Passive software identification for vulnerability management
Disclosed herein are methods, systems, and processes to perform passive and realtime software identification and data collection for vulnerability management. Vulnerability management based on agent-collected event data involves monitoring a process start event associated with an application executi...
Saved in:
Main Author | |
---|---|
Format | Patent |
Language | English |
Published |
27.12.2022
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Disclosed herein are methods, systems, and processes to perform passive and realtime software identification and data collection for vulnerability management. Vulnerability management based on agent-collected event data involves monitoring a process start event associated with an application executing on a computing device that is part of a network, identifying a binary location of the process start event, and based on the binary location, identifying a software type of the application and a version of the software type. Vulnerability management based on event data in logs involves monitoring the process start event for configuration or file changes, generating fingerprint rules by mapping the configuration or files changes and the process start event associated with a software installation or an upgrade of the software, and processing log data to fingerprint the software type and the version of the software type. Agent-collected event data and event data in logs can be amalgamated to perform software and version identification for vulnerability management. |
---|---|
Bibliography: | Application Number: US202016861339 |