Cloud-based security profiling, threat analysis and intelligence

US 9,619,655 B2
Filed: 03/20/2015
Issued: 04/11/2017
Est. Priority Date: 09/12/2014
Status: Active Grant

First Claim

Patent Images

1. An apparatus for providing an automated notification regarding a software vulnerability, comprising:

a processor; and

one or more stored sequences of instructions which, when executed by the processor, cause the processor to;

obtain software vulnerability information;

periodically scan at least one of a network application and a network server on which the network application runs for information about software associated with the network application and the network server, the network application and network server having an associated operator and operating within a cloud-based database system;

evaluate the periodic scans relative to the software vulnerability information to detect software vulnerabilities;

periodically scan the network application and the network server for new information about upgraded versions of the software associated with the network application and the network server;

store both the new information about the upgraded versions of the software and previous information for previous versions of the software used by the network application and the network server, the new information and the previous information including information for versions of the software with undetected and undisclsosed vulnerabilities;

periodically evaluate the new information and the previous information relative to the software vulnerability information to detect software vulnerabilities in both the upgraded and previous versions of the software; and

upon detection of a software vulnerability, automatically provide a notification message to the operator regarding the software vulnerability.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An automated software vulnerability scanning and notification system and method provide an automated detection and notification regarding a software vulnerability. The operation of the system and the method includes obtaining software vulnerability information, periodically scanning a web application and a corresponding web server associated with an operator, and evaluating the periodic scans relative to the software vulnerability information to detect software vulnerabilities. Upon detection of a software vulnerability, a notification message is provided automatically to the operator regarding the software vulnerability.

183 Citations

17 Claims

1. An apparatus for providing an automated notification regarding a software vulnerability, comprising:
- a processor; and
  
  one or more stored sequences of instructions which, when executed by the processor, cause the processor to;
  
  obtain software vulnerability information;
  
  periodically scan at least one of a network application and a network server on which the network application runs for information about software associated with the network application and the network server, the network application and network server having an associated operator and operating within a cloud-based database system;
  
  evaluate the periodic scans relative to the software vulnerability information to detect software vulnerabilities;
  
  periodically scan the network application and the network server for new information about upgraded versions of the software associated with the network application and the network server;
  
  store both the new information about the upgraded versions of the software and previous information for previous versions of the software used by the network application and the network server, the new information and the previous information including information for versions of the software with undetected and undisclsosed vulnerabilities;
  
  periodically evaluate the new information and the previous information relative to the software vulnerability information to detect software vulnerabilities in both the upgraded and previous versions of the software; and
  
  upon detection of a software vulnerability, automatically provide a notification message to the operator regarding the software vulnerability.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1 in which the one or more stored sequences of instructions which, when executed by the processor, cause the processor to obtain software vulnerability information include instructions to receive manual inputs of software vulnerability information.
  - 3. The apparatus of claim 1 in which the one or more stored sequences of instructions which, when executed by the processor, cause the processor to automatically provide a notification message to the operator regarding the software vulnerability include instructions to provide the notification message to a network portal accessible by the operator.
  - 4. The apparatus of claim 1 further including one or more stored sequences of instructions which, when executed by the processor, cause the processor to store each periodic scan of at least one of a network application and a network server on which the network application runs for information about software associated with the network application and the network server.
  - 5. The apparatus of claim 4 in which the one or more stored sequences of instructions which, when executed by the processor, cause the processor to periodically evaluate the new information and the previous information relative to the software vulnerability information to detect software vulnerabilities include instructions to evaluate all the stored periodic scans relative to the software vulnerability information.
  - 6. The apparatus of claim 1 in which the one or more stored sequences of instructions which, when executed by the processor, cause the processor to periodically scan at least one of a network application and a network server include instructions to periodically scan both the network application and the network server on which the network application runs.

7. A non-transitory machine-readable medium carrying one or more sequences of instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
- obtaining software vulnerability information;
  
  periodically scanning a web application and a corresponding web server for information about types and versions of software associated with the web application and web server, wherein the web application and corresponding web server operate within a cloud-based database system;
  
  storing the information about the types and versions of the software associated with the web application and web server including types and versions of the software with undetected or undisclosed vulnerabilities;
  
  periodically scanning the web application and corresponding web server for new information about upgraded types and versions of the software associated with the web application and web server;
  
  storing both the new information about the upgraded types and versions of the software and previously stored information for previous types and versions of the software associated with the web application and web server;
  
  periodically evaluating the new information and the previously stored information relative to the software vulnerability information to detect software vulnerabilities in both the upgraded types and versions of the software and the previous types and versions of the software; and
  
  upon detection of a software vulnerability, automatically providing a notification message to an operator regarding the software vulnerability.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The machine-readable medium of claim 7 in which the one or more sequences of instructions, when executed by one or more processors, cause the one or more processors to carry out the step of obtaining software vulnerability information include instructions to receive manual inputs of software vulnerability information.
  - 9. The machine-readable medium of claim 7 in which the one or more sequences of instructions, when executed by one or more processors, cause the one or more processors to carry out the step of automatically providing a notification message to the operator regarding the software vulnerability include instructions to provide the notification message to a network portal accessible by the operator.
  - 10. The apparatus of claim 7 further including one or more sequences of instructions, when executed by one or more processors, cause the one or more processors to carry out the step of storing the information for each periodic scan of the web application and the corresponding web server.
  - 11. The machine-readable medium of claim 10 in which the one or more sequences of instructions, when executed by one or more processors, cause the one or more processors to carry out the step of evaluating the stored information relative to the software vulnerability information to detect software vulnerabilities include instructions to evaluate all the stored periodic scans relative to the software vulnerability information.

12. A method for providing an automated notification regarding a software vulnerability, comprising:
- obtaining software vulnerability information;
  
  periodically scanning a web application and a corresponding web server that operate within a cloud-based database system for information about types and versions of software associated with the web application and web server;
  
  periodically scanning the web application and corresponding web server for new information about upgraded types and versions of the software associated with the web application and web server;
  
  storing the scanned information about previous types and versions of the software associated with the web application and web server and the scanned information about the upgraded types and versions of the software associated with web application and web server including types and versions of the software with undetected or undisclosed vulnerabilities;
  
  periodically evaluating the stored information about the previous types and versions of the software and the upgraded types and versions of the software relative to the software vulnerability information to detect software vulnerabilities; and
  
  upon detection of a software vulnerability, automatically providing a notification message to an operator regarding the software vulnerability.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12 in which the step of obtaining software vulnerability information includes monitoring a public source of software vulnerability information.
  - 14. The method of claim 12 in which the step of obtaining software vulnerability information includes receiving manual inputs of software vulnerability information.
  - 15. The method of claim 12 in which the step of automatically providing a notification message to the operator regarding the software vulnerability includes providing the notification message to a network portal accessible by the operator.
  - 16. The method of claim 12 further including the step of storing the information for each periodic scan of the web application and the corresponding web server.
  - 17. The method of claim 16 in which the step of evaluating the stored information relative to the software vulnerability information includes evaluating all the stored periodic scans relative to the software vulnerability information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Bach, Timothy, Dolph, James
Primary Examiner(s)
Okeke, Izunna

Application Number

US14/664,502
Publication Number

US 20160078231A1
Time in Patent Office

753 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

H04L 63/1433   Vulnerability analysis

H04L 67/025   for remote control or remot...

H04L 67/55   Push-based network services

Cloud-based security profiling, threat analysis and intelligence

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

183 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud-based security profiling, threat analysis and intelligence

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

183 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links