公开(公告)号：US20230229788A1

公开(公告)日：2023-07-20

申请号：US18186688

申请日：2023-03-20

申请人： TRIPWIRE, INC.

发明人： Mark Pieno ,  Tyler Reguly ,  Darlene Hibbs ,  Craig Young ,  Lane Thames ,  Jamaal Scarlett ,  Lamar Bailey ,  Miles Budnek ,  Bob Terhune ,  Jon Loucks

IPC分类号： G06F21/57 ,  G06F16/2455 ,  G06F9/445

CPC分类号： G06F21/577 ,  G06F16/24552 ,  G06F9/44505 ,  G06F2221/034

摘要： Apparatus and methods for analyzing vulnerabilities with an agent executing on a computer host using a vulnerability scanner and vulnerability server are disclosed. In one example a method comprises, with a vulnerability scanner, searching for data associated with a vulnerability test (for example, the command that initiates the test) to determine whether the data associated with the vulnerability is available or not available. When the data associated with the vulnerability test is available in a vulnerability scanner database, the vulnerability scanner provides prior scan results generated using one or more commands specified by the data to a vulnerability aggregation server. When the data associated with the vulnerability test is not available in the vulnerability scanner database, the vulnerability scanner performs a scan of the host to obtain results associated with the vulnerability test.

公开(公告)号：US12050696B2

公开(公告)日：2024-07-30

申请号：US18186688

申请日：2023-03-20

申请人： TRIPWIRE, INC.

发明人： Mark Pieno ,  Tyler Reguly ,  Darlene Hibbs ,  Craig Young ,  Lane Thames ,  Jamaal Scarlett ,  Lamar Bailey ,  Miles Budnek ,  Bob Terhune ,  Jon Loucks

IPC分类号： H04L9/40 ,  G06F9/445 ,  G06F16/2455 ,  G06F21/57

CPC分类号： G06F21/577 ,  G06F9/44505 ,  G06F16/24552 ,  G06F2221/034

摘要： Apparatus and methods for analyzing vulnerabilities with an agent executing on a computer host using a vulnerability scanner and vulnerability server are disclosed. In one example a method comprises, with a vulnerability scanner, searching for data associated with a vulnerability test (for example, the command that initiates the test) to determine whether the data associated with the vulnerability is available or not available. When the data associated with the vulnerability test is available in a vulnerability scanner database, the vulnerability scanner provides prior scan results generated using one or more commands specified by the data to a vulnerability aggregation server. When the data associated with the vulnerability test is not available in the vulnerability scanner database, the vulnerability scanner performs a scan of the host to obtain results associated with the vulnerability test.