Search

US-20260129028-A1 - REMOTE COMPUTER NETWORK SECURITY TESTING

US20260129028A1US 20260129028 A1US20260129028 A1US 20260129028A1US-20260129028-A1

Abstract

Aspects of the present disclosure enable a system with limited computing resources to remotely perform security testing of a large number of host devices. These host devices may be included as part of a single networked computing environment or may be distributed among multiple networked computing environments. The networked computing environments may be associated with a single entity or multiple entities. The system can allocate its limited computing resources among the host devices based on a type of security testing and the amount of host devices to be tested. Further, the system can obtain secure access to the remote networking environment through a secure virtual private network connection to an on-site access system installed at a physical location of the networked computing environment.

Inventors

  • David Wesley Podolsky
  • Casey Andrew Graff

Assignees

  • ComplyAuto IP LLC

Dates

Publication Date
20260507
Application Date
20250512

Claims (20)

  1. 1 . (canceled)
  2. 2 . (canceled)
  3. 3 . (canceled)
  4. 4 . (canceled)
  5. 5 . (canceled)
  6. 6 . (canceled)
  7. 7 . (canceled)
  8. 8 . (canceled)
  9. 9 . (canceled)
  10. 10 . (canceled)
  11. 11 . (canceled)
  12. 12 . (canceled)
  13. 13 . (canceled)
  14. 14 . (canceled)
  15. 15 . (canceled)
  16. 16 . (canceled)
  17. 17 . (canceled)
  18. 18 . (canceled)
  19. 19 . (canceled)
  20. 20 . (canceled)

Description

INCORPORATION BY REFERENCE The present application is a continuation of U.S. patent application Ser. No. 18/887,627, filed on Sep. 17, 2024, which claims priority to U.S. Provisional Application No. 63/586,960, filed on Sep. 29, 2023, the disclosure of which is hereby incorporated by reference in its entirety and for all purposes herein. Any and all applications for which a foreign or domestic priority claim is identified in the Application Data Sheet as filed with the present application are hereby incorporated by reference under 37 CFR 1.57. BACKGROUND Computing systems can perform automated security testing of a network. For example, the computing system may act in a manner similar to that of a malicious actor, and attempt to gain unauthorized access to the network being tested, or otherwise interfere in the operations of the network. SUMMARY The systems, methods and devices of this disclosure each have several innovative aspects, no single one of which is solely responsible for all of the desirable attributes disclosed herein. Details of one or more implementations of the subject matter described in this specification are set forth in the accompanying drawings and the description below. In some aspects, the techniques described herein relate to a security testing system configured to implement security testing of a set of host devices in a remote networked environment, the security testing system including: a network interface system configured to establish a communication channel with an access system at the remote networked environment; a plurality of scan processing units configured to implement at least a portion of the security testing of the set of host devices at the remote networked environment; and a control system configured to: receive a request from a computing system to perform security testing of the remote networked environment at a first time; use the network interface system to establish the communication channel with the access system; receive an indication that the access system is available; determine a number of host devices included in the set of host devices; determine a number of pending host devices that are awaiting security testing at the first time, wherein the pending host devices include host devices at one or more remote networked environments that are separate from the remote networked environment; determine an available number of scan processing units from the plurality of scan processing units at the first time; schedule the security testing of the set of host devices at a second time based at least in part on the number of host devices included in the set of host devices, the number of pending host devices, and an availability of a scan processing unit, wherein the second time is later than the first time and includes an estimated start time for security testing the set of host devices; output the estimated start time to the computing system; at the second time, establish a virtual private network connection to the access system, wherein the virtual private network connection provides a scan processing unit of the plurality of scan processing units with access to the set of host devices at the remote networked environment; and initiate the security testing of the set of host devices over the virtual private network connection using the scan processing unit. In some aspects, the techniques described herein relate to a security testing system, wherein the access system includes a headless client that is connected to network hardware at the remote networked environment. In some aspects, the techniques described herein relate to a security testing system, wherein the access system includes a special purpose computing system. In some aspects, the techniques described herein relate to a security testing system, wherein the access system includes a computing system within the remote networked environment configured to execute remote connection software to connect with the security testing system. In some aspects, the techniques described herein relate to a security testing system, wherein the security testing includes penetration testing, vulnerability testing, misconfigured system testing, attack simulation testing, or any combination thereof. In some aspects, the techniques described herein relate to a security testing system, wherein the set of host devices includes one or more computing systems, one or more instances of network hardware, one or more printers, one or more internet protocol phones, one or more Internet-of-Things (IOT) devices, or one or more internet protocol manufacturing devices. In some aspects, the techniques described herein relate to a security testing system, wherein at least one of the plurality of scan processing units includes a graphics processing unit, a central processing unit, a task accelerator, or a virtual machine. In some aspects, the techniques described herein relate to a security testing system, wherein the computing system is the acces