System and method for replacing software components with corresponding known-good software components without regard to whether the software components have been compromised or potentially compromised

摘要

Approaches for replacing software components executing in a runtime environment with corresponding known-good software components are disclosed. In some implementations, at least a first event indicating that at least a first software component executing in the runtime environment should be replaced may be determined. The first event may be determined without respect to whether the first software component has been compromised or potentially compromised. At least a second software component corresponding to the first software component may be obtained from a component repository that is separate from the runtime environment. The first software component may be replaced with the second software component based on the first event such that the second software component is available for use in the runtime environment after the first event and the first software component is no longer available for use in the runtime environment after the first event.

主权项

1. A computer-implemented method of replacing software components executing in a runtime environment with corresponding known-good software components without regard to whether the software components executing in the runtime environment have been compromised or potentially compromised, the method being implemented by a computer system that includes one or more physical processors programmed with one or more computer program instructions which, when executed, perform the method, the method comprising:
determining, by the computer system, without regard to whether a first instance of a software component executing in the runtime environment has been compromised or potentially compromised, that at least the first instance of the software component should be replaced based on one or more replacement intervals; obtaining, by the computer system, at least a second instance of the software component from a component repository that is separate from the runtime environment; replacing, by the computer system, the first instance of the software component with the second instance of the software component based on the determination that the first instance of the software component should be replaced such that the second instance of the software component is to be used instead of the first instance of the software component; determining, by the computer system, without regard to whether the second instance of the software component has been compromised or potentially compromised, that at least the second instance of the software component should be replaced based on the one or more replacement intervals; obtaining, by the computer system, at least a third instance of the software component from the component repository; and replacing, by the computer system, the second instance of the software component with the third instance of the software component based on the determination that the second instance of the software component should be replaced such that the third instance of the software component is to be used instead of the second instance of the software component, wherein the first instance of the software component, the second instance of the software component, and the third instance of the software component are not varied with respect to one another.