公开(公告)号：US11695793B2

公开(公告)日：2023-07-04

申请号：US15799575

申请日：2017-10-31

Applicant: EntIT Software LLC

Inventor： Ming Sum Sam Ng ,  Sasi Siddharth Muthurajan ,  Nidhi Govindram Kejriwal ,  Gerald E. Sullivan, II ,  Alexander Hoole

IPC: H04L9/40 ,  G06F21/53 ,  H04L9/32 ,  G06F21/55

CPC classification number: H04L63/1433 ,  G06F21/53 ,  G06F21/552 ,  H04L9/3239 ,  H04L9/3242 ,  G06F2221/033 ,  G06F2221/2149 ,  H04L2209/26

Abstract: A method includes: identifying, by a runtime instrumentation agent of a web server, a plurality of attack surfaces of a web application executed on the web server; generating, by the runtime instrumentation agent, a plurality of hash values, where each hash value is generated based on one of the plurality of attack surfaces; and transmitting, by the runtime instrumentation agent, the plurality of hash values to an attack server external to the web server, where the attack server is to determine whether to scan each attack surface based on the plurality of hash values.

公开(公告)号：US11044266B2

公开(公告)日：2021-06-22

申请号：US16078777

申请日：2016-02-26

Applicant: ENTIT SOFTWARE LLC

Inventor： Sasi Siddharth Muthurajan ,  Ming Sum Sam Ng ,  Jeremy C. Brooks

IPC: H04L29/06 ,  G06F21/12 ,  G06F21/56

Abstract: In some examples, a system includes a scan execution engine and a scan adaptation engine. The scan execution engine may execute a scan of a web application hosted on a web host. During scan execution, the scan adaptation engine may adapt a subsequent scan portion for later execution based on a scan metric received from a monitoring agent that monitors the web application, the web host, or both.

公开(公告)号：US20180336348A1

公开(公告)日：2018-11-22

申请号：US15559642

申请日：2015-04-10

Applicant: ENTIT Software LLC

Inventor： Ming Sum Sam Ng ,  Alvaro Munoz ,  Oleksandr Mirosh

IPC: G06F21/54

Abstract: Examples disclosed herein relate to modifying a web page. In one example, in response to beginning execution of a process initiating generation of a web page of a web application at a server, a runtime agent is executed. In this example, the runtime agent modifies code of the web page to inject code to protect output of the web page. In the example, the process can be executed using the modified code to generate a modified web page.

公开(公告)号：US20200293673A1

公开(公告)日：2020-09-17

申请号：US16084081

申请日：2016-03-18

Applicant: Entit Software LLC

Inventor： Ming Sum Sam Ng ,  Sasi Siddharth Muthurajan ,  Barak Raz

IPC: G06F21/62 ,  G06F21/44 ,  H04L12/24 ,  H04L29/06 ,  G06F9/54

Abstract: Examples herein disclose via use of a physical processor, detecting a specific application programming interface (API) call to interact with an application running on a production server. Based on the detection of the specific API call, die examples assist, using the physical processor, a scanning session based on the specific API call Using the physical processor, the examples identify a modification to the application based on the scanning session.

公开(公告)号：US20190132348A1

公开(公告)日：2019-05-02

申请号：US15799575

申请日：2017-10-31

Applicant: EntIT Software LLC

Inventor： Ming Sum Sam Ng ,  Sasi Siddharth Muthurajan ,  Nidhi Govindram Kejriwal ,  Gerald E. Sullivan, II ,  Alexander Hoole

IPC: H04L29/06 ,  G06F21/53 ,  H04L9/32

Abstract: A method includes: identifying, by a runtime instrumentation agent of a web server, a plurality of attack surfaces of a web application executed on the web server; generating, by the runtime instrumentation agent, a plurality of hash values, where each hash value is generated based on one of the plurality of attack surfaces; and transmitting, by the runtime instrumentation agent, the plurality of hash values to an attack server external to the web server, where the attack server is to determine whether to scan each attack surface based on the plurality of hash values.

公开(公告)号：US11449638B2

公开(公告)日：2022-09-20

申请号：US16084081

申请日：2016-03-18

Applicant: ENTIT SOFTWARE LLC

Inventor： Ming Sum Sam Ng ,  Sasi Siddharth Muthurajan ,  Barak Raz

IPC: G06F21/50 ,  G06F21/62 ,  G06F9/54 ,  G06F21/44 ,  H04L41/046 ,  H04L41/28 ,  H04L9/40

Abstract: Examples herein disclose via use of a physical processor, detecting a specific application programming interface (API) call to interact with an application running on a production server. Based on the detection of the specific API call, die examples assist, using the physical processor, a scanning session based on the specific API call Using the physical processor, the examples identify a modification to the application based on the scanning session.

公开(公告)号：US10678910B2

公开(公告)日：2020-06-09

申请号：US15559642

申请日：2015-04-10

Applicant: ENTIT Software LLC

Inventor： Ming Sum Sam Ng ,  Alvaro Munoz ,  Oleksandr Mirosh

IPC: G06F21/54 ,  G06F21/52 ,  H04L29/06 ,  H04L29/08 ,  G06F8/41

Abstract: Examples disclosed herein relate to modifying a web page. In one example, in response to beginning execution of a process initiating generation of a web page of a web application at a server, a runtime agent is executed. In this example, the runtime agent modifies code of the web page to inject code to protect output of the web page. In the example, the process can be executed using the modified code to generate a modified web page.

公开(公告)号：US11055416B2

公开(公告)日：2021-07-06

申请号：US15792028

申请日：2017-10-24

Applicant: ENTIT Software LLC

Inventor： Alexander Michael Hoole ,  Ming Sum Sam Ng

IPC: H04L29/06 ,  G06F21/57 ,  G06F11/36 ,  G06F21/54 ,  G06F21/51

Abstract: In some examples, a method may include detecting a vulnerability in an application during execution on a first computing device. The method may include triggering a breakpoint based on the detecting, thereby pausing the execution of the application before execution of a portion of code that exploits the vulnerability. The method may include communicating a message indicating occurrence of the breakpoint. The method may include receiving a connection request from a second computing device in response to the message. The method may include resuming execution of the application from the breakpoint subject to a signal from the second computing device.

公开(公告)号：US10581878B2

公开(公告)日：2020-03-03

申请号：US15617048

申请日：2017-06-08

Applicant: EntIT Software LLC

Inventor： Ming Sum Sam Ng ,  Oleksandr Mirosh ,  Alvaro Munoz Sanchez

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/55

Abstract: A method for attack detection includes: intercepting, by a runtime security agent, a request for a web resource; determining whether the intercepted request was triggered from an external website; determining whether the intercepted request was triggered from a current session; determining whether the intercepted request is requesting a static file type; and in response to a determination that the intercepted request was triggered from an external website and was not triggered from a current session, or a determination that the intercepted request was triggered from an external website and is not requesting a static file type, providing, by the runtime security agent, an indication of a potential attack.

公开(公告)号：US20190052666A1

公开(公告)日：2019-02-14

申请号：US16078777

申请日：2016-02-26

Applicant: ENTIT SOFTWARE LLC

Inventor： Sasi Siddharth Muthurajan ,  Ming Sum Sam Ng ,  Jeremy C. Brooks

IPC: H04L29/06

Abstract: In some examples, a system includes a scan execution engine and a scan adaptation engine. The scan execution engine may execute a scan of a web application hosted on a web host. During scan execution, the scan adaptation engine may adapt a subsequent scan portion for later execution based on a scan metric received from a monitoring agent that monitors the web application, the web host, or both.