55 results about "Vulnerability (computing)" patented technology

Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority-which may be a trusted independent third party-tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)-allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm compromise, and subsets of multiple digital signatures may be used to reduce the scope of any specific compromise.

A vulnerability identification and resolution (VIR) computer device for identifying security vulnerabilities in a computer system is provided. The VIR computer device includes a memory device for storing data including data representing computing assets installed in the computer system and a processor in communication with the memory device. The VIR computer device is programmed to receive an asset identifier identifying a computing asset selected for evaluation and execute a query on at least one database storing security vulnerabilities, the query searching for security vulnerability data associated with the selected computing asset. The VIR computer device is further programmed to receive the security vulnerability data at the VIR computer device in response to the query.

A system, a method, and a computer program for analyzing network security data from diverse data sources to predict and remediate a vulnerability at a node in a computer network, comprising receiving network security data from a plurality of data sources, extracting feature vectors from the received network security data, applying a machine learning model to the extracted feature vectors to generate a weighted vulnerability value, predicting a computing resource vulnerability at a node in the computer network based on the weighted vulnerability value, and transmitting the predicted computing resource vulnerability to a computing device which is configured to remediate the predicted computing resource vulnerability.

In a cloud computing environment, a production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest virtual machine. The minimal virtualization stack includes support for those virtual devices necessary for the operation of a guest operating system, with the code base of those virtual devices further reduced. Further, a dedicated, isolated boot server provides functionality to securely boot a guest operating system. The boot server is isolated through use of an attestation protocol, by which the boot server presents a secret to a network switch to attest that the boot server is operating in a clean mode. The attestation protocol may further employ a secure co-processor to seal the secret, so that it is only accessible when the boot server is operating in the clean mode.

The invention discloses a mimicry defense construction method and system for an edge computing cloud center. The method is applied to the technical field of network security, and comprises the steps of obtaining edge node information, constructing a heterogeneous pool, screening out a heterogeneous execution body set from the heterogeneous pool, synchronizing a mimicry task between a cloud centerand the heterogeneous execution body set, scheduling heterogeneous execution bodies in the heterogeneous execution body set by a dynamic heterogeneous redundancy module, and re-screening out the heterogeneous execution body set. According to the invention, the heterogeneity existing in the edge computing network is utilized to construct the heterogeneous pool and form the heterogeneous execution body set; the cloud center synchronizes the mimicry task to the heterogeneous execution body, a dynamic redundancy heterogeneous defense mechanism is established, attacks of hackers on specific systemsor software vulnerabilities are blocked, the redundancy mechanism can prevent functional anomalies caused by unknown vulnerabilities to a certain extent, the robustness and safety of an edge computing network are improved, and the cost of mimicry defense is reduced.

A system, a method, and a computer program for remediating a cyberattack risk for a computing resource located at a node in a computer network having a plurality of nodes. The solution includes receiving vulnerability score data that has a severity level for a vulnerability in the computing resource at the node, receiving a number of installations value (N_CRi) that indicates a number of instances the computing resource is included in the plurality of nodes, determining a percentile of occurrence value (PO_CRi) for the computing resource based on the number of installations value (N_CRi), applying a severity adjustment matrix to the severity level to determine a true severity level for the vulnerability in the computing resource, reprioritized the vulnerability in the computing resource based on the true severity level, and mitigating the cyberattack risk for the computing resource based on the true severity level.

A technology solution for remediating a cyberattack risk in a computing resource asset in a network system. The technology solution includes monitoring data traffic directed to the computing resource asset in the network system along with data traffic to one or more additional computing resource assets in the network system, generating network utilization data based on the monitored data traffic to the computing resource asset and the monitored data traffic to the one or more additional computing resource assets in the network system, receiving a common vulnerability score (CVSS) for a vulnerability in the computing resource asset, determining a network traffic adjustment (NTA) value for the common vulnerability score (CVSS) based on the network utilization data, adjusting the common vulnerability score (CVSS) by the network traffic adjustment (NTA) value to generate a prioritized common vulnerability score (PCVSS) for the computing resource asset, and remediating the computing resource asset to resolve the vulnerability based on the prioritized common vulnerability (PCVSS) score.

