公开(公告)号：US09900339B2

公开(公告)日：2018-02-20

申请号：US15442986

申请日：2017-02-27

Applicant: salesforce.com, inc.

Inventor： Timothy Bach ,  James Dolph

IPC: G06F21/57 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/1433 ,  G06F21/577 ,  G06F2221/034 ,  H04L67/025 ,  H04L67/26

Abstract: An automated software vulnerability scanning and notification system and method provide an automated detection and notification regarding a software vulnerability. The operation of the system and the method includes obtaining software vulnerability information, periodically scanning a web application and a corresponding web server associated with an operator, and evaluating the periodic scans relative to the software vulnerability information to detect software vulnerabilities. Upon detection of a software vulnerability, a notification message is provided automatically to the operator regarding the software vulnerability.

公开(公告)号：US09787714B2

公开(公告)日：2017-10-10

申请号：US15334107

申请日：2016-10-25

Applicant: salesforce.com, inc.

Inventor： Timothy Bach

IPC: H04L29/06

CPC classification number: H04L63/1483 ,  H04L63/101

Abstract: A threat detection system receives links from emails opened in web browsers. The received links are compared with a whitelist of trusted links and blacklisted links associated with security threats. The threat detection system sends trusted identifiers when the received links are identified in the whitelist and sends block identifiers back to the web browsers when the received links are identified in the blacklist. The trusted identifiers cause the web browsers to display a trusted message and the block identifiers cause the web browsers to remove the received link and display a warning message. The threat detection system may receive threat reports for suspected links from employees of a same enterprise and allow an enterprise security administrator to asynchronously update the blacklists and whitelists based on the threat reports received from the enterprise users.

公开(公告)号：US09509715B2

公开(公告)日：2016-11-29

申请号：US14625431

申请日：2015-02-18

Applicant: salesforce.com, inc.

Inventor： Timothy Bach

IPC: H04L29/06

CPC classification number: H04L63/1483 ,  H04L63/101

Abstract: A threat detection system receives links from emails opened in web browsers. The received links are compared with a whitelist of trusted links and blacklisted links associated with security threats. The threat detection system sends trusted identifiers when the received links are identified in the whitelist and sends block identifiers back to the web browsers when the received links are identified in the blacklist. The trusted identifiers cause the web browsers to display a trusted message and the block identifiers cause the web browsers to remove the received link and display a warning message. The threat detection system may receive threat reports for suspected links from employees of a same enterprise and allow an enterprise security administrator to asynchronously update the blacklists and whitelists based on the threat reports received from the enterprise users.

Abstract translation: 威胁检测系统从Web浏览器中打开的电子邮件接收链接。 所接收的链接与可信链接和与安全威胁相关联的黑名单链接的白名单进行比较。 当在白名单中识别接收到的链接时，威胁检测系统发送可信标识符，并且当黑名单中标识接收到的链接时，将块标识符发回到网络浏览器。 受信任的标识符导致Web浏览器显示可信消息，并且块标识符导致Web浏览器删除接收到的链接并显示警告消息。 威胁检测系统可以接收来自同一企业的员工的可疑链接的威胁报告，并允许企业安全管理员根据企业用户收到的威胁报告异步更新黑名单和白名单。

公开(公告)号：US09619655B2

公开(公告)日：2017-04-11

申请号：US14664502

申请日：2015-03-20

Applicant: salesforce.com, inc.

Inventor： Timothy Bach ,  James Dolph

IPC: G06F21/57 ,  H04L29/06

CPC classification number: H04L63/1433 ,  G06F21/577 ,  G06F2221/034 ,  H04L67/025 ,  H04L67/26

Abstract: An automated software vulnerability scanning and notification system and method provide an automated detection and notification regarding a software vulnerability. The operation of the system and the method includes obtaining software vulnerability information, periodically scanning a web application and a corresponding web server associated with an operator, and evaluating the periodic scans relative to the software vulnerability information to detect software vulnerabilities. Upon detection of a software vulnerability, a notification message is provided automatically to the operator regarding the software vulnerability.

公开(公告)号：US20160078231A1

公开(公告)日：2016-03-17

申请号：US14664502

申请日：2015-03-20

Applicant: salesforce.com, inc.

Inventor： Timothy Bach ,  James Dolph

IPC: G06F21/57 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L63/1433 ,  G06F21/577 ,  G06F2221/034 ,  H04L67/025 ,  H04L67/26

Abstract: An automated software vulnerability scanning and notification system and method provide an automated detection and notification regarding a software vulnerability. The operation of the system and the method includes obtaining software vulnerability information, periodically scanning a web application and a corresponding web server associated with an operator, and evaluating the periodic scans relative to the software vulnerability information to detect software vulnerabilities. Upon detection of a software vulnerability, a notification message is provided automatically to the operator regarding the software vulnerability.

Abstract translation: 自动化软件漏洞扫描和通知系统和方法提供关于软件漏洞的自动检测和通知。 系统的操作和方法包括获取软件漏洞信息，定期扫描Web应用程序和与操作员相关联的相应Web服务器，以及评估相对于软件漏洞信息的周期扫描以检测软件漏洞。 在发现软件漏洞时，系统会自动向运营商提供有关软件漏洞的通知消息。