Systems and Methods for Improved Network Vulnerability Scanning and Reporting

Abstract

Vulnerability scanning systems and methods are provided for automatically performing the steps necessary for compliance testing and auditing of an organization's systems, and determining security posture in real time. A Machine-in-the-Middle Microserviced Security Engine (MiMMSE) is provided that provides one-way traffic for command execution and security improvement, management for automating services in OS containers, the elimination of multiple connections to services per client to give users more control of network access, total data destruction after each run to reduce attack surfaces, encryption over container services, reverse tunnel or VPN traffic between pods, clusters, and other separated networks, and machine learning (e.g., neural-network-based) maps for command execution order.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application claims priority to U.S. Provisional Patent Application No. 63 / 144,382, filed Feb. 1, 2021, the entire contents of which are hereby incorporated by reference.TECHNICAL FIELD[0002]The present invention relates, generally, to network and computer security and, more particularly, to automated vulnerability scanning and reporting.BACKGROUND[0003]Cybersecurity incidents—i.e., events that threaten the confidentiality, integrity, and / or availability of an organization's assets—have increased dramatically in recent years, posing a significant financial and competitive risk. This has driven a similar increase in the need for vulnerability scanning and reporting. Unfortunately, privacy and information security has traditionally depended, to a large extent, on human experts and information technology (IT) professionals, who in turn may largely rely on non-rigorous and / or subjective assessments.[0004]Furthermore, an increasing number ...

AI Technical Summary

Benefits of technology

[0007]Various embodiments of the present invention relate to significant improvements in systems and methods for performing vulnerability scanning of an organization's networked assets—i.e., a system that automatically performs the steps necessary in terms of compliance and auditing of an organization's systems, as well as determining security posture in real time. In accordance with various embodiments, a Machine-in-the-Middle Microserviced Security Engine (MiMMSE) is provided that includes a combination of unique features, inter alia: (i) one-way traffic for command execution and security improvement, management for automating services in OS containers, the elimination of multiple connections to services per client to give users more control of network access, total data destruction after each run to reduce attack surfaces, encryption over container services; reverse tunnel or VPN traffic between pods, clusters, and other separated networks; machine learning (e.g., neural-network-based) maps for command execution order to improve security testing accuracy; and complete client data ownership of services to improve security and provide a zero-trust architecture.

Problems solved by technology

Cybersecurity incidents—i.e., events that threaten the confidentiality, integrity, and / or availability of an organization's assets—have increased dramatically in recent years, posing a significant financial and competitive risk.

Unfortunately, privacy and information security has traditionally depended, to a large extent, on human experts and information technology (IT) professionals, who in turn may largely rely on non-rigorous and / or subjective assessments.

There are not many resources available to assist organizations in complying with the bewildering array of standards.

This process is not easy for small companies or even large organizations with a vast network of assets.

Images