CyberArk Software Ltd.
ON-DEMAND AND PROACTIVE DETECTION OF APPLICATION MISCONFIGURATION SECURITY THREATS

Abstract:

Disclosed embodiments relate to systems and methods for dynamically and proactively scanning a computing environment for application misconfiguration security threats. Techniques include identifying an application configured for network communications; analyzing a network security configuration of the application; identifying, based on the analyzing, a target network address that the application is configured to use to redirect a network device to a target network resource; comparing the target network address to a whitelist of trusted target network addresses; assessing, based on the comparing, whether the network security configuration is misconfigured; and determining, based on the assessment, whether to provide a configuration validation status for the application.