Self-replicating distributed vulnerability management agent apparatuses, methods, and systems
First Claim
Patent Images
1. A processor-implemented method for propagating a self-propelling distributed vulnerability management bot through a target network without user input, the method comprising:
- scanning at least a portion of the target network to identify at least one node on the target network with at least one vulnerability;
exploiting the at least one vulnerability to install an implant of the self-propelling bot in memory on the at least one node;
instantiating a stager on the at least one node using the implant;
downloading a module from a vulnerability resource management server outside the target network using the stager;
installing the module in the memory on the at least one node to provide additional functionality to the implant;
detecting additional vulnerabilities on the at least one node using the downloaded module;
transmitting the additional vulnerabilities to the vulnerability resource management server;
downloading a patching module from the vulnerability resource management server;
installing the patching module in the memory on the at least one node; and
applying patches, using the patching module, to the at least one node to correct the at least one vulnerability and the additional vulnerabilities.
1 Assignment
0 Petitions
Accused Products
Abstract
A controlled vulnerability management agent programmable to arm itself and attempt to propagate and extract vulnerabilities from a target network, without input from a user. The agent may also send status and vulnerability information to a unified vulnerability resource management (unified VRM) platform, and may also have the ability to fix vulnerabilities through a real-time control center associated with the unified vulnerability resource management platform.
-
Citations
22 Claims
-
1. A processor-implemented method for propagating a self-propelling distributed vulnerability management bot through a target network without user input, the method comprising:
-
scanning at least a portion of the target network to identify at least one node on the target network with at least one vulnerability; exploiting the at least one vulnerability to install an implant of the self-propelling bot in memory on the at least one node; instantiating a stager on the at least one node using the implant; downloading a module from a vulnerability resource management server outside the target network using the stager; installing the module in the memory on the at least one node to provide additional functionality to the implant; detecting additional vulnerabilities on the at least one node using the downloaded module; transmitting the additional vulnerabilities to the vulnerability resource management server; downloading a patching module from the vulnerability resource management server; installing the patching module in the memory on the at least one node; and applying patches, using the patching module, to the at least one node to correct the at least one vulnerability and the additional vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for propagating a self-propelling distributed vulnerability management bot through a target network without user input, the system comprising:
-
a plurality of electronic devices configured to act as nodes on a target network, with at least a portion of the nodes being exploitable nodes; a vulnerability resource management server in communication with the target network; a plurality of implants of the self-propelled bot installed in memory on each of the exploitable nodes; at least one control post in communication with the vulnerability resource management server; at least one listening post communicatively disposed between the control post and the implants to form part of a communication channel between the implants and the vulnerability resource management server. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A non-transitory computer-readable medium for propagating a self-propelling distributed vulnerability management bot through a target network without user input, the medium storing processor-issuable-and-generated instructions to:
-
scan at least a portion of the target network to identify at least one node on the network with at least one vulnerability; exploit the at least one vulnerability to install an implant of the self-propelling bot in memory on the at least one node; instantiate a stager on the at least one node using the implant; download a module from a vulnerability resource management server outside the target network using the stager; install the module in the memory on the at least one node to provide additional functionality to the implant; detect additional vulnerabilities on the at least one node using the downloaded module; transmit the additional vulnerabilities to the vulnerability resource management server; download a patching module from the vulnerability resource management server, the patching module being configured to correct the at least one vulnerability and the additional vulnerabilities; install the patching module in the memory on the at least one node; and apply patches, using the patching module, to the at least one node to correct the at least one vulnerability and additional vulnerabilities.
-
Specification