The invention relates to the technical field of security detection, and provides a rapid vulnerability positioning method, an electronic device and a computer storage medium. The method comprises thesteps of obtaining current abnormal information fed back when a to-be-tested program operated by a computing terminal is abnormal; screening out abnormal information with the same semanteme as the current abnormal information from the abnormal information pre-stored in the database by utilizing a word2vec tool; determining a target character string of the program bug corresponding to the current abnormal information according to a mapping relationship between preset abnormal information and the character string representing the program bug corresponding to the abnormal information, and findingout a code block containing the target character string from the to-be-tested program; and finally, when the found code block is abnormal, judging that the found code block has a bug and determiningthe position of the bug. The code block corresponding to the abnormal information appearing in the program running process is rapidly found out by establishing the abnormality searching mechanism, thecode block is verified, and the vulnerability in the program is rapidly positioned.

A technique for monitoring a computing infrastructure having one or more target devices includes receiving, from a plurality of evaluation services, evaluation results of one or more target devices. The technique further includes extracting, using a different data collector for each of the plurality of evaluation services, data from each of the evaluation results. The technique further includes converting the extracted data to a common format, determining whether an issue or a vulnerability is present in the one or more target devices based on the extracted and converted data, and reporting the issue or the vulnerability.

A computing device-implemented method of managing a security risk in a computer system or network, includes a) determining an appropriate security level for the computer system or network, b) selecting, using a security authorization module, one or more suitable controls applicable to the security level based on one or more predetermined criteria, c) implementing the selected one or more controls, d) monitoring the system or network for any vulnerability, e) reporting any vulnerability found to a vulnerability module for remediation, f) tracking, using the vulnerability module, the progress of the remediation to completion, g) reporting to a findings module for remediation, if the vulnerability is not remediated within a preset period of time, and h) tracking, using the findings module, the progress of the remediation reported in step g) to completion.

Disclosed herein are methods, systems, and processes for validating vulnerabilities using lightweight offensive payloads. An attack payload limited by an execution scope that includes pre-defined exploit features for validating code execution associated with a vulnerability is generated. The attack payload is transmitted to a target computing system and a confirmation of the code execution based on at least one pre-defined exploit feature is received, permitting a determination that the vulnerability has been validated.

Methods and apparatus consistent with the present disclosure may be used after a computer network has been successfully attacked by new malicious program code. Such methods may include collecting data from computers that have been affected by the new malicious program code and this data may be used to identify a type of damage performed by the new malicious code. The collected data may also include a copy of the new malicious program code. Methods consistent with the present disclosure may also include allowing the new malicious program code to execute at an isolated computer while actions and instructions that cause the damage are identified. Signatures may be generated from the identified instructions after which the signatures or data that describes the damaging actions are provided to computing resources such that those resources can detect the new malware program code.

There is provided a method of tracking the location of the cause of a binary vulnerability, the method being performed by a computing apparatus and comprising: adding first taint information for a first operand register tainted by input data of an error-causing case, generating second taint information for a second operand register tainted by data of the first operand register by using the first taint information; and tracking input data that caused an error among the input data of the error-causing case by tracing back taint information of a register of each operand from a point where the error occurred.

Embodiments provide a system and method for extracting configuration-related information for reasoning about the security and functionality of a composed system. During operation, the system determines, by a computing device, information sources associated with hardware and software components of a system, wherein the information sources include at least specification sheets, standard operating procedures, user manuals, and vulnerability databases. The system selects a set of categories of vulnerabilities in a vulnerability database, and ingests the information sources to obtain data in a normalized format. The system extracts, from the ingested information sources, configuration information, vulnerability information, dependency information, and functionality requirements to create a model for the system. The system displays, on a screen of a user device, one or more interactive elements which allow the user to view or select the information sources and the categories of vulnerabilities, initiate ingesting the information sources, and view the extracted configuration information.