Pre-emptive pre-indexing of sensitive and vulnerable assets
First Claim
1. A system for restricting distribution of an item of content at a data center, the item indicative of a software vulnerability associated with a version of a software component, the system comprising:
- a) a local indexing component configured to perform actions including creating a search index of the content at the data center by retrieving and employing an identification of content as a seed to retrieve a set of documents, the content including the item of content and other content;
b) a manager component configured to perform actions including;
i) identifying a document corresponding to the version of the software component; and
ii) enabling a mechanism that performs a security action on the identified document;
wherein identifying the document comprises;
i) receiving one or more search specifications corresponding to the version of the software component; and
ii) employing the search index and the one or more search specifications to identify the document corresponding to the version of the software component, wherein the document that is identified by the one or more search specifications is created or modified by the version of the software component associated with the vulnerability; and
c) one or more processors that execute computer instructions to implement the manager component.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for identifying sensitive content or indications of vulnerabilities is provided. A local search engine may index content at a data center. Specifications of sensitive data or fingerprints of vulnerabilities may be received from various internal or external sources. Targeted data may include vulnerable software, confidential content, dynamic or static web pages, or application data. Based on searches for targeted data, one or more components may be notified, enabling one or more security actions, including restricting publication of the targeted data.
24 Citations
19 Claims
-
1. A system for restricting distribution of an item of content at a data center, the item indicative of a software vulnerability associated with a version of a software component, the system comprising:
-
a) a local indexing component configured to perform actions including creating a search index of the content at the data center by retrieving and employing an identification of content as a seed to retrieve a set of documents, the content including the item of content and other content; b) a manager component configured to perform actions including; i) identifying a document corresponding to the version of the software component; and ii) enabling a mechanism that performs a security action on the identified document; wherein identifying the document comprises; i) receiving one or more search specifications corresponding to the version of the software component; and ii) employing the search index and the one or more search specifications to identify the document corresponding to the version of the software component, wherein the document that is identified by the one or more search specifications is created or modified by the version of the software component associated with the vulnerability; and c) one or more processors that execute computer instructions to implement the manager component. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method for restricting targeted content at a data center, comprising:
-
a) creating a search index of content at the data center by retrieving and employing a seed specification to retrieve an initial set of documents or pages which are used to find other specifications; b) retrieving a plurality of specifications of the targeted content, each specification corresponding to at least one software component vulnerability, wherein the targeted content is created or modified by a version of a software component associated with the software component vulnerability and is indicative of the version of the software component; c) identifying the targeted content by employing the plurality of specifications to search the search index for the targeted content; and d) selectively preventing an external crawler from retrieving at least a portion of the identified targeted content based on a result of the search of the search index. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system for distributing content of a data center, comprising:
-
a) an indexing component configured to perform actions including retrieving and employing an identification of content as a seed to retrieve at least portions of the content at the data center and create a search index of the content at the data center; b) a search component comprising computer program instructions executable by a processor and configured to perform actions including identifying targeted content corresponding to a version of a software component having a vulnerability by receiving one or more search specifications corresponding to the version of the software component and performing searches, the searches employing the search index of the content, wherein the targeted content was created or modified by the version of the software component; c) a publishing component configured to perform actions including publishing a proper subset of the content at the data center, publishing the proper subset of the content comprising, in response to identifying the targeted content, preventing an external crawler from retrieving the targeted content; and d) one or more processors that execute computer instructions to implement the search component. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification