CPC G06F 9/45558 (2013.01) [G06F 8/53 (2013.01); G06F 12/08 (2013.01); G06F 2009/45562 (2013.01); G06F 2009/45583 (2013.01); G06F 2009/45587 (2013.01); G06F 2212/151 (2013.01)] | 33 Claims |
1. A computer-implemented method of verifying software programs, the computer-implemented method comprising:
creating, by a number of processors, a number of virtual machines that simulate a number of computing environments;
running, by the number of processors, a number of software programs on the virtual machines, wherein the software programs have full access to the computing environments simulated by the virtual machines, and wherein source code of the software programs is unavailable;
performing, by the number of processors, virtual machine introspection using a hypervisor as the software programs run on the virtual machines, wherein the virtual machine introspection tracks all memory mappings in the virtual machines including libraries, operating system code, and software program code, and wherein the virtual machines and software programs are unaware that the virtual machine introspection is being performed using the hypervisor;
collecting, by the number of processors, telemetry data about the software programs including any identified threats posed by the software programs to the Gimulatcd computing environments simulated by the virtual machines; and
presenting, by the number of processors, the telemetry data about the software programs to a user via an interface.
|