	US 11,853,432 B2
	Assessing vulnerability of service-providing software packages
Roy Hodgman, Cambridge, MA (US); and Jonathan Hart, Kernville, CA (US)
Assigned to Rapid7, Inc., Boston, MA (US)
Filed by Rapid7, Inc., Boston, MA (US)
Filed on Aug. 2, 2021, as Appl. No. 17/391,156.
Application 17/391,156 is a continuation of application No. 15/949,403, filed on Apr. 10, 2018, granted, now 11,113,405.
Prior Publication US 2021/0357510 A1, Nov. 18, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/57 (2013.01); H04L 9/40 (2022.01)

CPC G06F 21/577 (2013.01) [H04L 63/08 (2013.01); H04L 63/1433 (2013.01)]

17 Claims

1. A method comprising:

performing, by one or more computing devices:

maintaining a database of known vulnerabilities associated with respective software packages;

gathering data about hosts in a network, including a list of one or more externally exposed services provided by a host;

determining a software package installed on the host that is used to provide a service in the list, comprising:

determining a process on the host that is providing the service,

determining an open file that is opened by the process, and

determining that the open file is associated with the software package;

determining that the service is vulnerable based on a matching of the software package to information in the database of known vulnerabilities; and

executing a remedial action in response to determining that the service is vulnerable.