Passive web application firewall

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Robert C. Fruth · Redmond, US
• Viresh Ramdatmisier · Seattle, US
• Barry Markey · Kirkland, US
• Robert D. Fish · Tustin, US
• Erik Tayler · Seattle, US
• Dragos D. Boia · Seattle, US
• Donald J. Ankney · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1441
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities. Vulnerability amelioration can be automatic, such as by automatically adjusting the settings corresponding to the implementation of the network-based services to ameliorate identified vulnerabilities in a predetermined manner.