Remediation of known defects and vulnerabilities in cloud application packages
US9195453B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 30, 2014 |
| Grant date | Nov 24, 2015 |
| Priority date | — |
| Expiry date | Sep 30, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/1095
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for applying remediation policy to a cloud application package having a set of components is described. The method is initiated in response to discovery of a new vulnerability. It begins by comparing information from a deployment description against a data set of known problems associated with the one or more of the components. The deployment description represents the set of components and their interrelationships. For each of the one or more components, one or more known problems that satisfy a given severity and/or complexity criteria are identified. Thereafter, and with respect to at least one of the components for which one known problem satisfying the given criteria has been identified, the remediation policy (e.g., an update, a replacement, a patch, an additional installable) is applied to attempt to rectify the known problem. After applying the policy, the old version of the package is replaced with the new version.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.