IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 9853940 B1

PDFFull Text
Date of Patent:
Dec. 26, 2017

Filed:

Sep. 24, 2015

Passive web application firewall

Applicant:

Microsoft Technology Licensing, Llc, Redmond, WA (US);

Inventors:

Robert C. Fruth, Seattle, WA (US);

Viresh Ramdatmisier, Seattle, WA (US);

Barry Markey, Kirkland, WA (US);

Robert Fish, Seattle, WA (US);

Erik Tayler, Seattle, WA (US);

Dragos Boia, Seattle, WA (US);

Donald Ankney, Seattle, WA (US);

Assignee:

Microsoft Technology Licensing, LLC, Redmond, WA (US);

Attorneys:

The Watson IP Group, PLC

Vladan M. Vasiljevic

Primary Examiner:

Longbit Chai

Int. Cl.
CPC ...
H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
H04L 63/02 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01);
Abstract

To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities. Vulnerability amelioration can be automatic, such as by automatically adjusting the settings corresponding to the implementation of the network-based services to ameliorate identified vulnerabilities in a predetermined manner.

Find Patent Forward Citations

Loading…