Remediation of known defects and vulnerabilities in cloud application packages
First Claim
1. A method for applying a remediation policy to a cloud application package having a set of components, the cloud application package being associated with a catalog of cloud application packages, comprising:
- in response to discovery of a new defect or vulnerability, comparing information from a deployment description against a data set of known problems associated with the one or more of the components, the deployment description representing the set of components and their interrelationships;
for each of the one or more components, identifying one or more known problems that satisfy a given criteria;
with respect to at least one of the components for which at least one known problem satisfying the given criteria has been identified, applying the remediation policy to attempt to rectify the known problem; and
after applying the remediation policy, replacing an old version of the cloud application package in the catalog of cloud application packages with a new version;
wherein at least one of the comparing, identifying, applying and replacing operations are carried out in software executing in a hardware element.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for applying remediation policy to a cloud application package having a set of components is described. The method is initiated in response to discovery of a new vulnerability. It begins by comparing information from a deployment description against a data set of known problems associated with the one or more of the components. The deployment description represents the set of components and their interrelationships. For each of the one or more components, one or more known problems that satisfy a given severity and/or complexity criteria are identified. Thereafter, and with respect to at least one of the components for which one known problem satisfying the given criteria has been identified, the remediation policy (e.g., an update, a replacement, a patch, an additional installable) is applied to attempt to rectify the known problem. After applying the policy, the old version of the package is replaced with the new version.
-
Citations
7 Claims
-
1. A method for applying a remediation policy to a cloud application package having a set of components, the cloud application package being associated with a catalog of cloud application packages, comprising:
-
in response to discovery of a new defect or vulnerability, comparing information from a deployment description against a data set of known problems associated with the one or more of the components, the deployment description representing the set of components and their interrelationships; for each of the one or more components, identifying one or more known problems that satisfy a given criteria; with respect to at least one of the components for which at least one known problem satisfying the given criteria has been identified, applying the remediation policy to attempt to rectify the known problem; and after applying the remediation policy, replacing an old version of the cloud application package in the catalog of cloud application packages with a new version; wherein at least one of the comparing, identifying, applying and replacing operations are carried out in software executing in a hardware element. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification