System and method for secure evaluation of cyber detection products
Jason Crabtree, Vienna, VA (US); Andrew Sellers, Monument, CO (US); and Richard Kelley, Woodbridge, VA (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX LLC, Reston, VA (US)
Filed on Mar. 24, 2023, as Appl. No. 18/189,967.
Application 18/189,967 is a continuation of application No. 17/008,351, filed on Aug. 31, 2020, granted, now 11,637,866.
Application 17/008,351 is a continuation in part of application No. 17/000,504, filed on Aug. 24, 2020, granted, now 11,477,245, issued on Oct. 18, 2022.
Application 17/000,504 is a continuation in part of application No. 16/855,724, filed on Apr. 22, 2020, granted, now 11,218,510, issued on Jan. 4, 2022.
Application 16/855,724 is a continuation in part of application No. 16/836,717, filed on Mar. 31, 2020, granted, now 10,917,428, issued on Feb. 9, 2021.
Application 16/836,717 is a continuation in part of application No. 15/887,496, filed on Feb. 2, 2018, granted, now 10,783,241, issued on Sep. 22, 2020.
Application 15/887,496 is a continuation in part of application No. 15/823,285, filed on Nov. 27, 2017, granted, now 10,740,096, issued on Aug. 11, 2020.
Application 15/823,285 is a continuation in part of application No. 15/788,718, filed on Oct. 19, 2017, granted, now 10,861,014, issued on Dec. 8, 2020.
Application 15/788,718 is a continuation in part of application No. 15/788,002, filed on Oct. 19, 2017, abandoned.
Application 15/788,002 is a continuation in part of application No. 15/787,601, filed on Oct. 18, 2017, granted, now 10,860,660, issued on Dec. 8, 2020.
Application 15/787,601 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/616,427 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/887,496 is a continuation in part of application No. 15/818,733, filed on Nov. 20, 2017, granted, now 10,673,887, issued on Jun. 2, 2020.
Application 15/818,733 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul. 20, 2017, granted, now 10,735,456, issued on Aug. 4, 2020.
Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/655,113 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/616,427 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/141,752 is a continuation in part of application No. 14/986,536, filed on Dec. 31, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 15/141,752 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 16/855,724 is a continuation in part of application No. 16/777,270, filed on Jan. 30, 2020, granted, now 11,025,674, issued on Jun. 1, 2021.
Application 16/777,270 is a continuation in part of application No. 16/720,383, filed on Dec. 19, 2019, granted, now 10,944,795, issued on Mar. 9, 2021.
Application 16/720,383 is a continuation of application No. 15/823,363, filed on Nov. 27, 2017, granted, now 10,560,483, issued on Feb. 11, 2020.
Application 15/823,363 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 17/000,504 is a continuation in part of application No. 16/412,340, filed on May 14, 2019, granted, now 11,539,663, issued on Dec. 27, 2022.
Application 16/412,340 is a continuation in part of application No. 16/267,893, filed on Feb. 5, 2019, abandoned.
Application 16/267,893 is a continuation in part of application No. 16/248,133, filed on Jan. 15, 2019, abandoned.
Application 16/248,133 is a continuation in part of application No. 15/849,901, filed on Dec. 21, 2017, granted, now 11,023,284, issued on Jun. 1, 2021.
Application 15/849,901 is a continuation in part of application No. 15/835,436, filed on Dec. 7, 2017, granted, now 10,572,828, issued on Feb. 25, 2020.
Application 15/835,436 is a continuation in part of application No. 15/790,457, filed on Oct. 23, 2017, granted, now 10,884,999, issued on Jan. 5, 2021.
Application 15/790,457 is a continuation in part of application No. 15/790,327, filed on Oct. 23, 2017, granted, now 10,860,951, issued on Dec. 8, 2020.
Application 15/790,327 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/790,327 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/849,901 is a continuation in part of application No. 15/835,312, filed on Dec. 7, 2017, granted, now 11,055,451, issued on Jul. 6, 2021.
Application 15/835,312 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 16/248,133 is a continuation in part of application No. 15/813,097, filed on Nov. 14, 2017, abandoned.
Application 15/813,097 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 16/248,133 is a continuation in part of application No. 15/806,697, filed on Nov. 8, 2017, abandoned.
Application 15/806,697 is a continuation in part of application No. 15/376,657, filed on Dec. 13, 2016, granted, now 10,402,906, issued on Sep. 3, 2019.
Application 15/376,657 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/806,697 is a continuation in part of application No. 15/343,209, filed on Nov. 4, 2016, granted, now 11,087,403, issued on Aug. 10, 2021.
Application 15/343,209 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/343,209 is a continuation in part of application No. 15/229,476, filed on Aug. 5, 2016, granted, now 10,454,791, issued on Oct. 22, 2019.
Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 16/248,133 is a continuation in part of application No. 15/673,368, filed on Aug. 9, 2017, abandoned.
Application 15/673,368 is a continuation in part of application No. 15/376,657, filed on Dec. 13, 2016, granted, now 10,402,906, issued on Sep. 3, 2019.
Prior Publication US 2023/0308487 A1, Sep. 28, 2023
1. A system for secure evaluation of cybersecurity tools is disclosed, comprising:
a computing device comprising a memory and a processor;
a first set of cybersecurity defense tools operating in a production environment and connected to a client's computer network;
a sandbox environment manager comprising a first plurality of programming instructions stored in the memory and operating on the processor, wherein the first plurality of programming instructions, when operating on the processor, cause the computing device to:
create a sandbox environment for testing of a virtual computer network, the virtual computer network comprising one or more virtual domain controllers, one or more member servers, and one or more workstations; and
create an observed system within the sandbox environment, the observed system comprising an isolated instance of the virtual computer network, and a second set of cybersecurity defense tools; and
a secure tunnel from the observed system to the first set of cybersecurity defense tools;
wherein the performance of the first and second sets of cybersecurity defense tools is compared when defending against a plurality of cyberattacks within the observed system;
wherein the sandbox environment is provided with a set of controlled computing resources of the computing device for its operation and is prevented from accessing any other computing resources of the computing device.
