Patents Assigned to Rapid7 LLC
-
Patent number: 10262142Abstract: The field of the invention relates to systems and methods for advanced dynamic analysis scanning for vulnerabilities using a universal translator. In an embodiment, the system includes a dynamic analysis scanner subsystem communicatively coupled to a networked computing system; the scanner subsystem is configured to crawl one or more dynamic web pages of the networked computing system, generate test data for the networked computing system, transmit the generated test data to the networked computing system, and record the networked computing system's response to the generated test data. The scanner may further comprise a universal translator configured to detect vulnerabilities and generate test data for the dynamic web pages of the networked computing system. The scanner subsystem may further comprise a smart scheduler.Type: GrantFiled: March 14, 2016Date of Patent: April 16, 2019Assignee: Rapid7 LLCInventors: Dan Kuykendall, Matthew Cohen, Dmitriy Kashitsyn, Andrew Tisdale, Michael J. Morton, Artem Astrakhantsev
-
Patent number: 10043011Abstract: A solution recommendation (SR) tool can receive vulnerabilities identified by a vulnerability scanner and/or penetration testing tool. The SR tool can determine various approaches for remediating or mitigating the identified vulnerabilities, and can prioritize the various approaches based on the efficiency of the various approaches in remediating or mitigating the identified vulnerabilities. The SR tool can recommend one or more of the prioritized approaches based on constraints such as cost, effectiveness, complexity, and the like. Once the one or more of the prioritized approaches are selected, the SR tool can recommend the one or more prioritized approaches to third-party experts for evaluation.Type: GrantFiled: January 19, 2011Date of Patent: August 7, 2018Assignee: Rapid7, LLCInventors: Derek M. Abdine, Anastasios Giakouminakis, Chad Loder, Richard D. Li
-
Patent number: 9411965Abstract: A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities based on base and optional CVSS vectors and additional factors that represent the evolving nature of vulnerabilities. Likewise, the security tool can determine an overall risk for vulnerabilities, an asset, and/or a collection of assets that encompasses a global view of an asset's risk and/or collection of assets' risk, business considerations of an entity that own and controls the asset and/or the collection of assets, and the entity's associations.Type: GrantFiled: September 22, 2015Date of Patent: August 9, 2016Assignee: Rapid7 LLCInventors: Anastasios Giakouminakis, Sheldon E Malm, Chad Loder, Richard D Li
-
Patent number: 9317693Abstract: The field of the invention relates to systems and methods for advanced dynamic analysis scanning for vulnerabilities using a universal translator. In an embodiment, the system includes a dynamic analysis scanner subsystem communicatively coupled to a networked computing system; the scanner subsystem is configured to crawl one or more dynamic web pages of the networked computing system, generate test data for the networked computing system, transmit the generated test data to the networked computing system, and record the networked computing system's response to the generated test data. The scanner may further comprise a universal translator configured to detect vulnerabilities and generate test data for the dynamic web pages of the networked computing system. The scanner subsystem may further comprise a smart scheduler.Type: GrantFiled: October 22, 2013Date of Patent: April 19, 2016Assignee: RAPID7, LLCInventors: Dan Kuykendall, Matthew Cohen, Dmitriy Kashitsyn, Andrew Tisdale, Michael J. Morton, Artem Astrakhantsev
-
Patent number: 9270694Abstract: A security assessment tool can determine computer assets in a network and provide an overall security score for the network. The overall security score can represent an objective measure of the security of the network that considers potential security threats to the computer assets, counter measures deployed in the network to address the potential security threats, and the effectiveness of the counter measures. Based on the overall security assessment, the security assessment tool can provide recommendations for improving the security of the network.Type: GrantFiled: May 21, 2013Date of Patent: February 23, 2016Assignee: RAPID7, LLCInventors: Chad Loder, Dana Elizabeth Wolf, Matthew Robert Hathaway
-
Patent number: 9264444Abstract: A security assessment tool can determine computer assets in a network and provide an overall security score for the network. The overall security score can represent an objective measure of the security of the network that considers potential security threats to the computer assets, counter measures deployed in the network to address the potential security threats, and the effectiveness of the counter measures. Based on the overall security assessment, the security assessment tool can provide recommendations for improving the security of the network.Type: GrantFiled: May 21, 2013Date of Patent: February 16, 2016Assignee: RAPID7, LLCInventors: HD Moore, Roy Donald Hodgman, Dana Elizabeth Wolf, Matthew Robert Hathaway
