-
公开(公告)号:US20060265746A1
公开(公告)日:2006-11-23
申请号:US11432737
申请日:2006-05-11
申请人: Timothy Farley , John Hammer , Bryan Williams , Philip Brass , George Young , Derek Mezack
发明人: Timothy Farley , John Hammer , Bryan Williams , Philip Brass , George Young , Derek Mezack
IPC分类号: G06F15/16 , G06F12/14 , G06F11/00 , G06F17/00 , G06F9/00 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号: H04L63/1458 , G06F21/577 , H04L41/0893 , H04L63/1433
摘要: A security management system includes a fusion engine which “fuses” or assembles information from multiple data sources and analyzes this information in order to detect relationships between raw events that may indicate malicious behavior and to provide an organized presentation of information to consoles without slowing down the processing performed by the data sources. The multiple data sources can comprise sensors or detectors that monitor network traffic or individual computers or both. The sensors can comprise devices that may be used in intrusion detection systems (IDS). The data sources can also comprise firewalls, audit systems, and other like security or IDS devices that monitor data traffic in real-time. The present invention can identify relationships between one or more real-time, raw computer events as they are received in real- time. The fusion engine can also assess and rank the risk of real-time raw events as well as mature correlation events.
摘要翻译: 安全管理系统包括融合引擎,它融合或组合来自多个数据源的信息,并分析这些信息,以便检测可能表示恶意行为的原始事件之间的关系,并向控制台提供有组织的信息呈现,而不会减缓 由数据源执行的处理。 多个数据源可以包括监测网络流量或单个计算机或两者的传感器或检测器。 传感器可以包括可用于入侵检测系统(IDS)的设备。 数据源还可以包括防火墙,审计系统和其他类似的安全性或IDS设备,可以实时监控数据流量。 本发明可以识别实时接收的一个或多个实时原始计算机事件之间的关系。 融合引擎还可以评估和评估实时原始事件的风险以及成熟的相关事件。
-
公开(公告)号:US20060259973A1
公开(公告)日:2006-11-16
申请号:US10908520
申请日:2005-05-16
申请人: Caleb Sima , Timothy Farley
发明人: Caleb Sima , Timothy Farley
IPC分类号: G06F11/00
CPC分类号: G06F21/577
摘要: Various embodiments of systems, methods, software tools, etc. for providing secure web application development are provided. One embodiment comprises a method for developing a secure web application. One such method comprises: analyzing code associated with a web application to identify at least one vulnerable input; and validating the at least one vulnerable input.
摘要翻译: 提供了用于提供安全web应用开发的系统,方法,软件工具等的各种实施例。 一个实施例包括用于开发安全web应用的方法。 一种这样的方法包括:分析与web应用相关联的代码以识别至少一个易受攻击的输入; 并验证至少一个脆弱的输入。
-
公开(公告)号:US08266700B2
公开(公告)日:2012-09-11
申请号:US10908520
申请日:2005-05-16
申请人: Caleb Sima , Timothy Farley
发明人: Caleb Sima , Timothy Farley
IPC分类号: G06F11/00
CPC分类号: G06F21/577
摘要: Various embodiments of systems, methods, software tools, etc. for providing secure web application development are provided. One embodiment comprises a method for developing a secure web application. One such method comprises: analyzing code associated with a web application to identify at least one vulnerable input; and validating the at least one vulnerable input.
摘要翻译: 提供了用于提供安全web应用开发的系统,方法,软件工具等的各种实施例。 一个实施例包括用于开发安全web应用的方法。 一种这样的方法包括:分析与web应用相关联的代码以识别至少一个易受攻击的输入; 并验证至少一个脆弱的输入。
-
-
搜索结果
3 条记录 (耗时 0.012 秒)
