	US 11,989,309 B2
	Software type and version identification for security operations
Sheung Hei Joseph Yeung, Toronto (CA)
Assigned to Rapid7, Inc., Boston, MA (US)
Filed by Rapid7, Inc., Boston, MA (US)
Filed on Nov. 28, 2022, as Appl. No. 17/994,458.
Application 17/994,458 is a continuation of application No. 16/861,339, filed on Apr. 29, 2020, granted, now 11,537,722.
Prior Publication US 2023/0096024 A1, Mar. 30, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/57 (2013.01); G06F 8/71 (2018.01); G06F 9/445 (2018.01); G06F 21/00 (2013.01); G06F 21/51 (2013.01); G06F 21/55 (2013.01); G06F 21/56 (2013.01)

CPC G06F 21/577 (2013.01) [G06F 8/71 (2013.01); G06F 9/44505 (2013.01); G06F 21/51 (2013.01); G06F 21/552 (2013.01); G06F 21/554 (2013.01); G06F 21/566 (2013.01)]

4 Claims

1. A computer-implemented method, comprising:

monitoring a process start event associated with an application for a configuration change or a file change;

generating a fingerprint rule by mapping the configuration change or the file change with a software installation or a software upgrade;

processing log data with the fingerprint rule to fingerprint a software type and a version of the software type;

identifying a vulnerability associated with the software type and the version of the software type;

identifying a binary location of the process start event;

determining the software type and the version of the software type based on the binary location of the process start event;

accessing a record of previously processed binaries;

determining if a binary in the binary location is part of the record; and

inhibiting processing of the binary in the binary location if the binary in the binary location is part of the record.