Real-time vulnerability monitoring
DCFirst Claim
Patent Images
1. An apparatus, comprising:
- at least one platform;
an intrusion prevention system component that is communicatively coupled with the at least one platform;
a firewall that is communicatively coupled with the at least one platform;
at least one first data storage that is communicatively coupled with the at least one platform; and
at least one second data storage that is communicatively coupled with the at least one platform;
said at least one platform;
receives a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from the at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for;
identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in the at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable;
causes to display, via at least one user interface, a plurality of techniques including a first technique for utilizing the intrusion prevention system component for occurrence mitigation, and a second technique for utilizing the firewall for occurrence mitigation;
allows receipt of;
user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation;
user input causing selection of the second technique for utilizing the firewall for occurrence mitigation;
applies, based on the user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation, the first technique for utilizing the intrusion prevention system component for occurrence mitigation;
applies, based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, the second technique for utilizing the firewall for occurrence mitigation;
identifies;
for the at least one networked device, a first occurrence including at least one first occurrence packet, andfor the at least one networked device, a second occurrence including at least one second occurrence packet;
determines;
that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable;
that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable, andcauses a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable.
0 Assignments
Litigations
0 Petitions
Reexamination
Accused Products
Abstract
An apparatus is provided including at least one platform; an intrusion prevention system configured to communicative couple with the at least one platform; a firewall configured to communicative couple with the at least one platform; at least one first data storage configured to communicative couple with the at least one platform; and at least one second data storage configured to communicative couple with the at least one platform. The at least one platform is configured to perform a plurality of operations that collective protect one or more networked devices.
945 Citations
20 Claims
-
1. An apparatus, comprising:
-
at least one platform; an intrusion prevention system component that is communicatively coupled with the at least one platform; a firewall that is communicatively coupled with the at least one platform; at least one first data storage that is communicatively coupled with the at least one platform; and at least one second data storage that is communicatively coupled with the at least one platform; said at least one platform; receives a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from the at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in the at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; causes to display, via at least one user interface, a plurality of techniques including a first technique for utilizing the intrusion prevention system component for occurrence mitigation, and a second technique for utilizing the firewall for occurrence mitigation; allows receipt of; user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation; user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; applies, based on the user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation, the first technique for utilizing the intrusion prevention system component for occurrence mitigation; applies, based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, the second technique for utilizing the firewall for occurrence mitigation; identifies; for the at least one networked device, a first occurrence including at least one first occurrence packet, and for the at least one networked device, a second occurrence including at least one second occurrence packet; determines; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable, and causes a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus, comprising:
-
at least one platform; an intrusion prevention system that is communicatively coupled with the at least one platform; a firewall that is communicatively coupled with the at least one platform; at least one first data storage that is communicatively coupled with the at least one platform; and at least one second data storage that is communicatively coupled with the at least one platform; said at least one platform; receives a result of at least one operation in connection with at least one of a plurality of networked devices, the at least one operation based on first information from the at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in the at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; causes to display, via at least one user interface, a plurality of techniques including a first technique for utilizing the intrusion prevention system for occurrence mitigation, a second technique for utilizing the firewall for occurrence mitigation; allows receipt of; user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, and user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, automatically applies the first technique for utilizing the intrusion prevention system for occurrence mitigation; based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, automatically applies the second technique for utilizing the firewall for occurrence mitigation; causes identification of; in connection with the at least one networked device, a first occurrence including at least one first occurrence packet directed to the at least one networked device, and in connection with the at least one networked device, a second occurrence including at least one second occurrence packet directed to the at least one networked device; determines; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and causes a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. An intrusion prevention system, comprising:
-
means for receiving a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; means for causing display of, via at least one user interface, a plurality of techniques including a first technique for utilizing an intrusion prevention system for occurrence mitigation, and a second technique for utilizing a firewall for occurrence mitigation; means for receiving user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation and user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; means for;
based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, applying the first technique for utilizing the intrusion prevention system for occurrence mitigation; and
based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, applying the second technique for utilizing the firewall for occurrence mitigation;means for identifying; for the at least one networked device, a first occurrence including at least one first occurrence packet, and for the at least one networked device, a second occurrence including at least one second occurrence packet; code for determining; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable, and that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and means for causing a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. An apparatus, comprising:
-
at least one platform for communicating with an intrusion prevention system, a firewall, at least one first data storage, and at least one second data storage; said at least one platform; receives a result of at least one operation in connection with at least one of a plurality of networked devices, the at least one operation based on first information from the at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for; identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in the at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable; causes to display, via at least one user interface, a plurality of techniques including a first technique for utilizing the intrusion prevention system for occurrence mitigation, a second technique for utilizing the firewall for occurrence mitigation; allows receipt of; user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, and user input causing selection of the second technique for utilizing the firewall for occurrence mitigation; based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, automatically applies the first technique for utilizing the intrusion prevention system for occurrence mitigation; based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, automatically applies the second technique for utilizing the firewall for occurrence mitigation; causes identification of; in connection with the at least one networked device, a first occurrence including at least one first occurrence packet directed to the at least one networked device, and in connection with the at least one networked device, a second occurrence including at least one second occurrence packet directed to the at least one networked device; determines; that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and causes a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable.
-
Specification