Docker image vulnerability inspection device and method for performing docker file analysis
US-2022108023-A1 · Apr 7, 2022 · US
Systems and methods for detecting vulnerabilities in network processes during runtime
US11706239B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11706239-B2 |
| Application number | US-202017003450-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 26, 2020 |
| Priority date | Aug 26, 2020 |
| Publication date | Jul 18, 2023 |
| Grant date | Jul 18, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting vulnerabilities in real-time during execution of a process or an application. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to obtain real-time process information associated with a process executing in an endpoint. The device can then determine package information for a package associated with the process based on the process information. The device can then identify at least one vulnerability associated with the package information using a database of vulnerabilities stored on a backend component of the network. The backend component may have a database of vulnerabilities for packages.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: obtaining, at a network controller and from one or more sensors running on one or more endpoints, real-time process information associated with at least one process executing on at least one of the one or more endpoints, wherein the network controller is communicatively connected to the one or more endpoints over a communication network; determining, at the network controller, package information for a corresponding package associated with the at least one process based on the real-time process information; and identifying, at the network controller and during runtime of the at least one process on the at least one of the one or more endpoints, at least one vulnerability associated with the package information using a database of vulnerabilities available only to the network controller. 2. The method of claim 1 , wherein the real-time process information includes an executable path and a filename for the at least one process. 3. The method of claim 1 , wherein the package information includes a package name, a package version and a package publisher. 4. The method of claim 1 , wherein the database of vulnerabilities is not stored at the endpoint. 5. The method of claim 1 , further comprising: fixing the at least one vulnerability. 6. A non-transitory computer-readable medium comprising computer-readable instructions, which when executed by one or more processors at a network controller, cause the network controller to: obtain, from one or more sensors running on one or more endpoints, real-time process information associated with at least one process executing on at least one of the one or more endpoints, wherein the network controller is communicatively connected to the one or more endpoints over a communication network; determine package information for a corresponding package associated with the at least one process based on the real-time process information; and identify, during runtime of the at least one process on the at least one of the one or more endpoints, at least one vulnerability associated with the package information using a database of vulnerabilities available only to the network controller. 7. The non-transitory computer-readable medium of claim 6 , wherein the real-time process information includes an executable path and a filename for the at least one process. 8. The non-transitory computer-readable medium of claim 6 , wherein the package information includes a package name, a package version and a package publisher. 9. The non-transitory computer-readable medium of claim 6 , wherein the database of vulnerabilities is not stored at the endpoint. 10. The non-transitory computer-readable medium of claim 6 , wherein the computer-readable instructions, which when executed by the one or more processors, cause the network controller to: fix the at least one vulnerability. 11. A network controller comprising: one or more processors storing computer-readable instructions; and one or more processors configured to execute the computer-readable instructions to: obtain, from one or more sensors running on one or more endpoints, real-time process information associated with at least one process executing on at least one of the one or more endpoints, wherein the network controller is communicatively connected to the one or more endpoints over a communication network; determine package information for a corresponding package associated with the at least one process based on the real-time process information; and identify, during runtime of the at least one process on the at least one of the one or more endpoints, at least one vulnerability associated with the package information using a database of vulnerabilities available only to the network controller. 12. The device of claim 11 , wherein the real-time process information includes an executable path and a filename for the at least one process. 13. The device of claim 11 , wherein the package information includes a package name, a package version and a package publisher. 14. The device of claim 11 , wherein the database of vulnerabilities is not stored at the endpoint. 15. The device of claim 11 , wherein the network controller is further configured to: fix the at least one vulnerability.
Assignees
Inventors
Classifications
- H04L63/1433Primary
Vulnerability analysis · CPC title
- G06F21/566Primary
Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11706239B2 cover?
- Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting vulnerabilities in real-time during execution of a process or an application. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to obtain real-time process information asso…
- Who is the assignee on this patent?
- Cisco Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 18 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).