Abstract: A system and method for automated probabilistic planning of network attacks against infrastructures of computer networks and applications is provided. The embodiments automate the analysis and probabilistic planning of multi-step attacks to computer and application networks (in particular in the context of automating penetration tests), optimizing with respect to one of the following metrics: the probability of success of the actions, a numerical parameter that must be minimized (e.g., running time), or the number of logs generated by the control devices in the target network.

Abstract: A system and method for extending automated penetration testing of a target network is provided. The method comprises: computing a scenario, comprises the steps of: translating a workspace having at least one target computer in the target network, to a planning definition language, translating penetration modules available in a penetration testing framework to a planning definition language, and defining a goal in the target network and translating the goal into a planning definition language; building a knowledge database with information regarding the target network, properties of hosts in the network, parameters and running history of modules in the penetration testing framework; and running an attack plan solver module, comprising: running an attack planner using the scenario as input, to produce at least one attack plan that achieves the goal, and executing actions defined in the at least one attack plan against the target network from the penetration testing framework.

Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language ex

Abstract: A system and method for extending automated penetration testing of a target network is provided. The method comprises: computing a scenario, comprises the steps of: translating a workspace having at least one target computer in the target network, to a planning definition language, translating penetration modules available in a penetration testing framework to a planning definition language, and defining a goal in the target network and translating the goal into a planning definition language; building a knowledge database with information regarding the target network, properties of hosts in the network, parameters and running history of modules in the penetration testing framework; and running an attack plan solver module, comprising: running an attack planner using the scenario as input, to produce at least one attack plan that achieves the goal, and executing actions defined in the at least one attack plan against the target network from the penetration testing framework.