System and method for scanning for computer vulnerabilities in a network environment
First Claim
1. A method comprising:
- identifying, using at least one data processing apparatus, a plurality of assets to scan in a network;
identifying, using at least one data processing apparatus, a plurality of sets of known vulnerabilities in the plurality of assets, wherein identifying the plurality of sets of known vulnerabilities comprises identifying, for two or more of the plurality of assets, a respective set of known vulnerabilities previously detected as being present on the asset;
identifying, using at least one data processing apparatus, a plurality of sets of new vulnerabilities in the plurality of assets, wherein identifying the plurality of sets of new vulnerabilities comprises identifying, for two or more of the plurality of assets, a respective set of new vulnerabilities for which the asset has not yet been scanned;
selecting, using at least one data processing apparatus, a set of scripts comprising checks for particular vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities; and
using the selected scripts to scan the plurality of assets for vulnerabilities.
10 Assignments
0 Petitions
Accused Products
Abstract
A method in one embodiment includes identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset, selecting one or more scripts that include checks for vulnerabilities in a union of the set of known vulnerabilities and the set of new vulnerabilities, and using the selected scripts to scan the asset. Known vulnerabilities and new vulnerabilities may be identified by accessing results of previous scans on the asset. The method may also include identifying a plurality of assets to scan in a network, identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets, and inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.
-
Citations
18 Claims
-
1. A method comprising:
-
identifying, using at least one data processing apparatus, a plurality of assets to scan in a network; identifying, using at least one data processing apparatus, a plurality of sets of known vulnerabilities in the plurality of assets, wherein identifying the plurality of sets of known vulnerabilities comprises identifying, for two or more of the plurality of assets, a respective set of known vulnerabilities previously detected as being present on the asset; identifying, using at least one data processing apparatus, a plurality of sets of new vulnerabilities in the plurality of assets, wherein identifying the plurality of sets of new vulnerabilities comprises identifying, for two or more of the plurality of assets, a respective set of new vulnerabilities for which the asset has not yet been scanned; selecting, using at least one data processing apparatus, a set of scripts comprising checks for particular vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities; and using the selected scripts to scan the plurality of assets for vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
a memory element configured to store data; and a processor operable to execute instructions associated with the data, wherein the apparatus is configured for; identifying a plurality of assets to scan in a network; identifying a plurality of sets of known vulnerabilities in the plurality of assets, wherein identifying the plurality of sets of known vulnerabilities comprises identifying, for two or more of the plurality of assets, a respective set of known vulnerabilities previously detected as being present on the asset; identifying a plurality of sets of new vulnerabilities in the plurality of assets, wherein identifying the plurality of sets of new vulnerabilities comprises identifying, for two or more of the plurality of assets, a respective set of new vulnerabilities for which the asset has not yet been scanned; selecting a set of scripts comprising checks for particular vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities; and using the selected scripts to scan the plurality of assets. - View Dependent Claims (10, 11, 12, 13)
-
-
14. At least one non-transitory, machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
identify a plurality of assets to scan in a network; identify a plurality of sets of known vulnerabilities in the plurality of assets, wherein the instructions when executed, cause the machine to identify, for two or more of the plurality of assets, a respective set of known vulnerabilities previously detected as being present on an asset; identify a plurality of sets of new vulnerabilities in the plurality of assets, wherein the instructions when executed, cause the machine to identify, for two or more of the plurality of assets, a respective set of new vulnerabilities for which the asset has not yet been scanned; select a set of scripts comprising checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities; and use the selected scripts to scan the plurality of assets. - View Dependent Claims (15, 16, 17, 18)
-
Specification