Erik Lloyd Tayler

US Patent:

20170093795, Mar 30, 2017

Filed:

Sep 24, 2015

Appl. No.:

14/864858

Inventors:

- Redmond WA, US
Viresh Ramdatmisier - Seattle WA, US
Barry Markey - Kirkland WA, US
Robert Fish - Seattle WA, US
Erik Tayler - Seattle WA, US
Dragos Boia - Seattle WA, US
Donald Ankney - Seattle WA, US

International Classification:

H04L 29/06

Abstract:

To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities. Vulnerability amelioration can be automatic, such as by automatically adjusting the settings corresponding to the implementation of the network-based services to ameliorate identified vulnerabilities in a predetermined manner.