WO2008011576A3 - System and method of securing web applications across an enterprise - Google Patents
System and method of securing web applications across an enterprise Download PDFInfo
- Publication number
- WO2008011576A3 WO2008011576A3 PCT/US2007/073996 US2007073996W WO2008011576A3 WO 2008011576 A3 WO2008011576 A3 WO 2008011576A3 US 2007073996 W US2007073996 W US 2007073996W WO 2008011576 A3 WO2008011576 A3 WO 2008011576A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- traffic
- enterprise
- computer networks
- individual computer
- security
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Mining & Analysis (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat. The central security manager can then communicate instructions to the individual computer networks so as to provide an enterprise wide solution to the threat.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP07813171A EP2044513A2 (en) | 2006-07-20 | 2007-07-20 | System and method of securing web applications across an enterprise |
Applications Claiming Priority (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US80792106P | 2006-07-20 | 2006-07-20 | |
US80791906P | 2006-07-20 | 2006-07-20 | |
US60/807,921 | 2006-07-20 | ||
US60/807,919 | 2006-07-20 | ||
US11/532,058 US20080034424A1 (en) | 2006-07-20 | 2006-09-14 | System and method of preventing web applications threats |
US11/532,058 | 2006-09-14 | ||
US11/532,060 US7934253B2 (en) | 2006-07-20 | 2006-09-14 | System and method of securing web applications across an enterprise |
US11/532,060 | 2006-09-14 |
Publications (3)
Publication Number | Publication Date |
---|---|
WO2008011576A2 WO2008011576A2 (en) | 2008-01-24 |
WO2008011576A9 WO2008011576A9 (en) | 2008-03-20 |
WO2008011576A3 true WO2008011576A3 (en) | 2008-08-14 |
Family
ID=38957656
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2007/073996 WO2008011576A2 (en) | 2006-07-20 | 2007-07-20 | System and method of securing web applications across an enterprise |
Country Status (2)
Country | Link |
---|---|
EP (1) | EP2044513A2 (en) |
WO (1) | WO2008011576A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110460606B (en) * | 2019-08-16 | 2021-10-12 | 中国银行股份有限公司 | Second-order SQL injection vulnerability detection method, device and equipment |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9386103B2 (en) | 2013-10-04 | 2016-07-05 | Breakingpoint Systems, Inc. | Application identification and dynamic signature generation for managing network communications |
EP3055773B1 (en) * | 2013-10-10 | 2018-12-19 | Intel Corporation | Anomaly detection on web client |
WO2016048322A1 (en) * | 2014-09-25 | 2016-03-31 | Hewlett Packard Enterprise Development Lp | Determine secure activity of application under test |
US9756067B2 (en) * | 2015-08-10 | 2017-09-05 | Accenture Global Services Limited | Network security |
SG10201507051WA (en) * | 2015-09-03 | 2017-04-27 | Certis Cisco Security Pte Ltd | System and method for high frequency heuristic data acquisition and analytics of information security events |
US20170201533A1 (en) * | 2016-01-12 | 2017-07-13 | T-Mobile Usa, Inc. | Mobile aware intrusion detection system |
US10521590B2 (en) | 2016-09-01 | 2019-12-31 | Microsoft Technology Licensing Llc | Detection dictionary system supporting anomaly detection across multiple operating environments |
CN107995145B (en) * | 2016-10-26 | 2020-11-27 | 中国移动通信有限公司研究院 | Attack behavior pattern mining method and device facing WAF log |
US10474843B2 (en) | 2017-05-09 | 2019-11-12 | International Business Machines Corporation | Identifying stolen databases |
CN111177513B (en) * | 2019-12-31 | 2023-10-31 | 北京百度网讯科技有限公司 | Determination method and device of abnormal access address, electronic equipment and storage medium |
CN113872993B (en) * | 2021-11-29 | 2022-03-01 | 广东电网有限责任公司佛山供电局 | Network risk sensing method and system for power monitoring system |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020087882A1 (en) * | 2000-03-16 | 2002-07-04 | Bruce Schneier | Mehtod and system for dynamic network intrusion monitoring detection and response |
-
2007
- 2007-07-20 EP EP07813171A patent/EP2044513A2/en not_active Withdrawn
- 2007-07-20 WO PCT/US2007/073996 patent/WO2008011576A2/en active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020087882A1 (en) * | 2000-03-16 | 2002-07-04 | Bruce Schneier | Mehtod and system for dynamic network intrusion monitoring detection and response |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110460606B (en) * | 2019-08-16 | 2021-10-12 | 中国银行股份有限公司 | Second-order SQL injection vulnerability detection method, device and equipment |
Also Published As
Publication number | Publication date |
---|---|
WO2008011576A9 (en) | 2008-03-20 |
EP2044513A2 (en) | 2009-04-08 |
WO2008011576A2 (en) | 2008-01-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2008011576A3 (en) | System and method of securing web applications across an enterprise | |
WO2010088550A3 (en) | A method and apparatus for excessive access rate detection | |
WO2010105184A3 (en) | A method and apparatus for phishing and leeching vulnerability detection | |
WO2008060722A3 (en) | System and method of securing web applications against threats | |
TWI372537B (en) | Method and system for multi-domain virtual private network configuration | |
CN102722667B (en) | Based on the database safeguarding system and method for virtual data base and virtual patch | |
WO2009154945A3 (en) | Distributed security provisioning | |
WO2012172509A3 (en) | Device and method for application request throttling in a distributed computing environment | |
WO2006012014A3 (en) | Security protection apparatus and methods for endpoint computing systems | |
WO2007098052A3 (en) | Peer based network access control | |
WO2002023805A3 (en) | Monitoring network activity | |
WO2009134900A3 (en) | Trusted network interface | |
WO2011097624A3 (en) | Communicating information in a social network system about activities from another domain | |
WO2013188611A3 (en) | Real-time reporting of anomalous internet protocol attacks | |
WO2008146292A3 (en) | System and method for security of sensitive information through a network connection | |
WO2010051054A3 (en) | Performing networking tasks based on destination networks | |
WO2009134906A3 (en) | Network security appliance | |
WO2009031453A1 (en) | Network security monitor apparatus and network security monitor system | |
GB2405561B (en) | Computer network security system and method for preventing unauthorised access of computer network resources | |
WO2011149773A3 (en) | Security threat detection associated with security events and an actor category model | |
WO2008150786A3 (en) | Method and system for network protection against cyber attacks | |
ATE543327T1 (en) | DYNAMIC THROPPING OF PRIORITY SERVICES | |
WO2004070547A3 (en) | Method and device for monitoring data traffic and preventing unauthorized access to a network | |
KR101039092B1 (en) | Method for protecting and isolating host in internet protocol version 6 network | |
WO2013103640A3 (en) | Methods and apparatuses for maintaining secure communication between a group of users in a social network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07813171 Country of ref document: EP Kind code of ref document: A2 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007813171 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
NENP | Non-entry into the national phase |
Ref country code: RU |