US 11,706,242 B2
System and method for performing remote security assessment of firewalled computer
Wissam Ali-Ahmad, Cupertino, CA (US); Wolfgang Kandek, San Jose, CA (US); Holger Kruse, Foster City, CA (US); Vikas Dewan, Foster City, CA (US); Khair-ed-dine Mazboudi, San Jose, CA (US); Ganesh Jampani, Gilroy, CA (US); and Kenneth K. Okumura, Sunnyvale, CA (US)
Assigned to QUALYS, INC., Foster City, CA (US)
Filed by Qualys, Inc., Foster City, CA (US)
Filed on Aug. 23, 2021, as Appl. No. 17/409,600.
Application 17/409,600 is a continuation of application No. 16/872,067, filed on May 11, 2020, granted, now 11,102,234.
Application 16/872,067 is a continuation of application No. 16/024,726, filed on Jun. 29, 2018, granted, now 10,652,268, issued on May 12, 2020.
Application 16/024,726 is a continuation of application No. 15/250,300, filed on Aug. 29, 2016, granted, now 10,015,187, issued on Jul. 3, 2018.
Application 15/250,300 is a continuation of application No. 14/584,876, filed on Dec. 29, 2014, granted, now 9,432,392, issued on Aug. 30, 2016.
Application 14/584,876 is a continuation of application No. 13/482,531, filed on May 29, 2012, granted, now 8,925,093, issued on Dec. 30, 2014.
Application 13/482,531 is a continuation of application No. 12/541,869, filed on Aug. 14, 2009, granted, now 8,281,396, issued on Oct. 2, 2012.
Prior Publication US 2021/0385243 A1, Dec. 9, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 3/048 (2013.01); H04L 67/02 (2022.01)
CPC H04L 63/1433 (2013.01) [G06F 3/048 (2013.01); H04L 63/0281 (2013.01); H04L 63/1408 (2013.01); H04L 63/1441 (2013.01); H04L 63/166 (2013.01); H04L 67/02 (2013.01); G06F 2221/2101 (2013.01); G06F 2221/2119 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
establishing a secure connection between a scanner engine associated with a scanner server and a scanner client associated with an endpoint device, wherein the scanner client communicates with an Internet application executable by the endpoint device, wherein the scanner server and the endpoint device are in communication with one or more networks, and wherein the scanner client comprises a thin scanner client;
transmitting, from the scanner server to the scanner client, update data for updating the scanner client;
transmitting, from the scanner engine to the scanner client and via the secure connection, commands for collecting, by the scanner client, data associated with the endpoint device;
receiving, at the scanner engine from the scanner client and via the secure connection, the data associated with the endpoint device, wherein the data associated with the endpoint device is collected using the scanner client;
analyzing the data associated with the endpoint device using the scanner engine to assess a security vulnerability state of the endpoint device;
identifying an update for the endpoint device based on analyzing the data associated with the endpoint device; and
transmitting the update from the scanner engine to the endpoint device,
wherein the scanner server is located remotely from the endpoint device.