Automatic Detection and Mitigation of Security Weaknesses

摘要

Some embodiments provide a self-configuring firewall for automatic detection and mitigation of security weaknesses. The self-configuring firewall performs passive and active vulnerability detection. Passive detection involves scanning software resources and configurations under firewall protection for vulnerabilities present in the software and software configurations. Active detection identifies vulnerabilities by subjecting the software resources and configurations to simulated malicious traffic. The identified vulnerabilities are mapped to attack signatures. The self-configuring firewall enables the attack signatures which in turn allow the firewall to detect traffic containing attacks directed to exploiting the vulnerabilities.

主权项

1. A method for self-configuring a particular firewall, the method comprising:
mapping a set of software applications under protection of the particular firewall; scanning said set of software applications, said scanning identifying a software configuration for each software application of the set of software applications; identifying a set of security vulnerabilities present in said set of software applications and software configurations; and automatically reconfiguring the particular firewall based on said identifying, wherein automatically reconfiguring comprises enabling on the particular firewall, a set of firewall signatures from a plurality of firewall signatures protecting against the set of security vulnerabilities present in said set of software applications and software configurations, wherein the set of firewall signatures detect traffic comprising attacks directed to the set of security vulnerabilities.