Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 1 of 8
`
`Exhibit 19
`
`REDACTED VERSION OF DOCUMENT
`SOUGHT TO BE SEALED
`
`
`
`Exhibit 19
`
`REDACTED VERSION OF DOCUMENT
`SOUGHT TO BE SEALED
`
`
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 2 of 8
`
` IN THE UNITED STATES DISTRICT COURT
` FOR THE NORTHERN DISTRICT OF CALIFORNIA
` OAKLAND DIVISION
`----------------------------x
`FINJAN, INC., a Delaware :
`Corporation, :
` Plaintiff, : Case No.:
`vs. : 4:18-CV-07229-YGR
`QUALYS, INC., a Delaware :
`Corporation, :
` Defendant. :
`----------------------------x
`
` HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`
` Videotaped Deposition of QUALYS, INC.,
` by and through its corporate designee,
` HOLGER KRUSE
` Conducted Virtually
` Monday, September 14, 2020
` 9:00 a.m. PDT
`
`Job No.: 320088
`Pages: 1 - 197
`Reported By: Theresa A. White, CSR, RPR, RMR, CRR
`
`1 2 3 4 5 6 7 8 9 1
`
`0
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 3 of 8
`HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`Transcript of Holger Kruse, Corporate Designee
`
`
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 4 of 8
`HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`Transcript of Holger Kruse, Corporate Designee
`
`
`
`09:04:38
`09:04:41
`09:04:41
`09:04:42
`09:04:46
`09:04:49
`09:04:53
`09:04:57
`09:05:00
`09:05:03
`09:05:05
`09:05:08
`09:05:13
`09:05:15
`09:05:18
`09:05:23
`09:05:26
`09:05:29
`09:05:31
`09:05:33
`09:05:33
`09:05:35
`09:05:38
`09:05:39
`09:05:41
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 5 of 8
`HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`Transcript of Holger Kruse, Corporate Designee
`Conducted on September 14, 2020
`
`9
`
`management, policy compliance and web application
`scanning?
` MR. MAYS: Same objection.
` THE WITNESS: There may be indirect use of
`the results. The scan types which we receive are
`always one of these three types, but there may be
`products in the front end which make use of this
`data for other purposes. I'm not aware of any
`details of how this data might be used.
` Q (By Mr. Lee) Can you elaborate? What do
`you mean by "indirect use of the results"?
` A Well, the results of scans are stored in
`the data center, and we have multiple different
`products which make use of scan results in
`different ways. Vulnerability management and
`policy compliance are the core products, but other
`products have been layered around it which may
`also make use of those results in different ways.
` Q Which products make indirect use of the
`results?
` A I don't have any details. I just know
`that the data has been imported into other
`products in the past.
` MR. MAYS: And objection. Outside the
`scope.
`
`PLANET DEPOS
`888.433.3767 | WWW.PLANETDEPOS.COM
`
`1 2 3 4 5 6 7 8 9 1
`
`0
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`12:55:37
`12:55:39
`12:55:44
`12:55:47
`12:55:51
`12:55:53
`12:55:57
`12:55:58
`12:56:00
`12:56:04
`12:56:04
`12:56:06
`12:56:06
`12:56:11
`12:56:15
`12:56:19
`12:56:22
`12:56:26
`12:56:29
`12:56:29
`12:56:33
`12:56:38
`12:56:41
`12:56:44
`12:56:48
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 6 of 8
`HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`Transcript of Holger Kruse, Corporate Designee
`Conducted on September 14, 2020
`
`134
`
` THE WITNESS: That has historic reasons.
`It's because the way the scanner appliances work,
`it would be difficult for us to have a completely
`separate scan engine running parallel with ML. It
`is easier for the external engine to piggyback
`onto the architecture we already have, with the ML
`extension.
` Q (By Mr. Lee) Do you see there is
`something that says "NOC Host Messages"?
` A Yes.
` Q Do you have any understanding of what that
`is?
` A Yes. NOC host is -- N-O-C stands for
`network operations center. NOC host is a service
`that is run in the data center where we keep
`events and telemetry information. For instance,
`scanner health information, sensor data,
`temperature, hard-disc problems, those kinds of
`things.
` So it is common for scan engines to report
`any unusual events that happen during the scan to
`NOC host as scan events.
` Q What does the webcrawl module do when it
`receives these NOC host messages from WAS?
` MR. MAYS: Objection. Form. Outside the
`
`PLANET DEPOS
`888.433.3767 | WWW.PLANETDEPOS.COM
`
`1 2 3 4 5 6 7 8 9 1
`
`0
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`12:56:49
`12:56:50
`12:56:53
`12:56:58
`12:57:01
`12:57:02
`12:57:06
`12:57:07
`12:57:10
`12:57:10
`12:57:13
`12:57:14
`12:57:16
`12:57:19
`12:57:22
`12:57:26
`12:57:28
`12:57:30
`12:57:31
`12:57:35
`12:57:38
`12:57:43
`12:57:48
`12:57:48
`12:57:50
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 7 of 8
`HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`Transcript of Holger Kruse, Corporate Designee
`Conducted on September 14, 2020
`
`135
`
`scope.
` THE WITNESS: It passes them on to a small
`client. This is called HostMon. And the client
`then sends them to the data center.
` Q (By Mr. Lee) Do you see that there is a
`box called Vulnsigs?
` A Yes.
` Q With an arrow pointing to WAS?
` A Yes.
` Q Do you have an understanding what Vulnsigs
`is here?
` A We already talked about this Vulnsigs.
`It's our vulnerability signature repository, and
`this is shared both by regular ML -- I'm sorry.
`By regular VM and PC scans and also by WAS. It
`has signatures for both -- of all three types of
`scans in it.
` Q (By Mr. Lee) Do you have any idea what
`"global config" and "test payloads" refers to?
` A No. That would have to be answered by the
`WAS team.
` Q Do you see there is a thing called JSEN?
` A Yes.
` Q Do you have any understanding what that
`is?
`
`PLANET DEPOS
`888.433.3767 | WWW.PLANETDEPOS.COM
`
`1 2 3 4 5 6 7 8 9 1
`
`0
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`12:57:50
`12:57:57
`12:58:00
`12:58:09
`12:58:15
`12:58:16
`12:58:17
`12:58:17
`12:58:19
`12:58:21
`12:58:24
`12:58:27
`12:58:29
`12:58:35
`12:58:36
`12:58:38
`12:58:40
`12:58:48
`12:58:51
`12:58:56
`12:58:57
`12:58:59
`12:59:02
`12:59:04
`12:59:05
`
`Case 4:18-cv-07229-YGR Document 201-17 Filed 06/01/21 Page 8 of 8
`HIGHLY CONFIDENTIAL - OUTSIDE ATTORNEYS' EYES ONLY
`Transcript of Holger Kruse, Corporate Designee
`Conducted on September 14, 2020
`
`136
`
` A Not precisely. I've seen it, the term
`used in connection with web applications, but I
`don't know precisely what it is.
` Q What does WAS do with the Vulnsigs it
`receives?
` MR. MAYS: Objection to form. Outside the
`scope.
` THE WITNESS: The details would have to be
`answered by the WAS team. In general,
`vulnerability signatures drive a scan. They
`determine what a scan should do, and WAS does the
`same, but I don't know the details of how -- of
`what kind of detections are in Vulnsigs and how
`they are used.
` Q (By Mr. Lee) Can you go to the next page,
`Bates ending in 9785?
` A Sure. Yes.
` Q Do you see in the second bullet it says
`"Crawl, parentheses, WebKit, comma, curl"?
` A Yes.
` Q Do you have any understanding what that
`crawl refers to?
` MR. LEE: Objection. Outside the scope.
` THE WITNESS: My understanding, and this
`may be incomplete, is that as part of web
`
`PLANET DEPOS
`888.433.3767 | WWW.PLANETDEPOS.COM
`
`1 2 3 4 5 6 7 8 9 1
`
`0
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