-
Patent number: 9251282Abstract: Systems and methods of determining compliance of content in a website or web application are disclosed. The systems and methods comprise a compliance tool to retrieve data associated with website or web application content. The compliance tool can scan the data to determine references to network locations. The compliance tool can compare the references to one or more approval rules to determine whether the references comply with the approval rules. A report can be compiled and outputted that indicates which references comply and which references do not comply with the approval rules. A user can have the option to add non-complying references to an approved list. The compliance tool can further remove non-complying references from the website or web application data and/or register non-complying references with a firewall.Type: GrantFiled: June 21, 2010Date of Patent: February 2, 2016Assignee: RAPID7 LLCInventor: Chad Loder
-
Patent number: 9141805Abstract: A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities based on base and optional CVSS vectors and additional factors that represent the evolving nature of vulnerabilities. Likewise, the security tool can determine an overall risk for vulnerabilities, an asset, and/or a collection of assets that encompasses a global view of an asset's risk and/or collection of assets' risk, business considerations of an entity that own and controls the asset and/or the collection of assets, and the entity's associations.Type: GrantFiled: November 17, 2011Date of Patent: September 22, 2015Assignee: RAPID7 LLCInventors: Anastasios Giakouminakis, Sheldon E. Malm, Chad Loder, Richard D. Li
-
Publication number: 20140351939Abstract: A security assessment tool can determine computer assets in a network and provide an overall security score for the network. The overall security score can represent an objective measure of the security of the network that considers potential security threats to the computer assets, counter measures deployed in the network to address the potential security threats, and the effectiveness of the counter measures. Based on the overall security assessment, the security assessment tool can provide recommendations for improving the security of the network.Type: ApplicationFiled: May 21, 2013Publication date: November 27, 2014Applicant: Rapid7, LLCInventors: HD Moore, Roy Donald Hodgman, Dana Elizabeth Wolf, Matthew Robert Hathaway
-
Publication number: 20140351940Abstract: A security assessment tool can determine computer assets in a network and provide an overall security score for the network. The overall security score can represent an objective measure of the security of the network that considers potential security threats to the computer assets, counter measures deployed in the network to address the potential security threats, and the effectiveness of the counter measures. Based on the overall security assessment, the security assessment tool can provide recommendations for improving the security of the network.Type: ApplicationFiled: May 21, 2013Publication date: November 27, 2014Applicant: Rapid7, LLCInventors: Chad Loder, Dana Elizabeth Wolf, Matthew Robert Hathaway
-
Patent number: 8875296Abstract: A security tool can utilize a vulnerability in a computing system or credentials for the computing system to gain access to the computing system. Once access is gained, the security tool can deliver an agent to the computing system. The agent can execute, detected or undetected, on the computing system in order to establish a network link between the computing system and the security tool. Once established, the security tool creates a virtual network interface on the computing system on which it is running and instructs the agent to relay network traffic between the virtual network interface of the computing system executing the security tool and the existing network interfaces of computing system executing the agent.Type: GrantFiled: March 13, 2012Date of Patent: October 28, 2014Assignee: Rapid7, LLCInventor: H. D. Moore
-
Patent number: 8819832Abstract: Embodiments described herein relate to systems and methods for performing vulnerability scans on virtual machines. The systems and methods comprise a virtual asset tool that can instantiate a vulnerability scanner on a physical machine hosting a set of virtual machines. The vulnerability scanner can scan the virtual machines to identify any vulnerabilities, security flaws, or other risks, and can provide a result of the scan to the virtual asset tool. In embodiments, the virtual asset tool can examine the result of the scan to identify any vulnerabilities resulting from the scan.Type: GrantFiled: August 26, 2011Date of Patent: August 26, 2014Assignee: Rapid7, LLCInventors: Richard D. Li, Jeffrey L. Berger, Anastasios Giakouminakis
-
Patent number: D631022Type: GrantFiled: July 17, 2009Date of Patent: January 18, 2011Assignee: Rapid7 LLCInventor: Harold Jason Treulich