Performing security assessments in an online services system
First Claim
Patent Images
1. A method for facilitating security assessments in an online services environment, the method comprising:
- receiving, in an online services system, from a third-party application provider, a software application for utilization in the online services system;
receiving, at a processor in the online services system from the third-party application provider, configuration data associated with a security assessment to be performed on the software application for utilization in the online services system, the configuration data comprising testing parameters for testing the software application and requirements for starting the security assessment on the software application;
determining, in the online services system, whether the configuration data is valid;
receiving, in the online services system from the third-party application provider, scanning data associated with the software application, the scanning data comprising access credentials for performing the security assessment on the software application;
sending, by the online services system, the configuration data and scanning data to one or more security assessment systems such that the one or more security assessment systems performs the security assessment of the software application in accordance with the configuration data and the scanning data; and
receiving the security assessment in the online services system from the one or more security assessment systems.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for performing security assessments in an online services system. In one embodiment, a method includes receiving an accepted security assessment agreement from a user, where the security assessment agreement is associated with a software application utilized in an online services system. The method also includes receiving configuration data associated with the software application; receiving scanning data associated with the software application; and sending the configuration data and scanning data to one or more security assessment systems.
141 Citations
17 Claims
-
1. A method for facilitating security assessments in an online services environment, the method comprising:
-
receiving, in an online services system, from a third-party application provider, a software application for utilization in the online services system; receiving, at a processor in the online services system from the third-party application provider, configuration data associated with a security assessment to be performed on the software application for utilization in the online services system, the configuration data comprising testing parameters for testing the software application and requirements for starting the security assessment on the software application; determining, in the online services system, whether the configuration data is valid; receiving, in the online services system from the third-party application provider, scanning data associated with the software application, the scanning data comprising access credentials for performing the security assessment on the software application; sending, by the online services system, the configuration data and scanning data to one or more security assessment systems such that the one or more security assessment systems performs the security assessment of the software application in accordance with the configuration data and the scanning data; and receiving the security assessment in the online services system from the one or more security assessment systems. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable storage medium having one or more instructions thereon for facilitating security assessments in an online services system, the instructions when executed by a processor causing the processor to:
-
receive, in an online services system, from a third-party application provider, a software application for utilization in the online services system; receive, at a processor in the online services system from the third-party application provider, configuration data associated with a security assessment to be performed on the software application for utilization in the online services system, the configuration data comprising testing parameters for testing the software application and requirements for starting the security assessment on the software application; determine, in an online services system, whether the configuration data is valid; receive, in the online services system from the third-party application provider, scanning data associated with the software application, the scanning data comprising access credentials for performing the security assessment on the software application; send, by the online services system, the configuration data and scanning data to one or more security assessment systems such that the one or more security assessment systems performs the security assessment of the software application in accordance with the configuration data and the scanning data; and receive the security assessment in the online services system from the one or more security assessment systems. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An apparatus for facilitating security assessments in an online services system, the apparatus comprising:
-
a processor; and a storage device storing one or more stored sequences of instructions which when executed by the processor cause the processor to; receive, in an online services system, from a third-party application provider, a software application for utilization in the online services system; receive, at a processor in the online services system from the third-party application provider, configuration data associated with a security assessment to be performed on the software application for utilization in the online services system, the configuration data comprising testing parameters for testing the software application and requirements for starting the security assessment on the software application; determine, in an online services system, whether the configuration data is valid; receive in the online services system from the third-party application provider, scanning data associated with the software application, the scanning data comprising access credentials for performing the security assessment on the software application; and send, by the online services system, the configuration data and scanning data to one or more security assessment systems such that the one or more security assessment systems performs the security assessment of the software application in accordance with the configuration data and the scanning data; and receive the security assessment in the online services system from the one or more security assessment systems. - View Dependent Claims (14, 15, 16, 17)
-
Specification