified data message and the at least one specified access credential to the at least one third-party web-based service;
executing the at least one software agent on the testing system to send the at least one specified data message to the at least one third-party web-based service using the at least one specified access credential;
accessing, with a monitoring system which is independent of the network, the at least one third-party web-based service with the at least one specified access credential;
comparing, with the monitoring system, if data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent; and
assigning a risk factor to the testing system and the at least one third-party web-based service if any data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent.
1 Assignment
0 Petitions
Accused Products
Abstract
Novel systems and methods for testing network security are disclosed. In one example, at least one specified data message and at least one specified access credential to at least one third-party web-based service is stored on a monitoring system. At least one software agent configured with the specified data message and the specified access credential to the third-party web-based service is installed on at least on system to be tested. The software agent is executed on the testing system to send the specified data message to the third-party web-based service using the specified access credential. A monitoring system which is independent of the network, access the third-party web-based service with the access credential. The monitoring system compares, if data on the third-party web-based service is equivalent to the specified data message sent by the software agent. In another example, the software agent is configured with a custom start-logging command.
-
Citations
20 Claims
-
1. A computer-implemented method for testing network security, the method comprising:
-
storing on a monitoring system at least one specified data message and a at least one specified access credential to at least one third-party web-based service; installing on at least one testing system to be tested on a network, at least one software agent configured with the at least one specified data message and the at least one specified access credential to the at least one third-party web-based service; executing the at least one software agent on the testing system to send the at least one specified data message to the at least one third-party web-based service using the at least one specified access credential; accessing, with a monitoring system which is independent of the network, the at least one third-party web-based service with the at least one specified access credential; comparing, with the monitoring system, if data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent; and assigning a risk factor to the testing system and the at least one third-party web-based service if any data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for testing security of a network, the system comprising:
-
a memory; a processor communicatively coupled to the memory for performing; storing on a monitoring system at least one specified data message and a at least one specified access credential to at least one third-party web-based service; installing on at least one testing system to be tested on a network, at least one software agent configured with the at least one specified data message and the at least one specified access credential to the at least one third-party web-based service; executing the at least one software agent on the testing system to send the at least one specified data message to the at least one third-party web-based service using the at least one specified access credential; accessing, with a monitoring system which is independent of the network, the at least one third-party web-based service with the at least one specified access credential; comparing, with the monitoring system, if data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent; and assigning a risk factor to the testing system and the at least one third-party web-based service if any data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine readable medium encoded with a program for testing security of a network, the program comprising instructions for:
-
storing on a monitoring system at least one specified data message and a at least one specified access credential to at least one third-party web-based service; installing on at least one testing system to be tested on a network, at least one software agent configured with the at least one specified data message and the at least one specified access credential to the at least one third-party web-based service; executing the at least one software agent on the testing system to send the at least one specified data message to the at least one third-party web-based service using the at least one specified access credential; accessing, with a monitoring system which is independent of the network, the at least one third-party web-based service with the at least one specified access credential; and comparing, with the monitoring system, if data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent; and assigning a risk factor to the testing system and the at least one third-party web-based service if any data on the at least one third-party web-based service is equivalent to the at least one specified data message sent by the at least one software agent. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification