公开(公告)号：US10229274B2

公开(公告)日：2019-03-12

申请号：US15918909

申请日：2018-03-12

申请人： Qualys, Inc.

发明人： Wolfgang Kandek ,  Holger Kruse ,  Tigran Gevorgyan ,  Gregor Glawitsch ,  Parminder Singh ,  Kenneth K. Okumura

IPC分类号： G06F11/00 ,  G06F21/57 ,  H04L29/06

摘要： The disclosed principles describe systems and methods for assessing the security posture of a target device, wherein the assessment is performed by a scanning computer in communication with the target device via a communication network. By employing a system or method in accordance with the disclosed principles, distinct advantages are achieved. Specifically, conducting such a remote scan allows for the scanner computer to perform a remote scan of the remote device without installing client software to the remote device. Thus, the disclosed principles reduce the need for internal IT resources to manage the deployment and updates of client software on the target device. Also, conducting a remote scan according to the disclosed principles allows for the remote scan to be performed even if the scanner computer and remote device run different operating systems.

公开(公告)号：US09432392B2

公开(公告)日：2016-08-30

申请号：US14584876

申请日：2014-12-29

申请人： QUALYS, INC.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： G06F21/50 ,  H04L29/06 ,  G06F3/048 ,  H04L29/08

CPC分类号： H04L63/1433 ,  G06F3/048 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0281 ,  H04L63/1408 ,  H04L63/1441 ,  H04L63/166 ,  H04L67/02

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

公开(公告)号：US20140109169A1

公开(公告)日：2014-04-17

申请号：US13942321

申请日：2013-07-15

申请人： Qualys, Inc.

发明人： Wolfgang Kandek ,  Holger Kruse ,  Tigran Gevorgyan ,  Gregor Glawitsch ,  Parminder Singh ,  Kenneth K. Okumura

IPC分类号： H04L29/06

CPC分类号： G06F21/577 ,  G06F2221/034 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/166 ,  H04L63/20

摘要： The disclosed principles describe systems and methods for assessing the security posture of a target device, wherein the assessment is performed by a scanning computer in communication with the target device via a communication network. By employing a system or method in accordance with the disclosed principles, distinct advantages are achieved. Specifically, conducting such a remote scan allows for the scanner computer to perform a remote scan of the remote device without installing client software to the remote device. Thus, the disclosed principles reduce the need for internal IT resources to manage the deployment and updates of client software on the target device. Also, conducting a remote scan according to the disclosed principles allows for the remote scan to be performed even if the scanner computer and remote device run different operating systems.

摘要翻译： 所公开的原理描述了用于评估目标设备的安全状态的系统和方法，其中所述评估由通过通信网络与目标设备通信的扫描计算机执行。 通过采用根据公开的原理的系统或方法，实现了明显的优点。 具体来说，执行这样的远程扫描允许扫描仪计算机执行远程设备的远程扫描，而无需将客户端软件安装到远程设备。 因此，所公开的原理减少了对内部IT资源的需求，以管理目标设备上的客户端软件的部署和更新。 此外，根据所公开的原理执行远程扫描，即使扫描仪计算机和远程设备运行不同的操作系统也允许执行远程扫描。

公开(公告)号：US20210385243A1

公开(公告)日：2021-12-09

申请号：US17409600

申请日：2021-08-23

申请人： Qualys, Inc.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： H04L29/06 ,  G06F3/048 ,  H04L29/08

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

公开(公告)号：US09916455B2

公开(公告)日：2018-03-13

申请号：US15483813

申请日：2017-04-10

申请人： Qualys, Inc.

发明人： Wolfgang Kandek ,  Holger Kruse ,  Tigran Gevorgyan ,  Gregor Glawitsch ,  Parminder Singh ,  Kenneth K. Okumura

IPC分类号： G06F11/00 ,  G06F21/57 ,  H04L29/06

CPC分类号： G06F21/577 ,  G06F2221/034 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/166 ,  H04L63/20

摘要： The disclosed principles describe systems and methods for assessing the security posture of a target device, wherein the assessment is performed by a scanning computer in communication with the target device via a communication network. By employing a system or method in accordance with the disclosed principles, distinct advantages are achieved. Specifically, conducting such a remote scan allows for the scanner computer to perform a remote scan of the remote device without installing client software to the remote device. Thus, the disclosed principles reduce the need for internal IT resources to manage the deployment and updates of client software on the target device. Also, conducting a remote scan according to the disclosed principles allows for the remote scan to be performed even if the scanner computer and remote device run different operating systems.

公开(公告)号：US20150281269A1

公开(公告)日：2015-10-01

申请号：US14584876

申请日：2014-12-29

申请人： QUALYS, INC.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： H04L29/06 ,  G06F3/048 ,  H04L29/08

CPC分类号： H04L63/1433 ,  G06F3/048 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0281 ,  H04L63/1408 ,  H04L63/1441 ,  H04L63/166 ,  H04L67/02

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

摘要翻译： 公开了用于扫描开放式计算机网络上的端点终端的方法和系统。 示例性方法包括在与开放式计算机网络通信的计算机服务器中提供扫描仪引擎，以及在扫描仪引擎与安装在端点终端上的与开放式计算机网络通信的扫描器代理之间的开放式计算机网络上建立安全连接 。 用于收集关于端点终端的数据的命令从扫描仪引擎通过安全连接发送到扫描器代理。 然后，扫描仪引擎通过安全连接从扫描器代理接收收集的数据，分析数据以评估端点终端的当前状态，并根据分析确定端点终端的任何更新。 更新将通过安全连接发送到扫描仪代理，以安装在端点终端上，然后可以终止安全连接。

公开(公告)号：US11706242B2

公开(公告)日：2023-07-18

申请号：US17409600

申请日：2021-08-23

申请人： Qualys, Inc.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： H04L9/40 ,  G06F3/048 ,  H04L67/02

CPC分类号： H04L63/1433 ,  G06F3/048 ,  H04L63/0281 ,  H04L63/1408 ,  H04L63/1441 ,  H04L63/166 ,  H04L67/02 ,  G06F2221/2101 ,  G06F2221/2119

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

公开(公告)号：US20200274896A1

公开(公告)日：2020-08-27

申请号：US16872067

申请日：2020-05-11

申请人： Qualys, Inc.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： H04L29/06 ,  G06F3/048 ,  H04L29/08

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

公开(公告)号：US10652268B2

公开(公告)日：2020-05-12

申请号：US16024726

申请日：2018-06-29

申请人： QUALYS, INC.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： H04L29/06 ,  G06F3/048 ,  H04L29/08

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

公开(公告)号：US10015187B2

公开(公告)日：2018-07-03

申请号：US15250300

申请日：2016-08-29

申请人： QUALYS, INC.

发明人： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC分类号： G06F21/50 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L63/1433 ,  G06F3/048 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0281 ,  H04L63/1408 ,  H04L63/1441 ,  H04L63/166 ,  H04L67/02

摘要： Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.