Methods for proactively securing a web application and apparatuses thereof
First Claim
Patent Images
1. A method for proactively securing a web application, the method comprising:
- receiving, from a client device and by a proactive administrative proxy server positioned between the client device and a server device, a request to access a web application provided by the server device;
sending the request from the proactive administrative proxy server to the server device;
receiving, with the proactive administrative proxy server, a response from the server device, wherein the response includes the requested web application;
after receiving the response, injecting, with the proactive administrative proxy server positioned between the client device and the server device, one or more decoys into the web application contained within the response to form a modified response;
sending the modified response from the proactive administrative server to the client device;
identifying, with the proactive administrative proxy server, an attempt by the client device to exploit one of the one or more injected decoys in the web application; and
performing with the proactive administrative proxy server at least one action to secure the web application from the attempted exploitation.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, non-transitory computer readable medium, and apparatus that proactively secures a web application includes injecting one or more decoys into an executing web application. An attempt to exploit one of the one more injected decoys in the executing application is identified. At least one action to secure the executing application from the attempted exploitation is performed.
28 Citations
21 Claims
-
1. A method for proactively securing a web application, the method comprising:
-
receiving, from a client device and by a proactive administrative proxy server positioned between the client device and a server device, a request to access a web application provided by the server device; sending the request from the proactive administrative proxy server to the server device; receiving, with the proactive administrative proxy server, a response from the server device, wherein the response includes the requested web application; after receiving the response, injecting, with the proactive administrative proxy server positioned between the client device and the server device, one or more decoys into the web application contained within the response to form a modified response; sending the modified response from the proactive administrative server to the client device; identifying, with the proactive administrative proxy server, an attempt by the client device to exploit one of the one or more injected decoys in the web application; and performing with the proactive administrative proxy server at least one action to secure the web application from the attempted exploitation. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium having stored thereon instructions for proactively securing a web application comprising machine executable code which when executed by at least one processor, causes the processor to perform steps comprising:
-
receiving, from a client device and by a proactive administrative proxy server positioned between the client device and a server device, a request to access a web application provide by the server device; sending the request from the proactive administrative proxy server to the server device; receiving, with the proactive administrative proxy server, a response from the server device, wherein the response includes the requested web application; after receiving the response, injecting, with the proactive administrative proxy server positioned between the client device and the server device, one or more decoys into the web application contained within the response to form a modified response; sending the modified response from the proactive administrative server to the client device; identifying, with the proactive administrative proxy server, an attempt by the client device to exploit one of the one or more injected decoys in the web application; and performing with the proactive administrative proxy server at least one action to secure the web application from the attempted exploitation. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A proactively secured computing apparatus comprising:
-
one or more processors; a memory coupled to the one or more processors which are configured to execute programmed instructions stored in the memory, the instructions comprising executable code for; receiving, from a client device and by a proactive administrative proxy server positioned between the client device and a server device, a request to access a web application provide by the server device; sending the request from the proactive administrative proxy server to the server device; receiving, with the proactive administrative proxy server, a response from the server device, wherein the response includes the requested web application; after receiving the response, injecting, with the proactive administrative proxy server positioned between the client device and the server device, one or more decoys into the web application contained within the response to form a modified response; sending the modified response from the proactive administrative server to the client device; identifying, with the proactive administrative proxy server, an attempt by the client device to exploit one of the one or more injected decoys in the web application; and performing with the proactive administrative proxy server at least one action to secure the web application from the attempted exploitation. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification