US20030126472A1 - Automated computer vulnerability resolution system - Google Patents
Automated computer vulnerability resolution system Download PDFInfo
- Publication number
- US20030126472A1 US20030126472A1 US10/335,490 US33549002A US2003126472A1 US 20030126472 A1 US20030126472 A1 US 20030126472A1 US 33549002 A US33549002 A US 33549002A US 2003126472 A1 US2003126472 A1 US 2003126472A1
- Authority
- US
- United States
- Prior art keywords
- remediation
- computer
- vulnerabilities
- vulnerability
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Definitions
- the invention relates generally to a method and system for resolving security vulnerabilities in computers and, more particularly, to a vulnerability resolution system in which computer security vulnerability information from one or more sources can be aggregated and comprehensive remediation updates can be generated for managed automated distribution to target client computers.
- a method and system are presented which provide for a more automated and managed way to remediate security vulnerabilities on individual computers and computer networks. More particularly, a vulnerability resolution system is provided in which vulnerability information is aggregated, then used to construct, and subsequently update, vulnerability remediation signatures for download. The downloaded signatures may then be selectively used to address or resolve vulnerabilities on client machines having security vulnerabilities.
- a method for resolving vulnerabilities in a computer comprises aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address a computer vulnerability; and deploying said remediation signature to a client computer.
- the aggregating of vulnerability information comprises obtaining vulnerability information from at least one security intelligence agent, such as a database of information regarding known computer vulnerabilities or a scanning service which scans a client computer for vulnerabilities and records the vulnerability information.
- the remediation signature typically comprises a sequence of actions to address a corresponding vulnerability.
- the remediation signatures are generally associated with a corresponding computer vulnerability.
- a remediation profile may be constructed for a client computer to address vulnerabilities on that computer, where the profile comprises selected remediation signatures for the client computer corresponding to vulnerabilities on the client computer.
- the remediation signatures may be uploaded to a flash server for remote access or download by client computers or client servers.
- a managed remediation approach is also contemplated which would include wherein selective deployment of remediation signatures, selective resolution of vulnerabilities, scheduled scanning of client computers for vulnerabilities, scheduled deployment of remediation signatures, etc.
- a system for resolving computer vulnerabilities comprises a remediation server capable of coupling to a security intelligence agent having information about computer vulnerabilities in order to aggregate said vulnerability information into a remediation database.
- Various devices may be coupled to the remediation server to complete the system.
- a signature module may be coupled to the remediation server to construct a remediation signature for each vulnerability.
- a flash server may be coupled to the signature module to provide remote access to said remediation signatures.
- a client server may also be included capable of coupling to said flash server to access said remediation signatures.
- a deployment module may be coupled to the client server capable of deploying said remediation signatures to a client computer coupled to said client server.
- the deployment module may also be capable of constructing a remediation profile for a client computer to address vulnerabilities on that computer, wherein the remediation profile typically comprises selected remediation signatures for the client computer corresponding to vulnerabilities on the client computer.
- An input module may also be coupled to the remediation server to handle the interfacing of the remediation server to a security intelligence agent having information about computer vulnerabilities.
- a client module may be coupled to the client server to which handle the interfacing of the client server to the flash server to access said remediation signatures.
- computer-readable media tangibly embodying a program of instructions executable by a computer to perform a process for resolving vulnerabilities in a computer comprises aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address a computer vulnerability; and deploying said remediation signature to a client computer.
- FIG. 1 is a block diagram illustrating an embodiment of a vulnerability resolution system in accordance with the present invention.
- FIG. 2 is a block diagram illustrating another embodiment of a vulnerability resolution system in accordance with the present invention.
- FIG. 3 is a flow chart illustrating an overview of an embodiment of a computer vulnerability remediation process in accordance with the present invention.
- FIG. 4 is a flow chart illustrating an embodiment of an aggregation and construction process for computer vulnerability remediation in accordance with the present invention.
- FIGS. 5A and 5B are a flow chart illustrating an embodiment of a remediation management process for computer vulnerability remediation in accordance with the present invention.
- FIG. 1 illustrates an embodiment of a vulnerability resolution system 10 in accordance with the present invention.
- the system 10 comprises a remediation server 12 coupled to a plurality of intelligence agents 14 .
- the remediation server 12 is also coupled to an import module 15 , a remediation database 16 , and a signature module 18 .
- the import module 15 , remediation database 16 , and signature module 18 are incorporated in the remediation server 12 .
- the import module 15 , remediation database 16 , and signature module 18 may be stored in memory on the remediation server 12 . It is also contemplated, however, that the import module 15 , remediation database 16 , and signature module 18 could be remotely coupled to the remediation server 12 .
- a flash server 20 is also coupled to the remediation server 12 .
- a client server 22 is coupled to the flash server 20 .
- a client module 23 and deployment module 24 are coupled to the client server 22 .
- the client module 23 and deployment module 24 are incorporated in the client server 22 .
- the client module 23 and deployment module 24 may be stored in memory on the client server 22 . It is also contemplated, however, that the client module 23 and deployment module 24 could be remotely coupled to the client server 22 .
- a plurality of client computers 26 are coupled to the client server 22 .
- the remediation server 12 obtains information relating to computer security vulnerabilities from the intelligence agents 14 .
- the import module 15 provides the necessary interface between the remediation server 12 and the various intelligence agents having such information.
- intelligence agents include: ISS Internet Scanner, QualysGuard, Nessus, Eeye, Harris, Retina, Microsoft's hfNetCheck, and others.
- the vulnerability information may come in many forms from these agents. Two such forms include 1) general information from security intelligence organizations relating to known security vulnerabilities, such as vulnerabilities in widespread software applications like Microsoft Windows; and 2) specific information from scanning services relating to specific vulnerabilities found during a security scan of a client's computer or computer system 26 .
- the remediation server 12 aggregates the vulnerability information obtained, from whatever source, into a remediation database 16 . While aggregating the information into the database 16 , the remediation server 12 may manipulate the information in many ways. For example, the server 12 may strip unnecessary information out, may sort the information into related vulnerabilities or otherwise, may remove duplicate information, may identify or associate certain related vulnerabilities, etc.
- the remediation server 12 uses a signature module 18 to generate remediation signatures for the vulnerabilities.
- a remediation signature is a list of actions taken to address or resolve a vulnerability.
- the remediation signatures include the following types of remediation actions: service management, registry management, security permissions management, account management, policy management, audit management, file management, process management, as well as service pack, hot fix and patch installation. These types of remediation actions are generally known in the computer security industry.
- a remediation signature may address one or more vulnerabilities. For clarity of explanation, however, it will be assumed that in this embodiment each remediation signature addresses a single vulnerability or type of vulnerability.
- the remediation signatures are generated as abstract objects which can be developed and implemented across multiple platforms without the need to change the underlying source code used in the remediation system. This allows for the creation of a remediation signature in the environment of the remediation system which can then be utilized in whatever system or environment the remediation system is operating.
- the process of constructing a remediation signature may be entirely automatic or it may involve some manual intervention, or a combination of both. In fact, some intelligence agents 14 may actually provide or suggest remediations along with the vulnerability information provided.
- a corresponding level of complexity may be required for the remediation signature.
- some vendors provide “patches” or “fixes” or “updates” that address vulnerabilities in their hardware or software via their vendor website.
- a signature may therefore include direction to go to a vendor website and retrieve a patch or an update as one of the actions undertaken to remediate a computer's vulnerabilities.
- the signature module 18 or remediation server 12 may have the ability to test and approve the constructed signature in order to ensure that it successfully resolves the intended vulnerability and does not have any unintended deleterious effects.
- the remediation signature is assigned or otherwise associated with the corresponding vulnerability in the remediation database 16 .
- the remediation database 16 may include the vulnerability information and the corresponding remediation signatures for the vulnerabilities identified.
- the signatures could be stored elsewhere and remotely associated via a pointer or otherwise to their corresponding vulnerabilities.
- Remediation signatures and vulnerability information can be posted to the flash server 20 for dissemination. Typically, only after the remediation signature has been tested and approved is it released or uploaded to the flash server 20 for dissemination to clients seeking resolution of their computer vulnerabilities.
- a client server 22 can then download the desired information from the flash server 20 . In this embodiment, a download is typically initiated by a user, such as an IT or computer security personnel.
- the client server 22 may connect to the flash server 20 in many ways including the Internet or a direct dial-up connection.
- the client module 23 provides the necessary interface logic to download the information from the flash server 20 .
- a client server 22 will periodically download information from the flash server 20 to check for updated vulnerability and remediation information.
- the client server 22 may also access vendor websites 21 , via a global network such as the Internet or otherwise, to obtain additional patches or updates as needed for remediation.
- the client server 22 analyzes and interprets the signatures downloaded from the flash server 20 . If a signature specifies a needed update or patch from a vendor website 21 , the client server 22 will connect to the website and download the needed information making the patch or update available locally for remediation of any client computers 26 coupled to the client server 22 .
- the client server 22 will keep a profile of the client computers 26 coupled thereto.
- the profile of the client computers 26 essentially records or logs the system information relating to the client computers 26 .
- the profile contains information regarding remediation performed on the client computer 26 .
- the profile might also contain information regarding the formatting of the client computer 26 , the software applications and versions running on the computer 26 , etc., which might be helpful in managing security issues on the subject computer.
- the client server 22 can track what remediation may be required for each client computer 26 .
- the client server 22 can manage the vulnerability resolution process for each client computer 26 .
- the client server 22 could select which remediation signatures should be deployed to each client computer 26 , or which vulnerabilities should or should not be addressed.
- vulnerability resolution can be managed by scheduling the various resolution events. For instance, when and how often the client computers 26 are scanned for vulnerabilities can be scheduled, as well as the timing of the deployment of the remediation signatures to address those vulnerabilities.
- the remediation of vulnerabilities can be more reliably and more cost effectively addressed.
- the remediation can occur in off hours to minimize impact on the productivity of the client computers 26 .
- the remediation can be selectively implemented.
- the remediation can be tracked and logged so that remediations are not accidentally overwritten or undone.
- the remediation can be accomplished automatically from the client server 22 as opposed to having to perform or install the remediation manually on each client computer, a virtually impossible task for some large-scale companies.
- FIG. 2 is a block diagram providing another illustration of an embodiment of a vulnerability resolution system 30 in accordance with the present invention. More particularly, FIG. 2 provides another way to visualize the architecture of a vulnerability system in accordance with the present invention.
- the architecture of this embodiment of the vulnerability system 30 generally comprises an aggregation section 31 and a remediation section 32 .
- the aggregation section 31 of the architecture is essentially responsible for obtaining and aggregating the computer security vulnerability information while the remediation section 32 is essentially responsible for constructing remediation signatures for the identified vulnerabilities and deploying those remediations to client computers in a managed and automated manner.
- the aggregation section 31 of the system architecture 30 comprises intelligence agents 34 , an import API or interface 36 , and an administrator 38 .
- the import API 36 provides an interface to the intelligence agents 34 .
- the intelligence agents 34 provide information regarding computer security vulnerabilities.
- these intelligence agents 34 may include automated vulnerability assessment tools, security intelligence services, manufacturers of computer hardware or software, etc.
- the administrator 38 obtains this vulnerability information from the intelligence agents 34 via the import API 36 .
- the import API 36 typically includes several interfaces or import wizards as required to allow importation of vulnerability assessment data from the variety of intelligence agents available.
- the intelligence agents 34 provide information specifying the necessary interface. Once retrieved, the vulnerability information may be aggregated, sorted, selected or otherwise managed via the administrator 38 .
- the remediation section 32 of the system architecture 30 ultimately uses the vulnerability information retrieved by the aggregation section 31 to remediate vulnerabilities on client computers 40 .
- the client computers 40 are shown coupled to a client server 42 .
- the client server 42 allows for automated and managed deployment of the remediation signatures to the client computers 40 .
- the architecture of the remediation section 32 illustrates that the vulnerability information from the aggregation section 31 is conveyed to the client server 42 and client computers 40 via the remediation bus 44 , remediation signature 46 , and remediation profile 48 .
- the remediation signature 46 is essentially a group of actions which can be taken to address or resolve a vulnerability.
- the signature may be provided by the intelligence agents 34 with the vulnerability information or, more typically, it may need to be constructed in response to the vulnerability information received.
- the construction may include some automated creation and/or some manual creation of the appropriate actions to be taken to address the subject vulnerability.
- the remediation profile 48 contemplates a record or log of system information relating to the client computers 40 or client servers 42 .
- the profile may contain information regarding the formatting of the client computers 40 or server 42 , the software applications and versions running on the computers 40 or servers 42 , the remediation signatures already implemented on the computers 40 and servers 42 , the remediation history of the computers 40 , etc.
- remediation types or groups 50 in this embodiment include configuration management, backdoor management, service management, account management, and patch management.
- the available remediation groups are coupled to the remediation bus 44 . It is contemplated that other remediation types or groups may be included as well.
- FIG. 3 is a flow chart illustrating an overview of an embodiment of a computer vulnerability remediation process in accordance with the present invention.
- the remediation process 60 begins with vulnerability assessment in box 61 .
- Vulnerability assessment comprises using automated assessment tools and audit processes, intelligence agents, to verify the existence of known vulnerabilities on a given computer or computer network. This assessment process may also include device discovery; that is, the mapping of network and subnetwork components to be assessed and identifying the devices that will be targeted for vulnerability assessment.
- the vulnerability information is imported or aggregated in the system, typically in a remediation database, and remediation signatures can be constructed to address the identified vulnerabilities. As noted, the remediation signatures are typically associated with the corresponding vulnerabilities in the remediation database.
- the vulnerability information is then reviewed in box 63 .
- the review process typically includes analyzing the vulnerability information to prioritize and identify vulnerabilities for remediation, as well as acceptable risks (i.e., where no remediation is required).
- the remediation can then be scheduled to occur when, where, and how desired. This allows the remediation to occur in off-peak times to reduce interference with normal computer operations, on only the identified target computers, and in the manner desired.
- the remediation signatures are approved for dissemination to the client's target computers. This contemplates that remediation signatures can be selectively deployed.
- signatures designed to address the vulnerabilities identified may be tested and revised before approving the signatures for deployment.
- remediation signatures and vulnerability information are distributed to the system clients in box 66 for use on the client's computers. Then, remediation can occur as scheduled in box 67 . Finally, the remediation undertaken can be reviewed to ensure the remediation was completed successfully via status reports or otherwise. In addition, remediation events may be logged or otherwise recorded to preserve the remediation information. Such information may be included in profiles for the client computers. As noted, such profiles may include information about the target devices such as system configuration, software, and prior remediation actions or a remediation history. Having such information allows for managed remediation of the client computers in the future. Overall then, the embodiment of the remediation process of FIG. 3 presents vulnerability assessment, vulnerability remediation, and vulnerability management as contemplated by the present invention.
- FIG. 4 is a flow chart illustrating an embodiment of an aggregation and construction process for computer vulnerability remediation in accordance with the present invention.
- the aggregation and construction process 70 can be viewed as a subprocess of the overall remediation process.
- the process 70 begins in box 71 with the gathering of vulnerability information from intelligence agents.
- these intelligence agents include automated vulnerability assessment tools, security intelligence services, manufacturers of computer hardware or software, etc.
- the vulnerability information retrieved from the intelligence agents is then aggregated in a remediation database as indicated in box 72 .
- the vulnerability information is then reviewed and analyzed. This may include sorting the information into related vulnerabilities or otherwise, categorizing or identifying certain related vulnerabilities, prioritizing vulnerabilities, etc.
- a remediation signature resolves or addresses a vulnerability or type of vulnerability.
- a remediation signature is then constructed in box 75 .
- a remediation signature is a group of actions which addresses or resolves the subject vulnerability; for instance, modifying registry settings, changing security permissions, installing patches, etc.
- the creation of a remediation signature may be completely automated or may include some manual input as well.
- the remediation signature is tested to see if it effectively resolves or addresses the target vulnerability. If not, the process returns to box 75 and another remediation signature is constructed, then retested in box 76 . Once an effective signature has been constructed, the process continues to box 77 .
- selected signatures may be approved for distribution to clients. Approved signatures are then uploaded to a flash server making them available for download by clients in box 78 . In this way, new and updated remediation signatures which address or resolve identified vulnerabilities are made available for download by clients.
- FIGS. 5A and 5B are a flow chart illustrating an embodiment of a remediation management process for computer vulnerability remediation in accordance with the present invention.
- the aggregation and construction process 70 can be viewed as a subprocess of the overall remediation process.
- This embodiment of the remediation management process 80 is typically a software application installed on a client server which is coupled to a plurality of target client computers which may require remediation of security vulnerabilities. Accordingly, the process 80 begins in box 81 by launching the application.
- available remediation signatures and vulnerability information are downloaded, typically from a flash server.
- box 83 vulnerability assessment data is imported.
- this vulnerability assessment data comes from scanning tools which have scanned or analyzed the target computers for which remediation is being considered.
- the vulnerability assessment data includes information regarding the security vulnerabilities found on the target computers or devices.
- the vulnerabilities are then mapped to remediation signatures in box 84 .
- mapping of the identified vulnerabilities to corresponding remediation signatures occurs by referencing the remediation database information downloaded from the flash server. It is contemplated, however, that this information may have been previously downloaded, remotely accessed, or presently downloaded to make the necessary correlation between vulnerabilities and available signatures.
- a remediation profile is then generated for each target computer in box 85 .
- the profile typically includes information regarding the vulnerabilities identified on the target client computer as well as the corresponding signatures to address those vulnerabilities.
- the client user typically an IT person or other computer security personnel, is given the opportunity to select which vulnerabilities should be remediated.
- the selection is made by reviewing the information regarding vulnerabilities, proposed signatures, and profiles. The selection and review may be made for each computer or by vulnerability. For example, a particular computer could be selected not to receive any remediation, perhaps because the computer does not pose a significant security risk, the vulnerabilities on the computer are not significant, the processes running on the computer cannot be interrupted for remediation, etc. Alternatively, a particular vulnerability could be deselected for all target client computers, such that the vulnerability would not be remediated on any of the target computers, perhaps because the vulnerability dose not pose a sufficient security risk, the remediation signature is deemed too risky, etc.
- the user can then select which computers will be approved to receive remediation in box 87 .
- the proposed remediation is analyzed to determine which remediation signatures will be required.
- the target client computers that are to receive remediation are notified that a remediation is to occur.
- the notification essentially comprises a message passed to a local remediation application installed on each client computer. Included in the remediation notification may be when the remediation is scheduled to occur. For instance, the remediation can be scheduled to occur at the instance of a particular event, such as a user logging off the machine, logging in, or any other action. In addition, the remediation may be scheduled to occur at a particular time.
- the remediation can be initiated at the scheduled time. Or alternatively, the remediation could occur as soon as the notification is received at the target client computer. Regardless of the triggering event, when the trigger is met the local remediation is launched in box 90 .
- the process 80 continues in FIG. 5B.
- the remediation profile for the client computer is then downloaded in box 91 .
- the profile is downloaded from the client server on which the client remediation management process application is running, i.e., the server that sent the notification of the pending remediation initially.
- the profile is then interpreted and the remediation signatures and actions specified in the profile are executed as indicated in box 92 .
- the status of the remediation may be reported to the client server and monitored.
- the remediation steps may be prioritized and analyzed to ensure the most efficient sequence of execution as indicated in box 94 .
- a reboot may need to be performed for some of the remediation actions to take effect.
- Completion of the remediation on the target client computer is then logged to the client server in box 96 .
- box 97 indicates that reports are generated indicative of the effect of the remediation. Whether the remediation was successful or not is determined in box 98 . If the remediation is not deemed successful, either because it did not resolve the identified vulnerabilities as evidenced by an additional security scan of the client computer, or because the remediation actions had unintended deleterious effects, etc., then the remediation can be rolled back or undone and the remediation process can be repeated as indicated in box 99 . If the remediation is deemed successful, i.e., vulnerabilities resolved and no deleterious effects for example, then the process ends in box 100 . In this manner, the new and updated remediation signatures made available to address or resolve identified vulnerabilities can be downloaded and used in an automated and managed remediation deployment to target client computers.
Abstract
Description
- This application claims priority from U.S. Provisional Application serial No. 60/345,689 filed on Dec. 31, 2001.
- Not applicable.
- Not applicable.
- The invention relates generally to a method and system for resolving security vulnerabilities in computers and, more particularly, to a vulnerability resolution system in which computer security vulnerability information from one or more sources can be aggregated and comprehensive remediation updates can be generated for managed automated distribution to target client computers.
- Computers, computer systems, and the applications running thereon are becoming increasingly complex. In addition, with the advent of the Internet and other modern networking technology, computers have become increasingly interconnected and remote accessibility of individual computers and computer networks has become more and more common. In part as a result of this complexity, the number of computer security vulnerabilities that need to be addressed continues to increase. For example, in the year 2000 alone, 650 operating system vulnerabilities were identified, including 126 in the Windows 2000/NT platform and another 46 in the Windows 9x platform. The Computer Security Institute reported 417 vulnerabilities for the year 1999, 1090 vulnerabilities for the year 2000, 2,437 in 2001, and a projected 4000+vulnerabilities in 2002. Given these trends, it has become increasingly difficult to protect computers from security breaches via these vulnerabilities. Moreover, the task of maintaining security for these computer systems and/or networks has become increasingly burdensome and difficult.
- Currently, organizations typically use vulnerability scanning software or managed security providers to test computers for security weaknesses. These tools generally provide detailed information on the vulnerabilities found in the computing environment, but provide limited means for correcting or resolving the detected vulnerabilities. In order for an organization to remove identified vulnerabilities, it typically must expend a large amount of labor and resources to identify and/or create a remediation for each vulnerability then even more labor to install the vulnerability remediation on the affected computers. Often, this involves visiting each individual computer and manually applying the necessary remediation. In addition, once the remediation is applied, a user can easily remove it, or install additional software that invalidates the remediation, thereby wasting all of the effort expended in performing the remediation.
- In accordance with the present invention, a method and system are presented which provide for a more automated and managed way to remediate security vulnerabilities on individual computers and computer networks. More particularly, a vulnerability resolution system is provided in which vulnerability information is aggregated, then used to construct, and subsequently update, vulnerability remediation signatures for download. The downloaded signatures may then be selectively used to address or resolve vulnerabilities on client machines having security vulnerabilities.
- In one embodiment, a method for resolving vulnerabilities in a computer comprises aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address a computer vulnerability; and deploying said remediation signature to a client computer. The aggregating of vulnerability information comprises obtaining vulnerability information from at least one security intelligence agent, such as a database of information regarding known computer vulnerabilities or a scanning service which scans a client computer for vulnerabilities and records the vulnerability information. The remediation signature typically comprises a sequence of actions to address a corresponding vulnerability. The remediation signatures are generally associated with a corresponding computer vulnerability. A remediation profile may be constructed for a client computer to address vulnerabilities on that computer, where the profile comprises selected remediation signatures for the client computer corresponding to vulnerabilities on the client computer. The remediation signatures may be uploaded to a flash server for remote access or download by client computers or client servers. A managed remediation approach is also contemplated which would include wherein selective deployment of remediation signatures, selective resolution of vulnerabilities, scheduled scanning of client computers for vulnerabilities, scheduled deployment of remediation signatures, etc.
- In another embodiment, a system for resolving computer vulnerabilities comprises a remediation server capable of coupling to a security intelligence agent having information about computer vulnerabilities in order to aggregate said vulnerability information into a remediation database. Various devices may be coupled to the remediation server to complete the system. For example, a signature module may be coupled to the remediation server to construct a remediation signature for each vulnerability. A flash server may be coupled to the signature module to provide remote access to said remediation signatures. A client server may also be included capable of coupling to said flash server to access said remediation signatures. A deployment module may be coupled to the client server capable of deploying said remediation signatures to a client computer coupled to said client server. The deployment module may also be capable of constructing a remediation profile for a client computer to address vulnerabilities on that computer, wherein the remediation profile typically comprises selected remediation signatures for the client computer corresponding to vulnerabilities on the client computer. An input module may also be coupled to the remediation server to handle the interfacing of the remediation server to a security intelligence agent having information about computer vulnerabilities. And a client module may be coupled to the client server to which handle the interfacing of the client server to the flash server to access said remediation signatures.
- In another embodiment, computer-readable media tangibly embodying a program of instructions executable by a computer to perform a process for resolving vulnerabilities in a computer comprises aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address a computer vulnerability; and deploying said remediation signature to a client computer.
- FIG. 1 is a block diagram illustrating an embodiment of a vulnerability resolution system in accordance with the present invention.
- FIG. 2 is a block diagram illustrating another embodiment of a vulnerability resolution system in accordance with the present invention.
- FIG. 3 is a flow chart illustrating an overview of an embodiment of a computer vulnerability remediation process in accordance with the present invention.
- FIG. 4 is a flow chart illustrating an embodiment of an aggregation and construction process for computer vulnerability remediation in accordance with the present invention.
- FIGS. 5A and 5B are a flow chart illustrating an embodiment of a remediation management process for computer vulnerability remediation in accordance with the present invention.
- In this disclosure, numerous specific details are set forth to provide a sufficient understanding of the present invention. However, those skilled in the art will appreciate that the present invention may be practiced without such specific details. In other instances, well-known elements have been illustrated in schematic or block diagram form in order not to obscure the present invention in unnecessary detail. Additionally, some details have been omitted inasmuch as such details are not considered necessary to obtain a complete understanding of the present invention, and are considered to be within the understanding of persons of ordinary skill in the relevant art. It is further noted that all functions described herein may be performed in either hardware or software, or a combination thereof, unless indicated otherwise. Certain terms are used throughout the following description and claims to refer to particular system components. As one skilled in the art will appreciate, components may be referred to by different names. This document does not intend to distinguish between components that differ in name, but not function. In the following discussion and in the claims, the terms “including” and “comprising” are used in an open-ended fashion, and thus should be interpreted to mean “including, but not limited to . . . ”. Also, the term “couple” or “couples” is intended to mean either an indirect or direct electrical or communicative connection. Thus, if a first device couples to a second device, that connection may be through a direct connection, or through an indirect connection via other devices and connections. Finally, the terms “remediate” and “remediation” are used to refer generally to addressing or resolving vulnerabilities by reducing or alleviating the security risk presented by the subject vulnerability.
- FIG. 1 illustrates an embodiment of a
vulnerability resolution system 10 in accordance with the present invention. As shown in FIG. 1, thesystem 10 comprises aremediation server 12 coupled to a plurality ofintelligence agents 14. Theremediation server 12 is also coupled to animport module 15, aremediation database 16, and asignature module 18. In this embodiment, theimport module 15,remediation database 16, andsignature module 18 are incorporated in theremediation server 12. For instance, theimport module 15,remediation database 16, andsignature module 18 may be stored in memory on theremediation server 12. It is also contemplated, however, that theimport module 15,remediation database 16, andsignature module 18 could be remotely coupled to theremediation server 12. - A
flash server 20 is also coupled to theremediation server 12. Aclient server 22 is coupled to theflash server 20. Aclient module 23 anddeployment module 24 are coupled to theclient server 22. In this embodiment, theclient module 23 anddeployment module 24 are incorporated in theclient server 22. For instance, theclient module 23 anddeployment module 24 may be stored in memory on theclient server 22. It is also contemplated, however, that theclient module 23 anddeployment module 24 could be remotely coupled to theclient server 22. And finally, a plurality ofclient computers 26 are coupled to theclient server 22. - In the operation of the
system 10, theremediation server 12 obtains information relating to computer security vulnerabilities from theintelligence agents 14. Theimport module 15 provides the necessary interface between theremediation server 12 and the various intelligence agents having such information. Examples of intelligence agents include: ISS Internet Scanner, QualysGuard, Nessus, Eeye, Harris, Retina, Microsoft's hfNetCheck, and others. The vulnerability information may come in many forms from these agents. Two such forms include 1) general information from security intelligence organizations relating to known security vulnerabilities, such as vulnerabilities in widespread software applications like Microsoft Windows; and 2) specific information from scanning services relating to specific vulnerabilities found during a security scan of a client's computer orcomputer system 26. Theremediation server 12 aggregates the vulnerability information obtained, from whatever source, into aremediation database 16. While aggregating the information into thedatabase 16, theremediation server 12 may manipulate the information in many ways. For example, theserver 12 may strip unnecessary information out, may sort the information into related vulnerabilities or otherwise, may remove duplicate information, may identify or associate certain related vulnerabilities, etc. - In addition, the
remediation server 12 uses asignature module 18 to generate remediation signatures for the vulnerabilities. Typically, a remediation signature is a list of actions taken to address or resolve a vulnerability. In this embodiment, the remediation signatures include the following types of remediation actions: service management, registry management, security permissions management, account management, policy management, audit management, file management, process management, as well as service pack, hot fix and patch installation. These types of remediation actions are generally known in the computer security industry. - A remediation signature may address one or more vulnerabilities. For clarity of explanation, however, it will be assumed that in this embodiment each remediation signature addresses a single vulnerability or type of vulnerability. In an embodiment of this system, the remediation signatures are generated as abstract objects which can be developed and implemented across multiple platforms without the need to change the underlying source code used in the remediation system. This allows for the creation of a remediation signature in the environment of the remediation system which can then be utilized in whatever system or environment the remediation system is operating. The process of constructing a remediation signature may be entirely automatic or it may involve some manual intervention, or a combination of both. In fact, some
intelligence agents 14 may actually provide or suggest remediations along with the vulnerability information provided. Depending on the level of complexity of the vulnerability, a corresponding level of complexity may be required for the remediation signature. For example, some vendors provide “patches” or “fixes” or “updates” that address vulnerabilities in their hardware or software via their vendor website. A signature may therefore include direction to go to a vendor website and retrieve a patch or an update as one of the actions undertaken to remediate a computer's vulnerabilities. Given the potential complexity of the signatures, they may not always operate successfully as initially constructed. Accordingly, thesignature module 18 orremediation server 12 may have the ability to test and approve the constructed signature in order to ensure that it successfully resolves the intended vulnerability and does not have any unintended deleterious effects. - Once a remediation signature has been constructed, in this embodiment of the
system 10 the remediation signature is assigned or otherwise associated with the corresponding vulnerability in theremediation database 16. Accordingly, theremediation database 16 may include the vulnerability information and the corresponding remediation signatures for the vulnerabilities identified. Alternatively, it is contemplated that the signatures could be stored elsewhere and remotely associated via a pointer or otherwise to their corresponding vulnerabilities. - Remediation signatures and vulnerability information can be posted to the
flash server 20 for dissemination. Typically, only after the remediation signature has been tested and approved is it released or uploaded to theflash server 20 for dissemination to clients seeking resolution of their computer vulnerabilities. Aclient server 22 can then download the desired information from theflash server 20. In this embodiment, a download is typically initiated by a user, such as an IT or computer security personnel. Theclient server 22 may connect to theflash server 20 in many ways including the Internet or a direct dial-up connection. In this embodiment of the system, theclient module 23 provides the necessary interface logic to download the information from theflash server 20. Typically, aclient server 22 will periodically download information from theflash server 20 to check for updated vulnerability and remediation information. Theclient server 22 may also accessvendor websites 21, via a global network such as the Internet or otherwise, to obtain additional patches or updates as needed for remediation. In this embodiment of thesystem 10, theclient server 22 analyzes and interprets the signatures downloaded from theflash server 20. If a signature specifies a needed update or patch from avendor website 21, theclient server 22 will connect to the website and download the needed information making the patch or update available locally for remediation of anyclient computers 26 coupled to theclient server 22. - In this embodiment, it is also contemplated that the
client server 22 will keep a profile of theclient computers 26 coupled thereto. The profile of theclient computers 26 essentially records or logs the system information relating to theclient computers 26. Primarily, the profile contains information regarding remediation performed on theclient computer 26. It is contemplated, however, that the profile might also contain information regarding the formatting of theclient computer 26, the software applications and versions running on thecomputer 26, etc., which might be helpful in managing security issues on the subject computer. By comparing the computer profiles with the vulnerability and remediation information downloaded from theflash server 20, theclient server 22 can track what remediation may be required for eachclient computer 26. In addition, theclient server 22 can manage the vulnerability resolution process for eachclient computer 26. For instance, theclient server 22, or security or IT personnel via the server, could select which remediation signatures should be deployed to eachclient computer 26, or which vulnerabilities should or should not be addressed. In addition, vulnerability resolution can be managed by scheduling the various resolution events. For instance, when and how often theclient computers 26 are scanned for vulnerabilities can be scheduled, as well as the timing of the deployment of the remediation signatures to address those vulnerabilities. - By managing the vulnerability resolution, the remediation of vulnerabilities can be more reliably and more cost effectively addressed. In particular, the remediation can occur in off hours to minimize impact on the productivity of the
client computers 26. The remediation can be selectively implemented. The remediation can be tracked and logged so that remediations are not accidentally overwritten or undone. And, the remediation can be accomplished automatically from theclient server 22 as opposed to having to perform or install the remediation manually on each client computer, a virtually impossible task for some large-scale companies. - FIG. 2 is a block diagram providing another illustration of an embodiment of a
vulnerability resolution system 30 in accordance with the present invention. More particularly, FIG. 2 provides another way to visualize the architecture of a vulnerability system in accordance with the present invention. As shown in FIG. 2, the architecture of this embodiment of thevulnerability system 30 generally comprises anaggregation section 31 and aremediation section 32. Theaggregation section 31 of the architecture is essentially responsible for obtaining and aggregating the computer security vulnerability information while theremediation section 32 is essentially responsible for constructing remediation signatures for the identified vulnerabilities and deploying those remediations to client computers in a managed and automated manner. - As shown in FIG. 2, the
aggregation section 31 of thesystem architecture 30 comprisesintelligence agents 34, an import API orinterface 36, and an administrator 38. Theimport API 36 provides an interface to theintelligence agents 34. As discussed in reference to FIG. 1 above, theintelligence agents 34 provide information regarding computer security vulnerabilities. As noted, theseintelligence agents 34 may include automated vulnerability assessment tools, security intelligence services, manufacturers of computer hardware or software, etc. The administrator 38 obtains this vulnerability information from theintelligence agents 34 via theimport API 36. Theimport API 36 typically includes several interfaces or import wizards as required to allow importation of vulnerability assessment data from the variety of intelligence agents available. Generally, theintelligence agents 34 provide information specifying the necessary interface. Once retrieved, the vulnerability information may be aggregated, sorted, selected or otherwise managed via the administrator 38. - The
remediation section 32 of thesystem architecture 30 ultimately uses the vulnerability information retrieved by theaggregation section 31 to remediate vulnerabilities onclient computers 40. Theclient computers 40 are shown coupled to a client server 42. The client server 42 allows for automated and managed deployment of the remediation signatures to theclient computers 40. The architecture of theremediation section 32 illustrates that the vulnerability information from theaggregation section 31 is conveyed to the client server 42 andclient computers 40 via theremediation bus 44,remediation signature 46, andremediation profile 48. As discussed above, theremediation signature 46 is essentially a group of actions which can be taken to address or resolve a vulnerability. The signature may be provided by theintelligence agents 34 with the vulnerability information or, more typically, it may need to be constructed in response to the vulnerability information received. The construction may include some automated creation and/or some manual creation of the appropriate actions to be taken to address the subject vulnerability. Also as discussed, theremediation profile 48 contemplates a record or log of system information relating to theclient computers 40 or client servers 42. For instance, the profile may contain information regarding the formatting of theclient computers 40 or server 42, the software applications and versions running on thecomputers 40 or servers 42, the remediation signatures already implemented on thecomputers 40 and servers 42, the remediation history of thecomputers 40, etc. By comparing the computer profiles with the vulnerability and remediation information obtained, what remediation may be required for eachcomputer 40 or server 42 can be tracked. FIG. 2 also illustrates that the remediation types orgroups 50 in this embodiment include configuration management, backdoor management, service management, account management, and patch management. The available remediation groups are coupled to theremediation bus 44. It is contemplated that other remediation types or groups may be included as well. - FIG. 3 is a flow chart illustrating an overview of an embodiment of a computer vulnerability remediation process in accordance with the present invention. The
remediation process 60 begins with vulnerability assessment inbox 61. Vulnerability assessment comprises using automated assessment tools and audit processes, intelligence agents, to verify the existence of known vulnerabilities on a given computer or computer network. This assessment process may also include device discovery; that is, the mapping of network and subnetwork components to be assessed and identifying the devices that will be targeted for vulnerability assessment. Inbox 62, the vulnerability information is imported or aggregated in the system, typically in a remediation database, and remediation signatures can be constructed to address the identified vulnerabilities. As noted, the remediation signatures are typically associated with the corresponding vulnerabilities in the remediation database. The vulnerability information is then reviewed inbox 63. The review process typically includes analyzing the vulnerability information to prioritize and identify vulnerabilities for remediation, as well as acceptable risks (i.e., where no remediation is required). As indicated inbox 64, the remediation can then be scheduled to occur when, where, and how desired. This allows the remediation to occur in off-peak times to reduce interference with normal computer operations, on only the identified target computers, and in the manner desired. Inbox 65, the remediation signatures are approved for dissemination to the client's target computers. This contemplates that remediation signatures can be selectively deployed. In addition, signatures designed to address the vulnerabilities identified may be tested and revised before approving the signatures for deployment. Once approved, the remediation signatures and vulnerability information are distributed to the system clients inbox 66 for use on the client's computers. Then, remediation can occur as scheduled inbox 67. Finally, the remediation undertaken can be reviewed to ensure the remediation was completed successfully via status reports or otherwise. In addition, remediation events may be logged or otherwise recorded to preserve the remediation information. Such information may be included in profiles for the client computers. As noted, such profiles may include information about the target devices such as system configuration, software, and prior remediation actions or a remediation history. Having such information allows for managed remediation of the client computers in the future. Overall then, the embodiment of the remediation process of FIG. 3 presents vulnerability assessment, vulnerability remediation, and vulnerability management as contemplated by the present invention. - FIG. 4 is a flow chart illustrating an embodiment of an aggregation and construction process for computer vulnerability remediation in accordance with the present invention. Essentially, the aggregation and
construction process 70 can be viewed as a subprocess of the overall remediation process. Theprocess 70 begins inbox 71 with the gathering of vulnerability information from intelligence agents. As previously noted, these intelligence agents include automated vulnerability assessment tools, security intelligence services, manufacturers of computer hardware or software, etc. The vulnerability information retrieved from the intelligence agents is then aggregated in a remediation database as indicated inbox 72. Inbox 73, the vulnerability information is then reviewed and analyzed. This may include sorting the information into related vulnerabilities or otherwise, categorizing or identifying certain related vulnerabilities, prioritizing vulnerabilities, etc. As indicated inbox 74, vulnerabilities are identified for creation of remediation signatures. A remediation signature resolves or addresses a vulnerability or type of vulnerability. A remediation signature is then constructed inbox 75. As noted, a remediation signature is a group of actions which addresses or resolves the subject vulnerability; for instance, modifying registry settings, changing security permissions, installing patches, etc. The creation of a remediation signature may be completely automated or may include some manual input as well. Inbox 76, the remediation signature is tested to see if it effectively resolves or addresses the target vulnerability. If not, the process returns tobox 75 and another remediation signature is constructed, then retested inbox 76. Once an effective signature has been constructed, the process continues tobox 77. Inbox 77, selected signatures may be approved for distribution to clients. Approved signatures are then uploaded to a flash server making them available for download by clients inbox 78. In this way, new and updated remediation signatures which address or resolve identified vulnerabilities are made available for download by clients. - FIGS. 5A and 5B are a flow chart illustrating an embodiment of a remediation management process for computer vulnerability remediation in accordance with the present invention. Essentially, the aggregation and
construction process 70 can be viewed as a subprocess of the overall remediation process. This embodiment of theremediation management process 80 is typically a software application installed on a client server which is coupled to a plurality of target client computers which may require remediation of security vulnerabilities. Accordingly, theprocess 80 begins inbox 81 by launching the application. Inbox 82, available remediation signatures and vulnerability information are downloaded, typically from a flash server. Inbox 83, vulnerability assessment data is imported. Typically, this vulnerability assessment data comes from scanning tools which have scanned or analyzed the target computers for which remediation is being considered. The vulnerability assessment data includes information regarding the security vulnerabilities found on the target computers or devices. Based on the vulnerabilities identified on the target computers, the vulnerabilities are then mapped to remediation signatures inbox 84. In this embodiment, mapping of the identified vulnerabilities to corresponding remediation signatures occurs by referencing the remediation database information downloaded from the flash server. It is contemplated, however, that this information may have been previously downloaded, remotely accessed, or presently downloaded to make the necessary correlation between vulnerabilities and available signatures. A remediation profile is then generated for each target computer inbox 85. As noted, the profile typically includes information regarding the vulnerabilities identified on the target client computer as well as the corresponding signatures to address those vulnerabilities. Inbox 86, the client user, typically an IT person or other computer security personnel, is given the opportunity to select which vulnerabilities should be remediated. Generally, the selection is made by reviewing the information regarding vulnerabilities, proposed signatures, and profiles. The selection and review may be made for each computer or by vulnerability. For example, a particular computer could be selected not to receive any remediation, perhaps because the computer does not pose a significant security risk, the vulnerabilities on the computer are not significant, the processes running on the computer cannot be interrupted for remediation, etc. Alternatively, a particular vulnerability could be deselected for all target client computers, such that the vulnerability would not be remediated on any of the target computers, perhaps because the vulnerability dose not pose a sufficient security risk, the remediation signature is deemed too risky, etc. Once the user has selectively managed which vulnerabilities will be remediated, the user can then select which computers will be approved to receive remediation inbox 87. Inbox 88, the proposed remediation is analyzed to determine which remediation signatures will be required. Inbox 89, the target client computers that are to receive remediation are notified that a remediation is to occur. In this embodiment, the notification essentially comprises a message passed to a local remediation application installed on each client computer. Included in the remediation notification may be when the remediation is scheduled to occur. For instance, the remediation can be scheduled to occur at the instance of a particular event, such as a user logging off the machine, logging in, or any other action. In addition, the remediation may be scheduled to occur at a particular time. Thus, using the target client computer's local clock the remediation can be initiated at the scheduled time. Or alternatively, the remediation could occur as soon as the notification is received at the target client computer. Regardless of the triggering event, when the trigger is met the local remediation is launched inbox 90. - The
process 80 continues in FIG. 5B. Once the remediation is launched, the remediation profile for the client computer is then downloaded inbox 91. Typically, the profile is downloaded from the client server on which the client remediation management process application is running, i.e., the server that sent the notification of the pending remediation initially. The profile is then interpreted and the remediation signatures and actions specified in the profile are executed as indicated inbox 92. As noted inbox 93, during remediation the status of the remediation may be reported to the client server and monitored. In addition, the remediation steps may be prioritized and analyzed to ensure the most efficient sequence of execution as indicated inbox 94. As noted inbox 95, a reboot may need to be performed for some of the remediation actions to take effect. Completion of the remediation on the target client computer is then logged to the client server inbox 96. Once remediation is completed,box 97 indicates that reports are generated indicative of the effect of the remediation. Whether the remediation was successful or not is determined inbox 98. If the remediation is not deemed successful, either because it did not resolve the identified vulnerabilities as evidenced by an additional security scan of the client computer, or because the remediation actions had unintended deleterious effects, etc., then the remediation can be rolled back or undone and the remediation process can be repeated as indicated inbox 99. If the remediation is deemed successful, i.e., vulnerabilities resolved and no deleterious effects for example, then the process ends inbox 100. In this manner, the new and updated remediation signatures made available to address or resolve identified vulnerabilities can be downloaded and used in an automated and managed remediation deployment to target client computers. - While the present invention has been illustrated and described in terms of particular apparatus and methods of use, it is apparent that equivalent parts may be substituted for those shown and other changes can be made within the scope of the present invention as defined by the appended claims.
- The particular embodiments disclosed herein are illustrative only, as the invention may be modified and practiced in different but equivalent manners apparent to those skilled in the art having the benefit of the teachings herein. Furthermore, no limitations are intended to the details of construction or design herein shown, other than as described in the claims below. It is therefore evident that the particular embodiments disclosed above may be altered or modified and all such variations are considered within the scope and spirit of the invention. Accordingly, the protection sought herein is as set forth in the claims below.
Claims (47)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/335,490 US7000247B2 (en) | 2001-12-31 | 2002-12-31 | Automated computer vulnerability resolution system |
US11/009,782 US7308712B2 (en) | 2001-12-31 | 2004-12-10 | Automated computer vulnerability resolution system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US34568901P | 2001-12-31 | 2001-12-31 | |
US10/335,490 US7000247B2 (en) | 2001-12-31 | 2002-12-31 | Automated computer vulnerability resolution system |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/009,782 Continuation US7308712B2 (en) | 2001-12-31 | 2004-12-10 | Automated computer vulnerability resolution system |
Publications (3)
Publication Number | Publication Date |
---|---|
US20030126472A1 true US20030126472A1 (en) | 2003-07-03 |
US20050229256A2 US20050229256A2 (en) | 2005-10-13 |
US7000247B2 US7000247B2 (en) | 2006-02-14 |
Family
ID=23356073
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/335,490 Expired - Lifetime US7000247B2 (en) | 2001-12-31 | 2002-12-31 | Automated computer vulnerability resolution system |
US11/009,782 Expired - Fee Related US7308712B2 (en) | 2001-12-31 | 2004-12-10 | Automated computer vulnerability resolution system |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/009,782 Expired - Fee Related US7308712B2 (en) | 2001-12-31 | 2004-12-10 | Automated computer vulnerability resolution system |
Country Status (11)
Country | Link |
---|---|
US (2) | US7000247B2 (en) |
EP (1) | EP1461707A1 (en) |
JP (1) | JP2005532606A (en) |
KR (1) | KR20040069324A (en) |
CN (1) | CN1610887A (en) |
AU (1) | AU2002360844A1 (en) |
BR (1) | BR0215388A (en) |
CA (1) | CA2472268A1 (en) |
MX (1) | MXPA04006473A (en) |
NO (1) | NO20043189L (en) |
WO (1) | WO2003058457A1 (en) |
Cited By (145)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030172301A1 (en) * | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for adaptive message interrogation through multiple queues |
US20040073800A1 (en) * | 2002-05-22 | 2004-04-15 | Paragi Shah | Adaptive intrusion detection system |
US20040088581A1 (en) * | 2002-11-04 | 2004-05-06 | Brawn John Melvin | Signal level propagation mechanism for distribution of a payload to vulnerable systems |
US20040107345A1 (en) * | 2002-10-21 | 2004-06-03 | Brandt David D. | System and methodology providing automation security protocols and intrusion detection in an industrial controller environment |
US20040117624A1 (en) * | 2002-10-21 | 2004-06-17 | Brandt David D. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
US20050005159A1 (en) * | 2003-07-01 | 2005-01-06 | Oliphant Brett M. | Vulnerability and remediation database |
US20050008001A1 (en) * | 2003-02-14 | 2005-01-13 | John Leslie Williams | System and method for interfacing with heterogeneous network data gathering tools |
US20050015760A1 (en) * | 2003-07-16 | 2005-01-20 | Oleg Ivanov | Automatic detection and patching of vulnerable files |
US20050022003A1 (en) * | 2003-07-01 | 2005-01-27 | Oliphant Brett M. | Client capture of vulnerability data |
US20050044389A1 (en) * | 2003-07-01 | 2005-02-24 | Oliphant Brett M. | Multiple-path remediation |
US20050132232A1 (en) * | 2003-12-10 | 2005-06-16 | Caleb Sima | Automated user interaction in application assessment |
GB2410647A (en) * | 2004-01-31 | 2005-08-03 | Hewlett Packard Development Co | Identifying and Patching Vulnerabilities in a Network |
US20050198530A1 (en) * | 2003-12-12 | 2005-09-08 | Chess David M. | Methods and apparatus for adaptive server reprovisioning under security assault |
US20050257267A1 (en) * | 2003-02-14 | 2005-11-17 | Williams John L | Network audit and policy assurance system |
US20060010497A1 (en) * | 2004-05-21 | 2006-01-12 | O'brien Darci | System and method for providing remediation management |
WO2006005679A1 (en) * | 2004-07-13 | 2006-01-19 | International Business Machines Corporation | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
US20060021051A1 (en) * | 2004-07-23 | 2006-01-26 | D Mello Kurt | Determining technology-appropriate remediation for vulnerability |
US20060018478A1 (en) * | 2004-07-23 | 2006-01-26 | Diefenderfer Kristopher G | Secure communication protocol |
US20060021052A1 (en) * | 2004-07-23 | 2006-01-26 | D Mello Kurt | Mapping remediation to plurality of vulnerabilities |
US20060026686A1 (en) * | 2004-07-30 | 2006-02-02 | Trueba Luis R Z | System and method for restricting access to an enterprise network |
US20060053265A1 (en) * | 2004-09-03 | 2006-03-09 | Durham Roderick H | Centralized data transformation |
US20060053134A1 (en) * | 2004-09-03 | 2006-03-09 | Durham Roderick H | Centralized data transformation |
US20060053476A1 (en) * | 2004-09-03 | 2006-03-09 | Bezilla Daniel B | Data structure for policy-based remediation selection |
US20060075503A1 (en) * | 2004-09-13 | 2006-04-06 | Achilles Guard, Inc. Dba Critical Watch | Method and system for applying security vulnerability management process to an organization |
US20060080738A1 (en) * | 2004-10-08 | 2006-04-13 | Bezilla Daniel B | Automatic criticality assessment |
US20060099847A1 (en) * | 2004-11-01 | 2006-05-11 | Ntt Docomo, Inc. | Terminal control apparatus and terminal control method |
US20060185018A1 (en) * | 2005-02-17 | 2006-08-17 | Microsoft Corporation | Systems and methods for shielding an identified vulnerability |
US20060191012A1 (en) * | 2005-02-22 | 2006-08-24 | Banzhof Carl E | Security risk analysis system and method |
US20060259974A1 (en) * | 2005-05-16 | 2006-11-16 | Microsoft Corporation | System and method of opportunistically protecting a computer from malware |
US20070067847A1 (en) * | 2005-09-22 | 2007-03-22 | Alcatel | Information system service-level security risk analysis |
US20070067848A1 (en) * | 2005-09-22 | 2007-03-22 | Alcatel | Security vulnerability information aggregation |
WO2007058946A2 (en) | 2005-11-14 | 2007-05-24 | Sourcefire, Inc. | Systems and methods for modifying network map attributes |
US20070136622A1 (en) * | 2003-03-21 | 2007-06-14 | Kevin Price | Auditing System and Method |
US20070226797A1 (en) * | 2006-03-24 | 2007-09-27 | Exploit Prevention Labs, Inc. | Software vulnerability exploitation shield |
US20070283007A1 (en) * | 2002-01-15 | 2007-12-06 | Keir Robin M | System And Method For Network Vulnerability Detection And Reporting |
US20070283441A1 (en) * | 2002-01-15 | 2007-12-06 | Cole David M | System And Method For Network Vulnerability Detection And Reporting |
US20080077976A1 (en) * | 2006-09-27 | 2008-03-27 | Rockwell Automation Technologies, Inc. | Cryptographic authentication protocol |
US20080209518A1 (en) * | 2007-02-28 | 2008-08-28 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
US20080244741A1 (en) * | 2005-11-14 | 2008-10-02 | Eric Gustafson | Intrusion event correlation with network discovery information |
US20080263664A1 (en) * | 2007-04-17 | 2008-10-23 | Mckenna John J | Method of integrating a security operations policy into a threat management vector |
US20080276319A1 (en) * | 2007-04-30 | 2008-11-06 | Sourcefire, Inc. | Real-time user awareness for a computer network |
US20090007269A1 (en) * | 2007-06-29 | 2009-01-01 | Network Security Technologies, Inc. | Using imported data from security tools |
US7519954B1 (en) | 2004-04-08 | 2009-04-14 | Mcafee, Inc. | System and method of operating system identification |
US20090228698A1 (en) * | 2008-03-07 | 2009-09-10 | Qualcomm Incorporated | Method and Apparatus for Detecting Unauthorized Access to a Computing Device and Securely Communicating Information about such Unauthorized Access |
US20090228981A1 (en) * | 2008-03-07 | 2009-09-10 | Qualcomm Incorporated | Method For Securely Communicating Information About The Location Of A Compromised Computing Device |
US20090259748A1 (en) * | 2002-01-15 | 2009-10-15 | Mcclure Stuart C | System and method for network vulnerability detection and reporting |
US20090262659A1 (en) * | 2008-04-17 | 2009-10-22 | Sourcefire, Inc. | Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing |
US7665119B2 (en) | 2004-09-03 | 2010-02-16 | Secure Elements, Inc. | Policy-based selection of remediation |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US20100088767A1 (en) * | 2008-10-08 | 2010-04-08 | Sourcefire, Inc. | Target-based smb and dce/rpc processing for an intrusion detection system or intrusion prevention system |
KR100956574B1 (en) | 2004-07-13 | 2010-05-07 | 인터내셔널 비지네스 머신즈 코포레이션 | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
US7743421B2 (en) | 2005-05-18 | 2010-06-22 | Alcatel Lucent | Communication network security risk exposure management systems and methods |
US7779466B2 (en) | 2002-03-08 | 2010-08-17 | Mcafee, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US20110219230A1 (en) * | 2010-03-03 | 2011-09-08 | Jon Oberheide | System and method of notifying mobile devices to complete transactions |
US8042181B2 (en) | 2002-03-08 | 2011-10-18 | Mcafee, Inc. | Systems and methods for message threat management |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US8095984B2 (en) | 2005-09-22 | 2012-01-10 | Alcatel Lucent | Systems and methods of associating security vulnerabilities and assets |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8201257B1 (en) | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
US8204945B2 (en) | 2000-06-19 | 2012-06-19 | Stragent, Llc | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US8433790B2 (en) | 2010-06-11 | 2013-04-30 | Sourcefire, Inc. | System and method for assigning network blocks to sensors |
EP1630710A3 (en) * | 2004-07-21 | 2013-05-15 | Microsoft Corporation | Containment of worms |
US8549611B2 (en) | 2002-03-08 | 2013-10-01 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US8578002B1 (en) | 2003-05-12 | 2013-11-05 | Sourcefire, Inc. | Systems and methods for determining characteristics of a network and enforcing policy |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8601034B2 (en) | 2011-03-11 | 2013-12-03 | Sourcefire, Inc. | System and method for real time data awareness |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US8671182B2 (en) | 2010-06-22 | 2014-03-11 | Sourcefire, Inc. | System and method for resolving operating system or service identity conflicts |
US8677486B2 (en) | 2010-04-16 | 2014-03-18 | Sourcefire, Inc. | System and method for near-real time network attack detection, and system and method for unified detection via detection routing |
US20140137190A1 (en) * | 2012-11-09 | 2014-05-15 | Rapid7, Inc. | Methods and systems for passively detecting security levels in client devices |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US8893251B2 (en) | 2010-12-02 | 2014-11-18 | Duo Security, Inc. | System and method for embedded authentication |
US8893230B2 (en) | 2013-02-22 | 2014-11-18 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US8892885B2 (en) | 2011-08-31 | 2014-11-18 | Duo Security, Inc. | System and method for delivering a challenge response in an authentication protocol |
US20150033323A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Virtual patching system, method, and computer program product |
US20150033287A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20150033351A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20150033352A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
US20150033349A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20150040230A1 (en) * | 2003-07-01 | 2015-02-05 | Securityprofiling, Llc | Multi-path remediation |
US20150040231A1 (en) * | 2003-07-01 | 2015-02-05 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US8966639B1 (en) | 2014-02-14 | 2015-02-24 | Risk I/O, Inc. | Internet breach correlation |
US8984643B1 (en) * | 2014-02-14 | 2015-03-17 | Risk I/O, Inc. | Ordered computer vulnerability remediation reporting |
US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US9009084B2 (en) | 2002-10-21 | 2015-04-14 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis and network intrusion protection in an industrial environment |
US9053310B2 (en) | 2013-08-08 | 2015-06-09 | Duo Security, Inc. | System and method for verifying status of an authentication device through a biometric profile |
US9064024B2 (en) | 2007-08-21 | 2015-06-23 | Google Inc. | Bundle generation |
US9092302B2 (en) | 2013-09-10 | 2015-07-28 | Duo Security, Inc. | System and method for determining component version compatibility across a device ecosystem |
US20150235035A1 (en) * | 2012-04-12 | 2015-08-20 | Netflix, Inc | Method and system for improving security and reliability in a networked application environment |
US9117069B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US9152708B1 (en) | 2009-12-14 | 2015-10-06 | Google Inc. | Target-video specific co-watched video clusters |
US20150381642A1 (en) * | 2014-06-30 | 2015-12-31 | Electronics And Telecommunications Research Institute | Abnormal traffic detection apparatus and method based on modbus communication pattern learning |
US9282085B2 (en) | 2010-12-20 | 2016-03-08 | Duo Security, Inc. | System and method for digital user authentication |
US9338156B2 (en) | 2013-02-22 | 2016-05-10 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US9361451B2 (en) | 2011-10-07 | 2016-06-07 | Duo Security, Inc. | System and method for enforcing a policy for an authenticator device |
US20160234243A1 (en) * | 2015-02-06 | 2016-08-11 | Honeywell International Inc. | Technique for using infrastructure monitoring software to collect cyber-security risk data |
US9443073B2 (en) | 2013-08-08 | 2016-09-13 | Duo Security, Inc. | System and method for verifying status of an authentication device |
US9467463B2 (en) | 2011-09-02 | 2016-10-11 | Duo Security, Inc. | System and method for assessing vulnerability of a mobile device |
US9532222B2 (en) | 2010-03-03 | 2016-12-27 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US9607156B2 (en) * | 2013-02-22 | 2017-03-28 | Duo Security, Inc. | System and method for patching a device through exploitation |
US9608814B2 (en) | 2013-09-10 | 2017-03-28 | Duo Security, Inc. | System and method for centralized key distribution |
US20170169229A1 (en) * | 2015-12-10 | 2017-06-15 | Sap Se | Vulnerability analysis of software components |
US9762590B2 (en) | 2014-04-17 | 2017-09-12 | Duo Security, Inc. | System and method for an integrity focused authentication service |
US20170272460A1 (en) * | 2016-03-18 | 2017-09-21 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of smart devices |
US20170272459A1 (en) * | 2016-03-18 | 2017-09-21 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of a router |
US9774448B2 (en) | 2013-10-30 | 2017-09-26 | Duo Security, Inc. | System and methods for opportunistic cryptographic key management on an electronic device |
US9774579B2 (en) | 2015-07-27 | 2017-09-26 | Duo Security, Inc. | Method for key rotation |
CN107231367A (en) * | 2017-06-21 | 2017-10-03 | 北京奇虎科技有限公司 | Method for automatically notifying, device and the server of signature information |
US9800604B2 (en) | 2015-05-06 | 2017-10-24 | Honeywell International Inc. | Apparatus and method for assigning cyber-security risk consequences in industrial process control environments |
US20170359220A1 (en) * | 2016-06-02 | 2017-12-14 | Zscaler, Inc. | Cloud based systems and methods for determining and visualizing security risks of companies, users, and groups |
US9930060B2 (en) | 2015-06-01 | 2018-03-27 | Duo Security, Inc. | Method for enforcing endpoint health standards |
US9979719B2 (en) | 2015-01-06 | 2018-05-22 | Duo Security, Inc. | System and method for converting one-time passcodes to app-based authentication |
US10021119B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Apparatus and method for automatic handling of cyber-security risk events |
US10021125B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Infrastructure monitoring tool for collecting industrial process control and automation system risk data |
US10075475B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Apparatus and method for dynamic customization of cyber-security risk item rules |
US10075474B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications |
US10084812B2 (en) | 2016-03-18 | 2018-09-25 | AO Kaspersky Lab | Method and system of repairing vulnerabilities of smart devices |
US10089095B2 (en) * | 2015-05-06 | 2018-10-02 | Mcafee, Llc | Alerting the presence of bundled software during an installation |
US20190036955A1 (en) * | 2015-03-31 | 2019-01-31 | Juniper Networks, Inc | Detecting data exfiltration as the data exfiltration occurs or after the data exfiltration occurs |
WO2019079359A1 (en) * | 2017-10-19 | 2019-04-25 | T-Mobile Usa, Inc. | Efficient security threat remediation |
US10298608B2 (en) | 2015-02-11 | 2019-05-21 | Honeywell International Inc. | Apparatus and method for tying cyber-security risk analysis to common risk methodologies and risk levels |
US10412113B2 (en) | 2017-12-08 | 2019-09-10 | Duo Security, Inc. | Systems and methods for intelligently configuring computer security |
US10419472B2 (en) | 2016-03-18 | 2019-09-17 | AO Kaspersky Lab | System and method for repairing vulnerabilities of devices connected to a data network |
JP2021108189A (en) * | 2020-05-14 | 2021-07-29 | ベイジン バイドゥ ネットコム サイエンス テクノロジー カンパニー リミテッドBeijing Baidu Netcom Science Technology Co., Ltd. | Method for acquiring vulnerability feature, device, and electronic apparatus |
USRE48669E1 (en) * | 2009-11-18 | 2021-08-03 | Lookout, Inc. | System and method for identifying and [assessing] remediating vulnerabilities on a mobile communications device |
US11218503B2 (en) * | 2019-07-19 | 2022-01-04 | Jpmorgan Chase Bank, N.A. | System and method for implementing a vulnerability management module |
US11349877B2 (en) * | 2019-06-20 | 2022-05-31 | Servicenow, Inc. | Solution management systems and methods for addressing cybersecurity vulnerabilities |
US20220222350A1 (en) * | 2021-01-08 | 2022-07-14 | Capital One Services, Llc | Vulnerability dashboard and automated remediation |
CN115174379A (en) * | 2022-07-27 | 2022-10-11 | 西安热工研究院有限公司 | Vulnerability repair method and device of industrial control network and storage medium |
US20220414217A1 (en) * | 2013-11-13 | 2022-12-29 | Proofpoint Inc. | System and method of protecting client computers |
US11658962B2 (en) | 2018-12-07 | 2023-05-23 | Cisco Technology, Inc. | Systems and methods of push-based verification of a transaction |
US11695796B1 (en) * | 2020-12-10 | 2023-07-04 | Amazon Technologies, Inc. | Device vulnerability detection during device handshake |
Families Citing this family (173)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7882555B2 (en) * | 2001-03-16 | 2011-02-01 | Kavado, Inc. | Application layer security method and system |
US6513122B1 (en) | 2001-06-29 | 2003-01-28 | Networks Associates Technology, Inc. | Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities |
US7124181B1 (en) | 2001-06-29 | 2006-10-17 | Mcafee, Inc. | System, method and computer program product for improved efficiency in network assessment utilizing variable timeout values |
US7152105B2 (en) * | 2002-01-15 | 2006-12-19 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7664845B2 (en) * | 2002-01-15 | 2010-02-16 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7080141B1 (en) * | 2002-04-12 | 2006-07-18 | Cisco Technology, Inc. | Arrangement for automated fault detection and fault resolution of a network device |
IL149583A0 (en) * | 2002-05-09 | 2003-07-06 | Kavado Israel Ltd | Method for automatic setting and updating of a security policy |
US20040064722A1 (en) * | 2002-10-01 | 2004-04-01 | Dinesh Neelay | System and method for propagating patches to address vulnerabilities in computers |
US7188369B2 (en) * | 2002-10-03 | 2007-03-06 | Trend Micro, Inc. | System and method having an antivirus virtual scanning processor with plug-in functionalities |
US7827607B2 (en) * | 2002-11-27 | 2010-11-02 | Symantec Corporation | Enhanced client compliancy using database of security sensor data |
US7694343B2 (en) * | 2002-11-27 | 2010-04-06 | Symantec Corporation | Client compliancy in a NAT environment |
CA2509152A1 (en) * | 2002-12-13 | 2004-07-01 | Robin Hutchinson | Content management system |
FR2852123A1 (en) * | 2003-03-04 | 2004-09-10 | Paul Saravanane Marechal | Information system implementing and updating procedure, involves automatically generating information system from specifications related to one status, and deploying version on channels to set production related to another status |
AU2003233574B9 (en) * | 2003-05-17 | 2010-03-25 | Microsoft Corporation | Mechanism for evaluating security risks |
US20070118756A2 (en) * | 2003-07-01 | 2007-05-24 | Securityprofiling, Inc. | Policy-protection proxy |
US7430760B2 (en) * | 2003-12-05 | 2008-09-30 | Microsoft Corporation | Security-related programming interface |
US7661123B2 (en) * | 2003-12-05 | 2010-02-09 | Microsoft Corporation | Security policy update supporting at least one security service provider |
US7533413B2 (en) * | 2003-12-05 | 2009-05-12 | Microsoft Corporation | Method and system for processing events |
US20050138431A1 (en) * | 2003-12-23 | 2005-06-23 | Harrison Jay P. | Network protection software and method |
US8024783B2 (en) | 2004-01-22 | 2011-09-20 | Ryan Riley | Modular agent architecture |
US20050166198A1 (en) * | 2004-01-22 | 2005-07-28 | Autonomic Software, Inc., A California Corporation | Distributed policy driven software delivery |
US8146072B2 (en) * | 2004-07-30 | 2012-03-27 | Hewlett-Packard Development Company, L.P. | System and method for updating software on a computer |
US7793338B1 (en) | 2004-10-21 | 2010-09-07 | Mcafee, Inc. | System and method of network endpoint security |
US20060101519A1 (en) * | 2004-11-05 | 2006-05-11 | Lasswell Kevin W | Method to provide customized vulnerability information to a plurality of organizations |
US7895650B1 (en) * | 2004-12-15 | 2011-02-22 | Symantec Corporation | File system based risk profile transfer |
US7788723B2 (en) * | 2005-05-17 | 2010-08-31 | Computer Associates Think, Inc. | Method and apparatus for identifying computer vulnerabilities using exploit probes and remote scanning |
US20070067845A1 (en) * | 2005-09-22 | 2007-03-22 | Alcatel | Application of cut-sets to network interdependency security risk assessment |
US7805752B2 (en) * | 2005-11-09 | 2010-09-28 | Symantec Corporation | Dynamic endpoint compliance policy configuration |
US7680880B2 (en) * | 2006-04-25 | 2010-03-16 | Mcafee, Inc. | System and method for protecting a computer network |
US8055682B1 (en) | 2006-06-30 | 2011-11-08 | At&T Intellectual Property Ii, L.P. | Security information repository system and method thereof |
US8239915B1 (en) | 2006-06-30 | 2012-08-07 | Symantec Corporation | Endpoint management using trust rating data |
US8266701B2 (en) * | 2006-07-12 | 2012-09-11 | Verizon Services Corp. | Systems and methods for measuring cyber based risks in an enterprise organization |
US20080028065A1 (en) * | 2006-07-26 | 2008-01-31 | Nt Objectives, Inc. | Application threat modeling |
KR100817799B1 (en) * | 2006-10-13 | 2008-03-31 | 한국정보보호진흥원 | System and method for network vulnerability analysis using the multiple heterogeneous scanners |
GB2443459A (en) * | 2006-10-31 | 2008-05-07 | Hewlett Packard Development Co | Data packet incuding computing platform indication |
US8515912B2 (en) | 2010-07-15 | 2013-08-20 | Palantir Technologies, Inc. | Sharing and deconflicting data changes in a multimaster database system |
US8505092B2 (en) * | 2007-01-05 | 2013-08-06 | Trend Micro Incorporated | Dynamic provisioning of protection software in a host intrusion prevention system |
US7930747B2 (en) * | 2007-01-08 | 2011-04-19 | Trend Micro Incorporated | Host intrusion prevention server |
US20080244519A1 (en) * | 2007-03-30 | 2008-10-02 | Microsoft Corporation | Identifying, Correcting and Displaying Application Website and Device Compatibility Issues |
US8533841B2 (en) * | 2007-04-02 | 2013-09-10 | Microsoft Corporation | Deriving remediations from security compliance rules |
US8862752B2 (en) | 2007-04-11 | 2014-10-14 | Mcafee, Inc. | System, method, and computer program product for conditionally preventing the transfer of data based on a location thereof |
US8850587B2 (en) * | 2007-05-04 | 2014-09-30 | Wipro Limited | Network security scanner for enterprise protection |
US8793802B2 (en) | 2007-05-22 | 2014-07-29 | Mcafee, Inc. | System, method, and computer program product for preventing data leakage utilizing a map of data |
US8661534B2 (en) | 2007-06-26 | 2014-02-25 | Microsoft Corporation | Security system with compliance checking and remediation |
US20090038014A1 (en) * | 2007-07-31 | 2009-02-05 | Paul Force | System and method for tracking remediation of security vulnerabilities |
US8181173B2 (en) * | 2007-10-12 | 2012-05-15 | International Business Machines Corporation | Determining priority for installing a patch into multiple patch recipients of a network |
US7996896B2 (en) | 2007-10-19 | 2011-08-09 | Trend Micro Incorporated | System for regulating host security configuration |
US20090144828A1 (en) * | 2007-12-04 | 2009-06-04 | Microsoft Corporation | Rapid signatures for protecting vulnerable browser configurations |
US9824372B1 (en) | 2008-02-11 | 2017-11-21 | Google Llc | Associating advertisements with videos |
US20100095235A1 (en) * | 2008-04-08 | 2010-04-15 | Allgress, Inc. | Enterprise Information Security Management Software Used to Prove Return on Investment of Security Projects and Activities Using Interactive Graphs |
US8689335B2 (en) * | 2008-06-25 | 2014-04-01 | Microsoft Corporation | Mapping between users and machines in an enterprise security assessment sharing system |
US8286255B2 (en) * | 2008-08-07 | 2012-10-09 | Sophos Plc | Computer file control through file tagging |
US9367680B2 (en) | 2008-10-21 | 2016-06-14 | Lookout, Inc. | System and method for mobile communication device application advisement |
US8060936B2 (en) | 2008-10-21 | 2011-11-15 | Lookout, Inc. | Security status and information display system |
US8051480B2 (en) | 2008-10-21 | 2011-11-01 | Lookout, Inc. | System and method for monitoring and analyzing multiple interfaces and multiple protocols |
US8533844B2 (en) | 2008-10-21 | 2013-09-10 | Lookout, Inc. | System and method for security data collection and analysis |
US8347386B2 (en) | 2008-10-21 | 2013-01-01 | Lookout, Inc. | System and method for server-coupled malware prevention |
US8108933B2 (en) | 2008-10-21 | 2012-01-31 | Lookout, Inc. | System and method for attack and malware prevention |
US9781148B2 (en) | 2008-10-21 | 2017-10-03 | Lookout, Inc. | Methods and systems for sharing risk responses between collections of mobile communications devices |
US8984628B2 (en) | 2008-10-21 | 2015-03-17 | Lookout, Inc. | System and method for adverse mobile application identification |
US8087067B2 (en) | 2008-10-21 | 2011-12-27 | Lookout, Inc. | Secure mobile platform system |
US9043919B2 (en) | 2008-10-21 | 2015-05-26 | Lookout, Inc. | Crawling multiple markets and correlating |
US9235704B2 (en) | 2008-10-21 | 2016-01-12 | Lookout, Inc. | System and method for a scanning API |
US8707439B2 (en) * | 2008-12-19 | 2014-04-22 | Microsoft Corporation | Selecting security offerings |
US8448245B2 (en) * | 2009-01-17 | 2013-05-21 | Stopthehacker.com, Jaal LLC | Automated identification of phishing, phony and malicious web sites |
US8538815B2 (en) | 2009-02-17 | 2013-09-17 | Lookout, Inc. | System and method for mobile device replacement |
US8467768B2 (en) | 2009-02-17 | 2013-06-18 | Lookout, Inc. | System and method for remotely securing or recovering a mobile device |
US8855601B2 (en) | 2009-02-17 | 2014-10-07 | Lookout, Inc. | System and method for remotely-initiated audio communication |
US9042876B2 (en) | 2009-02-17 | 2015-05-26 | Lookout, Inc. | System and method for uploading location information based on device movement |
US9955352B2 (en) | 2009-02-17 | 2018-04-24 | Lookout, Inc. | Methods and systems for addressing mobile communications devices that are lost or stolen but not yet reported as such |
US8516594B2 (en) * | 2009-04-24 | 2013-08-20 | Jeff Bennett | Enterprise information security management software for prediction modeling with interactive graphs |
CN101964780B (en) * | 2010-01-28 | 2012-11-28 | 北京邮电大学 | Method and system for analyzing vulnerability of IP multimedia subsystem network |
US9544328B1 (en) * | 2010-03-31 | 2017-01-10 | Trend Micro Incorporated | Methods and apparatus for providing mitigations to particular computers |
US8839433B2 (en) * | 2010-11-18 | 2014-09-16 | Comcast Cable Communications, Llc | Secure notification on networked devices |
US8646086B2 (en) | 2010-11-22 | 2014-02-04 | International Business Machines Corporation | Image vulnerability repair in a networked computing environment |
US9501650B2 (en) | 2011-05-31 | 2016-11-22 | Hewlett Packard Enterprise Development Lp | Application security testing |
KR101745758B1 (en) | 2011-05-31 | 2017-06-09 | 휴렛 팩커드 엔터프라이즈 디벨롭먼트 엘피 | Application security testing |
US8738765B2 (en) | 2011-06-14 | 2014-05-27 | Lookout, Inc. | Mobile device DNS optimization |
US8788881B2 (en) | 2011-08-17 | 2014-07-22 | Lookout, Inc. | System and method for mobile device push communications |
US9589129B2 (en) | 2012-06-05 | 2017-03-07 | Lookout, Inc. | Determining source of side-loaded software |
US9407443B2 (en) | 2012-06-05 | 2016-08-02 | Lookout, Inc. | Component analysis of software applications on computing devices |
US9081975B2 (en) | 2012-10-22 | 2015-07-14 | Palantir Technologies, Inc. | Sharing information between nexuses that use different classification schemes for information access control |
US8655307B1 (en) | 2012-10-26 | 2014-02-18 | Lookout, Inc. | System and method for developing, updating, and using user device behavioral context models to modify user, device, and application state, settings and behavior for enhanced user security |
US9501761B2 (en) | 2012-11-05 | 2016-11-22 | Palantir Technologies, Inc. | System and method for sharing investigation results |
US9208215B2 (en) | 2012-12-27 | 2015-12-08 | Lookout, Inc. | User classification based on data gathered from a computing device |
US9374369B2 (en) | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US8855599B2 (en) | 2012-12-31 | 2014-10-07 | Lookout, Inc. | Method and apparatus for auxiliary communications with mobile communications device |
US9424409B2 (en) | 2013-01-10 | 2016-08-23 | Lookout, Inc. | Method and system for protecting privacy and enhancing security on an electronic device |
US9953169B2 (en) | 2013-02-28 | 2018-04-24 | Entit Software Llc | Modify execution of application under test so user is power user |
US9405915B2 (en) * | 2013-03-14 | 2016-08-02 | Whitehat Security, Inc. | Techniques for correlating vulnerabilities across an evolving codebase |
US8788405B1 (en) | 2013-03-15 | 2014-07-22 | Palantir Technologies, Inc. | Generating data clusters with customizable analysis strategies |
US9965937B2 (en) | 2013-03-15 | 2018-05-08 | Palantir Technologies Inc. | External malware data item clustering and analysis |
WO2014182738A1 (en) | 2013-05-06 | 2014-11-13 | Staples, Inc. | It vulnerability management system |
US9335897B2 (en) | 2013-08-08 | 2016-05-10 | Palantir Technologies Inc. | Long click display of a context menu |
US9642008B2 (en) | 2013-10-25 | 2017-05-02 | Lookout, Inc. | System and method for creating and assigning a policy for a mobile communications device based on personal data |
US10122747B2 (en) | 2013-12-06 | 2018-11-06 | Lookout, Inc. | Response generation after distributed monitoring and evaluation of multiple devices |
US9753796B2 (en) | 2013-12-06 | 2017-09-05 | Lookout, Inc. | Distributed monitoring, evaluation, and response for multiple devices |
US10356032B2 (en) | 2013-12-26 | 2019-07-16 | Palantir Technologies Inc. | System and method for detecting confidential information emails |
US9338013B2 (en) | 2013-12-30 | 2016-05-10 | Palantir Technologies Inc. | Verifiable redactable audit log |
US8832832B1 (en) | 2014-01-03 | 2014-09-09 | Palantir Technologies Inc. | IP reputation |
US9009827B1 (en) | 2014-02-20 | 2015-04-14 | Palantir Technologies Inc. | Security sharing system |
US9503467B2 (en) | 2014-05-22 | 2016-11-22 | Accenture Global Services Limited | Network anomaly detection |
US9535974B1 (en) | 2014-06-30 | 2017-01-03 | Palantir Technologies Inc. | Systems and methods for identifying key phrase clusters within documents |
US9619557B2 (en) | 2014-06-30 | 2017-04-11 | Palantir Technologies, Inc. | Systems and methods for key phrase characterization of documents |
US9256664B2 (en) | 2014-07-03 | 2016-02-09 | Palantir Technologies Inc. | System and method for news events detection and visualization |
US9021260B1 (en) | 2014-07-03 | 2015-04-28 | Palantir Technologies Inc. | Malware data item analysis |
US10572496B1 (en) | 2014-07-03 | 2020-02-25 | Palantir Technologies Inc. | Distributed workflow system and database with access controls for city resiliency |
US9202249B1 (en) | 2014-07-03 | 2015-12-01 | Palantir Technologies Inc. | Data item clustering and analysis |
US9785773B2 (en) | 2014-07-03 | 2017-10-10 | Palantir Technologies Inc. | Malware data item analysis |
US9419992B2 (en) | 2014-08-13 | 2016-08-16 | Palantir Technologies Inc. | Unwanted tunneling alert system |
US9043894B1 (en) | 2014-11-06 | 2015-05-26 | Palantir Technologies Inc. | Malicious software detection in a computing system |
US10216938B2 (en) * | 2014-12-05 | 2019-02-26 | T-Mobile Usa, Inc. | Recombinant threat modeling |
US10574675B2 (en) | 2014-12-05 | 2020-02-25 | T-Mobile Usa, Inc. | Similarity search for discovering multiple vector attacks |
US9367872B1 (en) | 2014-12-22 | 2016-06-14 | Palantir Technologies Inc. | Systems and user interfaces for dynamic and interactive investigation of bad actor behavior based on automatic clustering of related data in various data structures |
US9467455B2 (en) | 2014-12-29 | 2016-10-11 | Palantir Technologies Inc. | Systems for network risk assessment including processing of user access rights associated with a network of devices |
US9648036B2 (en) | 2014-12-29 | 2017-05-09 | Palantir Technologies Inc. | Systems for network risk assessment including processing of user access rights associated with a network of devices |
US10372879B2 (en) | 2014-12-31 | 2019-08-06 | Palantir Technologies Inc. | Medical claims lead summary report generation |
US9594913B2 (en) * | 2015-01-28 | 2017-03-14 | Wal-Mart Stores, Inc. | System, method, and non-transitory computer-readable storage media for analyzing software application modules and provide actionable intelligence on remediation efforts |
CN104614624A (en) * | 2015-02-13 | 2015-05-13 | 东南大学 | Power system vulnerability detecting method based on power communication interaction |
US9641341B2 (en) | 2015-03-31 | 2017-05-02 | Duo Security, Inc. | Method for distributed trust authentication |
WO2016178816A1 (en) | 2015-05-01 | 2016-11-10 | Lookout, Inc. | Determining source of side-loaded software |
US9407652B1 (en) | 2015-06-26 | 2016-08-02 | Palantir Technologies Inc. | Network anomaly detection |
US9456000B1 (en) | 2015-08-06 | 2016-09-27 | Palantir Technologies Inc. | Systems, methods, user interfaces, and computer-readable media for investigating potential malicious communications |
US9979743B2 (en) | 2015-08-13 | 2018-05-22 | Accenture Global Services Limited | Computer asset vulnerabilities |
US10489391B1 (en) | 2015-08-17 | 2019-11-26 | Palantir Technologies Inc. | Systems and methods for grouping and enriching data items accessed from one or more databases for presentation in a user interface |
US10102369B2 (en) | 2015-08-19 | 2018-10-16 | Palantir Technologies Inc. | Checkout system executable code monitoring, and user account compromise determination system |
US9537880B1 (en) | 2015-08-19 | 2017-01-03 | Palantir Technologies Inc. | Anomalous network monitoring, user behavior detection and database system |
US9886582B2 (en) | 2015-08-31 | 2018-02-06 | Accenture Global Sevices Limited | Contextualization of threat data |
US10044745B1 (en) | 2015-10-12 | 2018-08-07 | Palantir Technologies, Inc. | Systems for computer network security risk assessment including user compromise analysis associated with a network of devices |
US9888039B2 (en) | 2015-12-28 | 2018-02-06 | Palantir Technologies Inc. | Network-based permissioning system |
US9916465B1 (en) | 2015-12-29 | 2018-03-13 | Palantir Technologies Inc. | Systems and methods for automatic and customizable data minimization of electronic data stores |
US20180270265A1 (en) * | 2016-05-13 | 2018-09-20 | Ola Sage | System and Method For Assessing Network Security Risks |
US10498711B1 (en) | 2016-05-20 | 2019-12-03 | Palantir Technologies Inc. | Providing a booting key to a remote system |
US10084802B1 (en) | 2016-06-21 | 2018-09-25 | Palantir Technologies Inc. | Supervisory control and data acquisition |
US10291637B1 (en) | 2016-07-05 | 2019-05-14 | Palantir Technologies Inc. | Network anomaly detection and profiling |
US10698927B1 (en) | 2016-08-30 | 2020-06-30 | Palantir Technologies Inc. | Multiple sensor session and log information compression and correlation system |
US20180103044A1 (en) * | 2016-10-10 | 2018-04-12 | Richard E. Malinowski | Anti-malware client |
GB201617620D0 (en) * | 2016-10-18 | 2016-11-30 | Cybernetica As | Composite digital signatures |
US10728262B1 (en) | 2016-12-21 | 2020-07-28 | Palantir Technologies Inc. | Context-aware network-based malicious activity warning systems |
US10754872B2 (en) | 2016-12-28 | 2020-08-25 | Palantir Technologies Inc. | Automatically executing tasks and configuring access control lists in a data transformation system |
US10721262B2 (en) | 2016-12-28 | 2020-07-21 | Palantir Technologies Inc. | Resource-centric network cyber attack warning system |
CN110506268A (en) | 2017-03-28 | 2019-11-26 | 日本电气株式会社 | Signature generates equipment, signature production method and the non-transitory computer-readable medium for storing program |
US10218697B2 (en) | 2017-06-09 | 2019-02-26 | Lookout, Inc. | Use of device risk evaluation to manage access to services |
US10027551B1 (en) | 2017-06-29 | 2018-07-17 | Palantir Technologies, Inc. | Access controls through node-based effective policy identifiers |
US10963465B1 (en) | 2017-08-25 | 2021-03-30 | Palantir Technologies Inc. | Rapid importation of data including temporally tracked object recognition |
US10984427B1 (en) | 2017-09-13 | 2021-04-20 | Palantir Technologies Inc. | Approaches for analyzing entity relationships |
US10540496B2 (en) * | 2017-09-29 | 2020-01-21 | International Business Machines Corporation | Dynamic re-composition of patch groups using stream clustering |
US10079832B1 (en) | 2017-10-18 | 2018-09-18 | Palantir Technologies Inc. | Controlling user creation of data resources on a data processing platform |
GB201716170D0 (en) | 2017-10-04 | 2017-11-15 | Palantir Technologies Inc | Controlling user creation of data resources on a data processing platform |
US10250401B1 (en) | 2017-11-29 | 2019-04-02 | Palantir Technologies Inc. | Systems and methods for providing category-sensitive chat channels |
US11133925B2 (en) | 2017-12-07 | 2021-09-28 | Palantir Technologies Inc. | Selective access to encrypted logs |
US10142349B1 (en) | 2018-02-22 | 2018-11-27 | Palantir Technologies Inc. | Verifying network-based permissioning rights |
US10819731B2 (en) | 2018-02-06 | 2020-10-27 | Bank Of America Corporation | Exception remediation logic rolling platform |
US11089042B2 (en) * | 2018-02-06 | 2021-08-10 | Bank Of America Corporation | Vulnerability consequence triggering system for application freeze and removal |
US10862915B2 (en) | 2018-02-06 | 2020-12-08 | Bank Of America Corporation | Exception remediation logic routing and suppression platform |
US11265340B2 (en) | 2018-02-06 | 2022-03-01 | Bank Of America Corporation | Exception remediation acceptable use logic platform |
US10812502B2 (en) | 2018-02-06 | 2020-10-20 | Bank Of America Corporation | Network device owner identification and communication triggering system |
US10878051B1 (en) | 2018-03-30 | 2020-12-29 | Palantir Technologies Inc. | Mapping device identifiers |
EP4290400A3 (en) | 2018-04-03 | 2024-03-06 | Palantir Technologies Inc. | Controlling access to computer resources |
US10749889B2 (en) * | 2018-05-07 | 2020-08-18 | Servicenow, Inc. | Rule-based remediation of vulnerabilities in a managed network |
US10949400B2 (en) | 2018-05-09 | 2021-03-16 | Palantir Technologies Inc. | Systems and methods for tamper-resistant activity logging |
US11244063B2 (en) | 2018-06-11 | 2022-02-08 | Palantir Technologies Inc. | Row-level and column-level policy service |
US11030322B2 (en) | 2018-10-24 | 2021-06-08 | International Business Machines Corporation | Recommending the most relevant and urgent vulnerabilities within a security management system |
US11374958B2 (en) * | 2018-10-31 | 2022-06-28 | International Business Machines Corporation | Security protection rule prediction and enforcement |
US11277429B2 (en) | 2018-11-20 | 2022-03-15 | Saudi Arabian Oil Company | Cybersecurity vulnerability classification and remediation based on network utilization |
EP3694173B1 (en) | 2019-02-08 | 2022-09-21 | Palantir Technologies Inc. | Isolating applications associated with multiple tenants within a computing platform |
US11290491B2 (en) * | 2019-03-14 | 2022-03-29 | Oracle International Corporation | Methods, systems, and computer readable media for utilizing a security service engine to assess security vulnerabilities on a security gateway element |
CN111164948B (en) * | 2019-06-27 | 2022-05-27 | 创新先进技术有限公司 | Managing network security vulnerabilities using blockchain networks |
US11704441B2 (en) | 2019-09-03 | 2023-07-18 | Palantir Technologies Inc. | Charter-based access controls for managing computer resources |
US10761889B1 (en) | 2019-09-18 | 2020-09-01 | Palantir Technologies Inc. | Systems and methods for autoscaling instance groups of computing platforms |
US11363041B2 (en) | 2020-05-15 | 2022-06-14 | International Business Machines Corporation | Protecting computer assets from malicious attacks |
US11176024B1 (en) | 2020-09-23 | 2021-11-16 | International Business Machines Corporation | Software patch application and testing optimization |
AU2021269370A1 (en) * | 2020-12-18 | 2022-07-07 | The Boeing Company | Systems and methods for context aware cybersecurity |
Citations (54)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4954941A (en) * | 1988-08-31 | 1990-09-04 | Bell Communications Research, Inc. | Method and apparatus for program updating |
US4999806A (en) * | 1987-09-04 | 1991-03-12 | Fred Chernow | Software distribution system |
US5581764A (en) * | 1993-04-30 | 1996-12-03 | Novadigm, Inc. | Distributed computer network including hierarchical resource information structure and related method of distributing resources |
US5649187A (en) * | 1989-04-28 | 1997-07-15 | Softel, Inc. | Method and apparatus for remotely controlling and monitoring the use of computer software |
US5699275A (en) * | 1995-04-12 | 1997-12-16 | Highwaymaster Communications, Inc. | System and method for remote patching of operating code located in a mobile unit |
US5742829A (en) * | 1995-03-10 | 1998-04-21 | Microsoft Corporation | Automatic software installation on heterogeneous networked client computer systems |
US5764913A (en) * | 1996-04-05 | 1998-06-09 | Microsoft Corporation | Computer network status monitoring system |
US5771347A (en) * | 1994-05-20 | 1998-06-23 | International Business Machines Corp. | Apparatus and method to allow a user a trial period before licensing a software program product |
US5799002A (en) * | 1996-07-02 | 1998-08-25 | Microsoft Corporation | Adaptive bandwidth throttling for network services |
US5805897A (en) * | 1992-07-31 | 1998-09-08 | International Business Machines Corporation | System and method for remote software configuration and distribution |
US5809329A (en) * | 1994-05-27 | 1998-09-15 | Microsoft Corporation | System for managing the configuration of a computer system |
US5852812A (en) * | 1995-08-23 | 1998-12-22 | Microsoft Corporation | Billing system for a network |
US5854794A (en) * | 1996-12-16 | 1998-12-29 | Ag Communication Systems Corporation | Digital transmission framing system |
US5860012A (en) * | 1993-09-30 | 1999-01-12 | Intel Corporation | Installation of application software through a network from a source computer system on to a target computer system |
US5919247A (en) * | 1996-07-24 | 1999-07-06 | Marimba, Inc. | Method for the distribution of code and data updates |
US5933826A (en) * | 1997-03-21 | 1999-08-03 | Novell, Inc. | Method and apparatus for securing and storing executable content |
US5933646A (en) * | 1996-05-10 | 1999-08-03 | Apple Computer, Inc. | Software manager for administration of a computer operating system |
US5974454A (en) * | 1997-11-14 | 1999-10-26 | Microsoft Corporation | Method and system for installing and updating program module components |
US5991802A (en) * | 1996-11-27 | 1999-11-23 | Microsoft Corporation | Method and system for invoking methods of objects over the internet |
US6016499A (en) * | 1997-07-21 | 2000-01-18 | Novell, Inc. | System and method for accessing a directory services respository |
US6029247A (en) * | 1996-12-09 | 2000-02-22 | Novell, Inc. | Method and apparatus for transmitting secured data |
US6052710A (en) * | 1996-06-28 | 2000-04-18 | Microsoft Corporation | System and method for making function calls over a distributed network |
US6061740A (en) * | 1996-12-09 | 2000-05-09 | Novell, Inc. | Method and apparatus for heterogeneous network management |
US6073214A (en) * | 1995-11-27 | 2000-06-06 | Microsoft Corporation | Method and system for identifying and obtaining computer software from a remote computer |
US6078945A (en) * | 1995-06-21 | 2000-06-20 | Tao Group Limited | Operating system for use with computer networks incorporating two or more data processors linked together for parallel processing and incorporating improved dynamic load-sharing techniques |
US6094679A (en) * | 1998-01-16 | 2000-07-25 | Microsoft Corporation | Distribution of software in a computer network environment |
US6108649A (en) * | 1998-03-03 | 2000-08-22 | Novell, Inc. | Method and system for supplanting a first name base with a second name base |
US6138157A (en) * | 1998-10-12 | 2000-10-24 | Freshwater Software, Inc. | Method and apparatus for testing web sites |
US6151708A (en) * | 1997-12-19 | 2000-11-21 | Microsoft Corporation | Determining program update availability via set intersection over a sub-optical pathway |
US6151643A (en) * | 1996-06-07 | 2000-11-21 | Networks Associates, Inc. | Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer |
US6157618A (en) * | 1999-01-26 | 2000-12-05 | Microsoft Corporation | Distributed internet user experience monitoring system |
US6202207B1 (en) * | 1998-01-28 | 2001-03-13 | International Business Machines Corporation | Method and a mechanism for synchronized updating of interoperating software |
US6219675B1 (en) * | 1997-06-05 | 2001-04-17 | Microsoft Corporation | Distribution of a centralized database |
US6243766B1 (en) * | 1998-06-08 | 2001-06-05 | Microsoft Corporation | Method and system for updating software with smaller patch files |
US6256668B1 (en) * | 1996-04-18 | 2001-07-03 | Microsoft Corporation | Method for identifying and obtaining computer software from a network computer using a tag |
US6263362B1 (en) * | 1998-09-01 | 2001-07-17 | Bigfix, Inc. | Inspector for computed relevance messaging |
US6269456B1 (en) * | 1997-12-31 | 2001-07-31 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
US6272677B1 (en) * | 1998-08-28 | 2001-08-07 | International Business Machines Corporation | Method and system for automatic detection and distribution of code version updates |
US6279156B1 (en) * | 1999-01-26 | 2001-08-21 | Dell Usa, L.P. | Method of installing software on and/or testing a computer system |
US6279113B1 (en) * | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6282712B1 (en) * | 1995-03-10 | 2001-08-28 | Microsoft Corporation | Automatic software installation on heterogeneous networked computer systems |
US6282175B1 (en) * | 1998-04-23 | 2001-08-28 | Hewlett-Packard Company | Method for tracking configuration changes in networks of computer systems through historical monitoring of configuration status of devices on the network. |
US6281790B1 (en) * | 1999-09-01 | 2001-08-28 | Net Talon Security Systems, Inc. | Method and apparatus for remotely monitoring a site |
US6282709B1 (en) * | 1997-11-12 | 2001-08-28 | Philips Electronics North America Corporation | Software update manager |
US6298445B1 (en) * | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US6307841B1 (en) * | 1995-08-16 | 2001-10-23 | Telstra Corporation Limited | Network analysis system |
US20020026591A1 (en) * | 1998-06-15 | 2002-02-28 | Hartley Bruce V. | Method and apparatus for assessing the security of a computer system |
US20020087882A1 (en) * | 2000-03-16 | 2002-07-04 | Bruce Schneier | Mehtod and system for dynamic network intrusion monitoring detection and response |
US20020100036A1 (en) * | 2000-09-22 | 2002-07-25 | Patchlink.Com Corporation | Non-invasive automatic offsite patch fingerprinting and updating system and method |
US20030135749A1 (en) * | 2001-10-31 | 2003-07-17 | Gales George S. | System and method of defining the security vulnerabilities of a computer system |
US20040003266A1 (en) * | 2000-09-22 | 2004-01-01 | Patchlink Corporation | Non-invasive automatic offsite patch fingerprinting and updating system and method |
US6721713B1 (en) * | 1999-05-27 | 2004-04-13 | Andersen Consulting Llp | Business alliance identification in a web architecture framework |
US6766458B1 (en) * | 2000-10-03 | 2004-07-20 | Networks Associates Technology, Inc. | Testing a computer system |
US6859793B1 (en) * | 2002-12-19 | 2005-02-22 | Networks Associates Technology, Inc. | Software license reporting and control system and method |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09214493A (en) * | 1996-02-08 | 1997-08-15 | Hitachi Ltd | Network system |
US5960170A (en) * | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
JPH11194929A (en) * | 1997-12-26 | 1999-07-21 | Nec Corp | Client-side program management method in client-server system |
US6324656B1 (en) * | 1998-06-30 | 2001-11-27 | Cisco Technology, Inc. | System and method for rules-driven multi-phase network vulnerability assessment |
US6347375B1 (en) * | 1998-07-08 | 2002-02-12 | Ontrack Data International, Inc | Apparatus and method for remote virus diagnosis and repair |
US6751661B1 (en) * | 2000-06-22 | 2004-06-15 | Applied Systems Intelligence, Inc. | Method and system for providing intelligent network management |
-
2002
- 2002-12-31 US US10/335,490 patent/US7000247B2/en not_active Expired - Lifetime
- 2002-12-31 BR BR0215388-2A patent/BR0215388A/en not_active IP Right Cessation
- 2002-12-31 JP JP2003558701A patent/JP2005532606A/en active Pending
- 2002-12-31 KR KR10-2004-7008944A patent/KR20040069324A/en not_active Application Discontinuation
- 2002-12-31 CN CNA028265742A patent/CN1610887A/en active Pending
- 2002-12-31 AU AU2002360844A patent/AU2002360844A1/en not_active Abandoned
- 2002-12-31 WO PCT/US2002/041819 patent/WO2003058457A1/en not_active Application Discontinuation
- 2002-12-31 EP EP02796133A patent/EP1461707A1/en not_active Withdrawn
- 2002-12-31 CA CA002472268A patent/CA2472268A1/en not_active Abandoned
- 2002-12-31 MX MXPA04006473A patent/MXPA04006473A/en unknown
-
2004
- 2004-07-27 NO NO20043189A patent/NO20043189L/en not_active Application Discontinuation
- 2004-12-10 US US11/009,782 patent/US7308712B2/en not_active Expired - Fee Related
Patent Citations (55)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4999806A (en) * | 1987-09-04 | 1991-03-12 | Fred Chernow | Software distribution system |
US4954941A (en) * | 1988-08-31 | 1990-09-04 | Bell Communications Research, Inc. | Method and apparatus for program updating |
US5649187A (en) * | 1989-04-28 | 1997-07-15 | Softel, Inc. | Method and apparatus for remotely controlling and monitoring the use of computer software |
US5805897A (en) * | 1992-07-31 | 1998-09-08 | International Business Machines Corporation | System and method for remote software configuration and distribution |
US5581764A (en) * | 1993-04-30 | 1996-12-03 | Novadigm, Inc. | Distributed computer network including hierarchical resource information structure and related method of distributing resources |
US5860012A (en) * | 1993-09-30 | 1999-01-12 | Intel Corporation | Installation of application software through a network from a source computer system on to a target computer system |
US5771347A (en) * | 1994-05-20 | 1998-06-23 | International Business Machines Corp. | Apparatus and method to allow a user a trial period before licensing a software program product |
US5809329A (en) * | 1994-05-27 | 1998-09-15 | Microsoft Corporation | System for managing the configuration of a computer system |
US5742829A (en) * | 1995-03-10 | 1998-04-21 | Microsoft Corporation | Automatic software installation on heterogeneous networked client computer systems |
US6282712B1 (en) * | 1995-03-10 | 2001-08-28 | Microsoft Corporation | Automatic software installation on heterogeneous networked computer systems |
US5699275A (en) * | 1995-04-12 | 1997-12-16 | Highwaymaster Communications, Inc. | System and method for remote patching of operating code located in a mobile unit |
US6078945A (en) * | 1995-06-21 | 2000-06-20 | Tao Group Limited | Operating system for use with computer networks incorporating two or more data processors linked together for parallel processing and incorporating improved dynamic load-sharing techniques |
US6307841B1 (en) * | 1995-08-16 | 2001-10-23 | Telstra Corporation Limited | Network analysis system |
US5852812A (en) * | 1995-08-23 | 1998-12-22 | Microsoft Corporation | Billing system for a network |
US6073214A (en) * | 1995-11-27 | 2000-06-06 | Microsoft Corporation | Method and system for identifying and obtaining computer software from a remote computer |
US5764913A (en) * | 1996-04-05 | 1998-06-09 | Microsoft Corporation | Computer network status monitoring system |
US6256668B1 (en) * | 1996-04-18 | 2001-07-03 | Microsoft Corporation | Method for identifying and obtaining computer software from a network computer using a tag |
US5933646A (en) * | 1996-05-10 | 1999-08-03 | Apple Computer, Inc. | Software manager for administration of a computer operating system |
US6151643A (en) * | 1996-06-07 | 2000-11-21 | Networks Associates, Inc. | Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer |
US6052710A (en) * | 1996-06-28 | 2000-04-18 | Microsoft Corporation | System and method for making function calls over a distributed network |
US5799002A (en) * | 1996-07-02 | 1998-08-25 | Microsoft Corporation | Adaptive bandwidth throttling for network services |
US5919247A (en) * | 1996-07-24 | 1999-07-06 | Marimba, Inc. | Method for the distribution of code and data updates |
US5991802A (en) * | 1996-11-27 | 1999-11-23 | Microsoft Corporation | Method and system for invoking methods of objects over the internet |
US6029247A (en) * | 1996-12-09 | 2000-02-22 | Novell, Inc. | Method and apparatus for transmitting secured data |
US6061740A (en) * | 1996-12-09 | 2000-05-09 | Novell, Inc. | Method and apparatus for heterogeneous network management |
US5854794A (en) * | 1996-12-16 | 1998-12-29 | Ag Communication Systems Corporation | Digital transmission framing system |
US5933826A (en) * | 1997-03-21 | 1999-08-03 | Novell, Inc. | Method and apparatus for securing and storing executable content |
US6219675B1 (en) * | 1997-06-05 | 2001-04-17 | Microsoft Corporation | Distribution of a centralized database |
US6016499A (en) * | 1997-07-21 | 2000-01-18 | Novell, Inc. | System and method for accessing a directory services respository |
US6282709B1 (en) * | 1997-11-12 | 2001-08-28 | Philips Electronics North America Corporation | Software update manager |
US5974454A (en) * | 1997-11-14 | 1999-10-26 | Microsoft Corporation | Method and system for installing and updating program module components |
US6151708A (en) * | 1997-12-19 | 2000-11-21 | Microsoft Corporation | Determining program update availability via set intersection over a sub-optical pathway |
US6269456B1 (en) * | 1997-12-31 | 2001-07-31 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
US6094679A (en) * | 1998-01-16 | 2000-07-25 | Microsoft Corporation | Distribution of software in a computer network environment |
US6202207B1 (en) * | 1998-01-28 | 2001-03-13 | International Business Machines Corporation | Method and a mechanism for synchronized updating of interoperating software |
US6108649A (en) * | 1998-03-03 | 2000-08-22 | Novell, Inc. | Method and system for supplanting a first name base with a second name base |
US6279113B1 (en) * | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6282175B1 (en) * | 1998-04-23 | 2001-08-28 | Hewlett-Packard Company | Method for tracking configuration changes in networks of computer systems through historical monitoring of configuration status of devices on the network. |
US6298445B1 (en) * | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US6243766B1 (en) * | 1998-06-08 | 2001-06-05 | Microsoft Corporation | Method and system for updating software with smaller patch files |
US20020026591A1 (en) * | 1998-06-15 | 2002-02-28 | Hartley Bruce V. | Method and apparatus for assessing the security of a computer system |
US6272677B1 (en) * | 1998-08-28 | 2001-08-07 | International Business Machines Corporation | Method and system for automatic detection and distribution of code version updates |
US6263362B1 (en) * | 1998-09-01 | 2001-07-17 | Bigfix, Inc. | Inspector for computed relevance messaging |
US6138157A (en) * | 1998-10-12 | 2000-10-24 | Freshwater Software, Inc. | Method and apparatus for testing web sites |
US6157618A (en) * | 1999-01-26 | 2000-12-05 | Microsoft Corporation | Distributed internet user experience monitoring system |
US6279156B1 (en) * | 1999-01-26 | 2001-08-21 | Dell Usa, L.P. | Method of installing software on and/or testing a computer system |
US6721713B1 (en) * | 1999-05-27 | 2004-04-13 | Andersen Consulting Llp | Business alliance identification in a web architecture framework |
US6281790B1 (en) * | 1999-09-01 | 2001-08-28 | Net Talon Security Systems, Inc. | Method and apparatus for remotely monitoring a site |
US20020087882A1 (en) * | 2000-03-16 | 2002-07-04 | Bruce Schneier | Mehtod and system for dynamic network intrusion monitoring detection and response |
US20020100036A1 (en) * | 2000-09-22 | 2002-07-25 | Patchlink.Com Corporation | Non-invasive automatic offsite patch fingerprinting and updating system and method |
US20040003266A1 (en) * | 2000-09-22 | 2004-01-01 | Patchlink Corporation | Non-invasive automatic offsite patch fingerprinting and updating system and method |
US6766458B1 (en) * | 2000-10-03 | 2004-07-20 | Networks Associates Technology, Inc. | Testing a computer system |
US20030135749A1 (en) * | 2001-10-31 | 2003-07-17 | Gales George S. | System and method of defining the security vulnerabilities of a computer system |
US6859793B1 (en) * | 2002-12-19 | 2005-02-22 | Networks Associates Technology, Inc. | Software license reporting and control system and method |
US6862581B1 (en) * | 2002-12-19 | 2005-03-01 | Networks Associates Technology, Inc. | Patch distribution system, method and computer program product |
Cited By (310)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8272060B2 (en) | 2000-06-19 | 2012-09-18 | Stragent, Llc | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
US8204945B2 (en) | 2000-06-19 | 2012-06-19 | Stragent, Llc | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US8661126B2 (en) | 2002-01-15 | 2014-02-25 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7673043B2 (en) | 2002-01-15 | 2010-03-02 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8700767B2 (en) | 2002-01-15 | 2014-04-15 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US20090259748A1 (en) * | 2002-01-15 | 2009-10-15 | Mcclure Stuart C | System and method for network vulnerability detection and reporting |
US8135830B2 (en) | 2002-01-15 | 2012-03-13 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8621060B2 (en) | 2002-01-15 | 2013-12-31 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US20070283007A1 (en) * | 2002-01-15 | 2007-12-06 | Keir Robin M | System And Method For Network Vulnerability Detection And Reporting |
US8621073B2 (en) | 2002-01-15 | 2013-12-31 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8615582B2 (en) | 2002-01-15 | 2013-12-24 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US20070283441A1 (en) * | 2002-01-15 | 2007-12-06 | Cole David M | System And Method For Network Vulnerability Detection And Reporting |
US8135823B2 (en) | 2002-01-15 | 2012-03-13 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8042149B2 (en) | 2002-03-08 | 2011-10-18 | Mcafee, Inc. | Systems and methods for message threat management |
US8069481B2 (en) | 2002-03-08 | 2011-11-29 | Mcafee, Inc. | Systems and methods for message threat management |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US8631495B2 (en) | 2002-03-08 | 2014-01-14 | Mcafee, Inc. | Systems and methods for message threat management |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US7779466B2 (en) | 2002-03-08 | 2010-08-17 | Mcafee, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US8549611B2 (en) | 2002-03-08 | 2013-10-01 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8042181B2 (en) | 2002-03-08 | 2011-10-18 | Mcafee, Inc. | Systems and methods for message threat management |
US20030172301A1 (en) * | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for adaptive message interrogation through multiple queues |
US20040073800A1 (en) * | 2002-05-22 | 2004-04-15 | Paragi Shah | Adaptive intrusion detection system |
US20040117624A1 (en) * | 2002-10-21 | 2004-06-17 | Brandt David D. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
US20040107345A1 (en) * | 2002-10-21 | 2004-06-03 | Brandt David D. | System and methodology providing automation security protocols and intrusion detection in an industrial controller environment |
US9009084B2 (en) | 2002-10-21 | 2015-04-14 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis and network intrusion protection in an industrial environment |
US10862902B2 (en) | 2002-10-21 | 2020-12-08 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis and network intrusion protection in an industrial environment |
US9412073B2 (en) | 2002-10-21 | 2016-08-09 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis and network intrusion protection in an industrial environment |
US8909926B2 (en) | 2002-10-21 | 2014-12-09 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
US20040088581A1 (en) * | 2002-11-04 | 2004-05-06 | Brawn John Melvin | Signal level propagation mechanism for distribution of a payload to vulnerable systems |
US7353539B2 (en) | 2002-11-04 | 2008-04-01 | Hewlett-Packard Development Company, L.P. | Signal level propagation mechanism for distribution of a payload to vulnerable systems |
US20050015623A1 (en) * | 2003-02-14 | 2005-01-20 | Williams John Leslie | System and method for security information normalization |
US8091117B2 (en) | 2003-02-14 | 2012-01-03 | Preventsys, Inc. | System and method for interfacing with heterogeneous network data gathering tools |
US8789140B2 (en) | 2003-02-14 | 2014-07-22 | Preventsys, Inc. | System and method for interfacing with heterogeneous network data gathering tools |
US20050008001A1 (en) * | 2003-02-14 | 2005-01-13 | John Leslie Williams | System and method for interfacing with heterogeneous network data gathering tools |
US20050010819A1 (en) * | 2003-02-14 | 2005-01-13 | Williams John Leslie | System and method for generating machine auditable network policies |
US8561175B2 (en) * | 2003-02-14 | 2013-10-15 | Preventsys, Inc. | System and method for automated policy audit and remediation management |
US20050015622A1 (en) * | 2003-02-14 | 2005-01-20 | Williams John Leslie | System and method for automated policy audit and remediation management |
US20050257267A1 (en) * | 2003-02-14 | 2005-11-17 | Williams John L | Network audit and policy assurance system |
US9094434B2 (en) | 2003-02-14 | 2015-07-28 | Mcafee, Inc. | System and method for automated policy audit and remediation management |
US7536456B2 (en) | 2003-02-14 | 2009-05-19 | Preventsys, Inc. | System and method for applying a machine-processable policy rule to information gathered about a network |
US8793763B2 (en) | 2003-02-14 | 2014-07-29 | Preventsys, Inc. | System and method for interfacing with heterogeneous network data gathering tools |
US20070136622A1 (en) * | 2003-03-21 | 2007-06-14 | Kevin Price | Auditing System and Method |
US9202183B2 (en) * | 2003-03-21 | 2015-12-01 | Ca, Inc. | Auditing system and method |
US8578002B1 (en) | 2003-05-12 | 2013-11-05 | Sourcefire, Inc. | Systems and methods for determining characteristics of a network and enforcing policy |
US10609063B1 (en) * | 2003-07-01 | 2020-03-31 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US20150033351A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20050005159A1 (en) * | 2003-07-01 | 2005-01-06 | Oliphant Brett M. | Vulnerability and remediation database |
US8266699B2 (en) * | 2003-07-01 | 2012-09-11 | SecurityProfiling Inc. | Multiple-path remediation |
US20160088010A1 (en) * | 2003-07-01 | 2016-03-24 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US20160094576A1 (en) * | 2003-07-01 | 2016-03-31 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20050022003A1 (en) * | 2003-07-01 | 2005-01-27 | Oliphant Brett M. | Client capture of vulnerability data |
US9225686B2 (en) | 2003-07-01 | 2015-12-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20050044389A1 (en) * | 2003-07-01 | 2005-02-24 | Oliphant Brett M. | Multiple-path remediation |
US9118711B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US11632388B1 (en) * | 2003-07-01 | 2023-04-18 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US9118710B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
US9117069B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US9118709B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US9118708B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Multi-path remediation |
US11310262B1 (en) * | 2003-07-01 | 2022-04-19 | Security Profiling, LLC | Real-time vulnerability monitoring |
US10893066B1 (en) * | 2003-07-01 | 2021-01-12 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US10547631B1 (en) | 2003-07-01 | 2020-01-28 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US9350752B2 (en) * | 2003-07-01 | 2016-05-24 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US10154055B2 (en) * | 2003-07-01 | 2018-12-11 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US9100431B2 (en) * | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US20070112941A2 (en) * | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Client capture of vulnerability data |
US20070113100A2 (en) * | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Multiple-path remediation |
US10021124B2 (en) * | 2003-07-01 | 2018-07-10 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US10104110B2 (en) * | 2003-07-01 | 2018-10-16 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20150033323A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Virtual patching system, method, and computer program product |
US10050988B2 (en) * | 2003-07-01 | 2018-08-14 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20060259593A2 (en) * | 2003-07-01 | 2006-11-16 | Securityprofiling, Inc. | Client capture of vulnerability data |
US10075466B1 (en) | 2003-07-01 | 2018-09-11 | Securityprofiling, Llc | Real-time vulnerability monitoring |
US20060259779A2 (en) * | 2003-07-01 | 2006-11-16 | Securityprofiling, Inc. | Multiple-path remediation |
US20060259972A2 (en) * | 2003-07-01 | 2006-11-16 | Securityprofiling, Inc. | Vulnerability and remediation database |
US20150040231A1 (en) * | 2003-07-01 | 2015-02-05 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US20150033287A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20150040230A1 (en) * | 2003-07-01 | 2015-02-05 | Securityprofiling, Llc | Multi-path remediation |
US20070256132A2 (en) * | 2003-07-01 | 2007-11-01 | Securityprofiling, Inc. | Vulnerability and remediation database |
US20150033352A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
US20150033349A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
AU2004202974B2 (en) * | 2003-07-16 | 2009-12-03 | Microsoft Technology Licensing, Llc | Automatic detection and patching of vulnerable files |
EP1505499A1 (en) * | 2003-07-16 | 2005-02-09 | Microsoft Corporation | Automatic detection and patching of vulnerable files |
NO337222B1 (en) * | 2003-07-16 | 2016-02-15 | Microsoft Technology Licensing Llc | Automatic detection and repair of vulnerable files |
US7424706B2 (en) | 2003-07-16 | 2008-09-09 | Microsoft Corporation | Automatic detection and patching of vulnerable files |
US20050015760A1 (en) * | 2003-07-16 | 2005-01-20 | Oleg Ivanov | Automatic detection and patching of vulnerable files |
SG139545A1 (en) * | 2003-07-16 | 2008-02-29 | Microsoft Corp | Automatic detection and patching of vulnerable files |
US7647631B2 (en) | 2003-12-10 | 2010-01-12 | Hewlett-Packard Development Company | Automated user interaction in application assessment |
US20050132232A1 (en) * | 2003-12-10 | 2005-06-16 | Caleb Sima | Automated user interaction in application assessment |
US20050198530A1 (en) * | 2003-12-12 | 2005-09-08 | Chess David M. | Methods and apparatus for adaptive server reprovisioning under security assault |
US20050172019A1 (en) * | 2004-01-31 | 2005-08-04 | Williamson Matthew M. | Network management |
GB2410647A (en) * | 2004-01-31 | 2005-08-03 | Hewlett Packard Development Co | Identifying and Patching Vulnerabilities in a Network |
US8392995B2 (en) * | 2004-01-31 | 2013-03-05 | Hewlett-Packard Development Company, L.P. | Network management |
US8201257B1 (en) | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
US7519954B1 (en) | 2004-04-08 | 2009-04-14 | Mcafee, Inc. | System and method of operating system identification |
US7698275B2 (en) | 2004-05-21 | 2010-04-13 | Computer Associates Think, Inc. | System and method for providing remediation management |
US20060010497A1 (en) * | 2004-05-21 | 2006-01-12 | O'brien Darci | System and method for providing remediation management |
EP1784741A4 (en) * | 2004-05-21 | 2009-04-22 | Computer Ass Think Inc | System and method for providing remediation management |
US20100100965A1 (en) * | 2004-05-21 | 2010-04-22 | Computer Associates Think, Inc. | System and method for providing remediation management |
US20130263267A1 (en) * | 2004-07-13 | 2013-10-03 | International Business Machines Corporation | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
KR100956574B1 (en) | 2004-07-13 | 2010-05-07 | 인터내셔널 비지네스 머신즈 코포레이션 | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
US20060015941A1 (en) * | 2004-07-13 | 2006-01-19 | Mckenna John J | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
WO2006005679A1 (en) * | 2004-07-13 | 2006-01-19 | International Business Machines Corporation | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
US8458793B2 (en) * | 2004-07-13 | 2013-06-04 | International Business Machines Corporation | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
JP2008507017A (en) * | 2004-07-13 | 2008-03-06 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Methods, computer programs, and data structures for intrusion detection, intrusion response, and vulnerability remediation across target computer systems |
JP4852542B2 (en) * | 2004-07-13 | 2012-01-11 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Methods, computer programs, and data structures for intrusion detection, intrusion response, and vulnerability remediation across target computer systems |
EP1630710A3 (en) * | 2004-07-21 | 2013-05-15 | Microsoft Corporation | Containment of worms |
US20060021051A1 (en) * | 2004-07-23 | 2006-01-26 | D Mello Kurt | Determining technology-appropriate remediation for vulnerability |
US7694337B2 (en) * | 2004-07-23 | 2010-04-06 | Fortinet, Inc. | Data structure for vulnerability-based remediation selection |
US20060021053A1 (en) * | 2004-07-23 | 2006-01-26 | D Mello Kurt | Data structure for vulnerability-based remediation selection |
US9349013B2 (en) | 2004-07-23 | 2016-05-24 | Fortinet, Inc. | Vulnerability-based remediation selection |
US8561197B2 (en) | 2004-07-23 | 2013-10-15 | Fortinet, Inc. | Vulnerability-based remediation selection |
US8171555B2 (en) | 2004-07-23 | 2012-05-01 | Fortinet, Inc. | Determining technology-appropriate remediation for vulnerability |
US20060021052A1 (en) * | 2004-07-23 | 2006-01-26 | D Mello Kurt | Mapping remediation to plurality of vulnerabilities |
US20060018478A1 (en) * | 2004-07-23 | 2006-01-26 | Diefenderfer Kristopher G | Secure communication protocol |
US20100199353A1 (en) * | 2004-07-23 | 2010-08-05 | Fortinet, Inc. | Vulnerability-based remediation selection |
US8635702B2 (en) | 2004-07-23 | 2014-01-21 | Fortinet, Inc. | Determining technology-appropriate remediation for vulnerability |
US7774848B2 (en) * | 2004-07-23 | 2010-08-10 | Fortinet, Inc. | Mapping remediation to plurality of vulnerabilities |
US20060026686A1 (en) * | 2004-07-30 | 2006-02-02 | Trueba Luis R Z | System and method for restricting access to an enterprise network |
US20090183233A1 (en) * | 2004-07-30 | 2009-07-16 | Electronic Data Systems Corporation | System and Method for Restricting Access to an Enterprise Network |
US7509676B2 (en) | 2004-07-30 | 2009-03-24 | Electronic Data Systems Corporation | System and method for restricting access to an enterprise network |
WO2006023013A1 (en) * | 2004-07-30 | 2006-03-02 | Electronic Data Systems Corporation | System and method for restricting access to an enterprise network |
US8434152B2 (en) | 2004-07-30 | 2013-04-30 | Hewlett-Packard Development Company, L.P. | System and method for restricting access to an enterprise network |
US7665119B2 (en) | 2004-09-03 | 2010-02-16 | Secure Elements, Inc. | Policy-based selection of remediation |
US20100153490A1 (en) * | 2004-09-03 | 2010-06-17 | Fortinet, Inc. | Centralized data transformation |
US8336103B2 (en) | 2004-09-03 | 2012-12-18 | Fortinet, Inc. | Data structure for policy-based remediation selection |
US20060053265A1 (en) * | 2004-09-03 | 2006-03-09 | Durham Roderick H | Centralized data transformation |
US20100257585A1 (en) * | 2004-09-03 | 2010-10-07 | Fortinet, Inc. | Data structure for policy-based remediation selection |
US7761920B2 (en) | 2004-09-03 | 2010-07-20 | Fortinet, Inc. | Data structure for policy-based remediation selection |
US20060053134A1 (en) * | 2004-09-03 | 2006-03-09 | Durham Roderick H | Centralized data transformation |
US20060053476A1 (en) * | 2004-09-03 | 2006-03-09 | Bezilla Daniel B | Data structure for policy-based remediation selection |
US9392024B2 (en) | 2004-09-03 | 2016-07-12 | Fortinet, Inc. | Policy-based selection of remediation |
US7703137B2 (en) | 2004-09-03 | 2010-04-20 | Fortinet, Inc. | Centralized data transformation |
US8341691B2 (en) | 2004-09-03 | 2012-12-25 | Colorado Remediation Technologies, Llc | Policy based selection of remediation |
US9602550B2 (en) | 2004-09-03 | 2017-03-21 | Fortinet, Inc. | Policy-based selection of remediation |
US8561134B2 (en) | 2004-09-03 | 2013-10-15 | Colorado Remediation Technologies, Llc | Policy-based selection of remediation |
US8001600B2 (en) | 2004-09-03 | 2011-08-16 | Fortinet, Inc. | Centralized data transformation |
US20100138897A1 (en) * | 2004-09-03 | 2010-06-03 | Secure Elements, Inc. | Policy-based selection of remediation |
US9154523B2 (en) | 2004-09-03 | 2015-10-06 | Fortinet, Inc. | Policy-based selection of remediation |
US7672948B2 (en) * | 2004-09-03 | 2010-03-02 | Fortinet, Inc. | Centralized data transformation |
US20060075503A1 (en) * | 2004-09-13 | 2006-04-06 | Achilles Guard, Inc. Dba Critical Watch | Method and system for applying security vulnerability management process to an organization |
US20060080738A1 (en) * | 2004-10-08 | 2006-04-13 | Bezilla Daniel B | Automatic criticality assessment |
CN100390753C (en) * | 2004-11-01 | 2008-05-28 | 株式会社Ntt都科摩 | Terminal control apparatus having a fragility detection unit |
US7845010B2 (en) | 2004-11-01 | 2010-11-30 | Ntt Docomo, Inc. | Terminal control apparatus and terminal control method |
US20060099847A1 (en) * | 2004-11-01 | 2006-05-11 | Ntt Docomo, Inc. | Terminal control apparatus and terminal control method |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US20060185018A1 (en) * | 2005-02-17 | 2006-08-17 | Microsoft Corporation | Systems and methods for shielding an identified vulnerability |
US20060191012A1 (en) * | 2005-02-22 | 2006-08-24 | Banzhof Carl E | Security risk analysis system and method |
US7278163B2 (en) | 2005-02-22 | 2007-10-02 | Mcafee, Inc. | Security risk analysis system and method |
US20060259974A1 (en) * | 2005-05-16 | 2006-11-16 | Microsoft Corporation | System and method of opportunistically protecting a computer from malware |
US8561190B2 (en) * | 2005-05-16 | 2013-10-15 | Microsoft Corporation | System and method of opportunistically protecting a computer from malware |
US7743421B2 (en) | 2005-05-18 | 2010-06-22 | Alcatel Lucent | Communication network security risk exposure management systems and methods |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
EP1768044A2 (en) * | 2005-09-22 | 2007-03-28 | Alcatel | Security vulnerability information aggregation |
US8095984B2 (en) | 2005-09-22 | 2012-01-10 | Alcatel Lucent | Systems and methods of associating security vulnerabilities and assets |
US8438643B2 (en) | 2005-09-22 | 2013-05-07 | Alcatel Lucent | Information system service-level security risk analysis |
EP1768044A3 (en) * | 2005-09-22 | 2008-04-23 | Alcatel Lucent | Security vulnerability information aggregation |
US8544098B2 (en) | 2005-09-22 | 2013-09-24 | Alcatel Lucent | Security vulnerability information aggregation |
US20070067847A1 (en) * | 2005-09-22 | 2007-03-22 | Alcatel | Information system service-level security risk analysis |
US20070067848A1 (en) * | 2005-09-22 | 2007-03-22 | Alcatel | Security vulnerability information aggregation |
EP2284757A1 (en) * | 2005-09-22 | 2011-02-16 | Alcatel Lucent | Security vulnerability information aggregation |
US8046833B2 (en) | 2005-11-14 | 2011-10-25 | Sourcefire, Inc. | Intrusion event correlation with network discovery information |
WO2007058946A2 (en) | 2005-11-14 | 2007-05-24 | Sourcefire, Inc. | Systems and methods for modifying network map attributes |
EP1949242A2 (en) * | 2005-11-14 | 2008-07-30 | Sourcefire, Inc. | Systems and methods for modifying network map attributes |
US20080244741A1 (en) * | 2005-11-14 | 2008-10-02 | Eric Gustafson | Intrusion event correlation with network discovery information |
US8289882B2 (en) | 2005-11-14 | 2012-10-16 | Sourcefire, Inc. | Systems and methods for modifying network map attributes |
EP1949242A4 (en) * | 2005-11-14 | 2011-08-17 | Sourcefire Inc | Systems and methods for modifying network map attributes |
US8898787B2 (en) | 2006-03-24 | 2014-11-25 | AVG Netherlands, B.V. | Software vulnerability exploitation shield |
US20070226797A1 (en) * | 2006-03-24 | 2007-09-27 | Exploit Prevention Labs, Inc. | Software vulnerability exploitation shield |
US20080077976A1 (en) * | 2006-09-27 | 2008-03-27 | Rockwell Automation Technologies, Inc. | Cryptographic authentication protocol |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US9544272B2 (en) | 2007-01-24 | 2017-01-10 | Intel Corporation | Detecting image spam |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US8578051B2 (en) | 2007-01-24 | 2013-11-05 | Mcafee, Inc. | Reputation based load balancing |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US10050917B2 (en) | 2007-01-24 | 2018-08-14 | Mcafee, Llc | Multi-dimensional reputation scoring |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US8762537B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US9009321B2 (en) | 2007-01-24 | 2015-04-14 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US20080209518A1 (en) * | 2007-02-28 | 2008-08-28 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
US8069352B2 (en) | 2007-02-28 | 2011-11-29 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
US20080263664A1 (en) * | 2007-04-17 | 2008-10-23 | Mckenna John J | Method of integrating a security operations policy into a threat management vector |
US8127353B2 (en) | 2007-04-30 | 2012-02-28 | Sourcefire, Inc. | Real-time user awareness for a computer network |
US20080276319A1 (en) * | 2007-04-30 | 2008-11-06 | Sourcefire, Inc. | Real-time user awareness for a computer network |
US20090007269A1 (en) * | 2007-06-29 | 2009-01-01 | Network Security Technologies, Inc. | Using imported data from security tools |
US9118706B2 (en) * | 2007-06-29 | 2015-08-25 | Verizon Patent And Licensing Inc. | Using imported data from security tools |
US9569523B2 (en) | 2007-08-21 | 2017-02-14 | Google Inc. | Bundle generation |
US9064024B2 (en) | 2007-08-21 | 2015-06-23 | Google Inc. | Bundle generation |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8621559B2 (en) | 2007-11-06 | 2013-12-31 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US8839460B2 (en) * | 2008-03-07 | 2014-09-16 | Qualcomm Incorporated | Method for securely communicating information about the location of a compromised computing device |
US8850568B2 (en) * | 2008-03-07 | 2014-09-30 | Qualcomm Incorporated | Method and apparatus for detecting unauthorized access to a computing device and securely communicating information about such unauthorized access |
US20090228698A1 (en) * | 2008-03-07 | 2009-09-10 | Qualcomm Incorporated | Method and Apparatus for Detecting Unauthorized Access to a Computing Device and Securely Communicating Information about such Unauthorized Access |
US20090228981A1 (en) * | 2008-03-07 | 2009-09-10 | Qualcomm Incorporated | Method For Securely Communicating Information About The Location Of A Compromised Computing Device |
US8606910B2 (en) | 2008-04-04 | 2013-12-10 | Mcafee, Inc. | Prioritizing network traffic |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8474043B2 (en) | 2008-04-17 | 2013-06-25 | Sourcefire, Inc. | Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing |
US20090262659A1 (en) * | 2008-04-17 | 2009-10-22 | Sourcefire, Inc. | Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing |
US8272055B2 (en) | 2008-10-08 | 2012-09-18 | Sourcefire, Inc. | Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system |
US9055094B2 (en) | 2008-10-08 | 2015-06-09 | Cisco Technology, Inc. | Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system |
US20100088767A1 (en) * | 2008-10-08 | 2010-04-08 | Sourcefire, Inc. | Target-based smb and dce/rpc processing for an intrusion detection system or intrusion prevention system |
US9450975B2 (en) | 2008-10-08 | 2016-09-20 | Cisco Technology, Inc. | Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system |
USRE48669E1 (en) * | 2009-11-18 | 2021-08-03 | Lookout, Inc. | System and method for identifying and [assessing] remediating vulnerabilities on a mobile communications device |
US9152708B1 (en) | 2009-12-14 | 2015-10-06 | Google Inc. | Target-video specific co-watched video clusters |
US9532222B2 (en) | 2010-03-03 | 2016-12-27 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US10445732B2 (en) | 2010-03-03 | 2019-10-15 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US11832099B2 (en) | 2010-03-03 | 2023-11-28 | Cisco Technology, Inc. | System and method of notifying mobile devices to complete transactions |
US20110219230A1 (en) * | 2010-03-03 | 2011-09-08 | Jon Oberheide | System and method of notifying mobile devices to complete transactions |
US11341475B2 (en) | 2010-03-03 | 2022-05-24 | Cisco Technology, Inc | System and method of notifying mobile devices to complete transactions after additional agent verification |
US11172361B2 (en) | 2010-03-03 | 2021-11-09 | Cisco Technology, Inc. | System and method of notifying mobile devices to complete transactions |
US9992194B2 (en) | 2010-03-03 | 2018-06-05 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions |
US9544143B2 (en) | 2010-03-03 | 2017-01-10 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions |
US10706421B2 (en) | 2010-03-03 | 2020-07-07 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US8677486B2 (en) | 2010-04-16 | 2014-03-18 | Sourcefire, Inc. | System and method for near-real time network attack detection, and system and method for unified detection via detection routing |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US9110905B2 (en) | 2010-06-11 | 2015-08-18 | Cisco Technology, Inc. | System and method for assigning network blocks to sensors |
US8433790B2 (en) | 2010-06-11 | 2013-04-30 | Sourcefire, Inc. | System and method for assigning network blocks to sensors |
US8671182B2 (en) | 2010-06-22 | 2014-03-11 | Sourcefire, Inc. | System and method for resolving operating system or service identity conflicts |
US8893251B2 (en) | 2010-12-02 | 2014-11-18 | Duo Security, Inc. | System and method for embedded authentication |
US9282085B2 (en) | 2010-12-20 | 2016-03-08 | Duo Security, Inc. | System and method for digital user authentication |
US9135432B2 (en) | 2011-03-11 | 2015-09-15 | Cisco Technology, Inc. | System and method for real time data awareness |
US9584535B2 (en) | 2011-03-11 | 2017-02-28 | Cisco Technology, Inc. | System and method for real time data awareness |
US8601034B2 (en) | 2011-03-11 | 2013-12-03 | Sourcefire, Inc. | System and method for real time data awareness |
US8892885B2 (en) | 2011-08-31 | 2014-11-18 | Duo Security, Inc. | System and method for delivering a challenge response in an authentication protocol |
US10348756B2 (en) | 2011-09-02 | 2019-07-09 | Duo Security, Inc. | System and method for assessing vulnerability of a mobile device |
US9467463B2 (en) | 2011-09-02 | 2016-10-11 | Duo Security, Inc. | System and method for assessing vulnerability of a mobile device |
US9361451B2 (en) | 2011-10-07 | 2016-06-07 | Duo Security, Inc. | System and method for enforcing a policy for an authenticator device |
US20180307849A1 (en) * | 2012-04-12 | 2018-10-25 | Netflix, Inc. | Method and system for improving security and reliability in a networked application environment |
US10691814B2 (en) * | 2012-04-12 | 2020-06-23 | Netflix, Inc. | Method and system for improving security and reliability in a networked application environment |
US9953173B2 (en) * | 2012-04-12 | 2018-04-24 | Netflix, Inc. | Method and system for improving security and reliability in a networked application environment |
US20150235035A1 (en) * | 2012-04-12 | 2015-08-20 | Netflix, Inc | Method and system for improving security and reliability in a networked application environment |
US20140137190A1 (en) * | 2012-11-09 | 2014-05-15 | Rapid7, Inc. | Methods and systems for passively detecting security levels in client devices |
US10764286B2 (en) | 2013-02-22 | 2020-09-01 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US10200368B2 (en) | 2013-02-22 | 2019-02-05 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US11323441B2 (en) | 2013-02-22 | 2022-05-03 | Cisco Technology, Inc. | System and method for proxying federated authentication protocols |
US8893230B2 (en) | 2013-02-22 | 2014-11-18 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US9455988B2 (en) | 2013-02-22 | 2016-09-27 | Duo Security, Inc. | System and method for verifying status of an authentication device |
US9491175B2 (en) | 2013-02-22 | 2016-11-08 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US10223520B2 (en) | 2013-02-22 | 2019-03-05 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US9607156B2 (en) * | 2013-02-22 | 2017-03-28 | Duo Security, Inc. | System and method for patching a device through exploitation |
US10013548B2 (en) | 2013-02-22 | 2018-07-03 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US9338156B2 (en) | 2013-02-22 | 2016-05-10 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US9443073B2 (en) | 2013-08-08 | 2016-09-13 | Duo Security, Inc. | System and method for verifying status of an authentication device |
US9053310B2 (en) | 2013-08-08 | 2015-06-09 | Duo Security, Inc. | System and method for verifying status of an authentication device through a biometric profile |
US9454656B2 (en) | 2013-08-08 | 2016-09-27 | Duo Security, Inc. | System and method for verifying status of an authentication device through a biometric profile |
US9996343B2 (en) | 2013-09-10 | 2018-06-12 | Duo Security, Inc. | System and method for determining component version compatibility across a device ecosystem |
US9608814B2 (en) | 2013-09-10 | 2017-03-28 | Duo Security, Inc. | System and method for centralized key distribution |
US9454365B2 (en) | 2013-09-10 | 2016-09-27 | Duo Security, Inc. | System and method for determining component version compatibility across a device ecosystem |
US9092302B2 (en) | 2013-09-10 | 2015-07-28 | Duo Security, Inc. | System and method for determining component version compatibility across a device ecosystem |
US9774448B2 (en) | 2013-10-30 | 2017-09-26 | Duo Security, Inc. | System and methods for opportunistic cryptographic key management on an electronic device |
US20220414217A1 (en) * | 2013-11-13 | 2022-12-29 | Proofpoint Inc. | System and method of protecting client computers |
US9825981B2 (en) * | 2014-02-14 | 2017-11-21 | Kenna Security, Inc. | Ordered computer vulnerability remediation reporting |
US8966639B1 (en) | 2014-02-14 | 2015-02-24 | Risk I/O, Inc. | Internet breach correlation |
US10305925B2 (en) | 2014-02-14 | 2019-05-28 | Kenna Security, Inc. | Ordered computer vulnerability remediation reporting |
US8984643B1 (en) * | 2014-02-14 | 2015-03-17 | Risk I/O, Inc. | Ordered computer vulnerability remediation reporting |
US9270695B2 (en) | 2014-02-14 | 2016-02-23 | Risk I/O, Inc. | Identifying vulnerabilities of computing assets based on breach data |
US20160072835A1 (en) * | 2014-02-14 | 2016-03-10 | Risk I/O, Inc. | Ordered computer vulnerability remediation reporting |
US9762590B2 (en) | 2014-04-17 | 2017-09-12 | Duo Security, Inc. | System and method for an integrity focused authentication service |
US9699204B2 (en) * | 2014-06-30 | 2017-07-04 | Electronics And Telecommunications Research Institute | Abnormal traffic detection apparatus and method based on modbus communication pattern learning |
US20150381642A1 (en) * | 2014-06-30 | 2015-12-31 | Electronics And Telecommunications Research Institute | Abnormal traffic detection apparatus and method based on modbus communication pattern learning |
US9979719B2 (en) | 2015-01-06 | 2018-05-22 | Duo Security, Inc. | System and method for converting one-time passcodes to app-based authentication |
US10021119B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Apparatus and method for automatic handling of cyber-security risk events |
US10075475B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Apparatus and method for dynamic customization of cyber-security risk item rules |
US10075474B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications |
US10021125B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Infrastructure monitoring tool for collecting industrial process control and automation system risk data |
US10686841B2 (en) | 2015-02-06 | 2020-06-16 | Honeywell International Inc. | Apparatus and method for dynamic customization of cyber-security risk item rules |
US20160234243A1 (en) * | 2015-02-06 | 2016-08-11 | Honeywell International Inc. | Technique for using infrastructure monitoring software to collect cyber-security risk data |
US10298608B2 (en) | 2015-02-11 | 2019-05-21 | Honeywell International Inc. | Apparatus and method for tying cyber-security risk analysis to common risk methodologies and risk levels |
US20190036955A1 (en) * | 2015-03-31 | 2019-01-31 | Juniper Networks, Inc | Detecting data exfiltration as the data exfiltration occurs or after the data exfiltration occurs |
US10255053B2 (en) | 2015-05-06 | 2019-04-09 | Mcafee, Llc | Alerting the presence of bundled software during an installation |
US10089095B2 (en) * | 2015-05-06 | 2018-10-02 | Mcafee, Llc | Alerting the presence of bundled software during an installation |
US9800604B2 (en) | 2015-05-06 | 2017-10-24 | Honeywell International Inc. | Apparatus and method for assigning cyber-security risk consequences in industrial process control environments |
US10521212B2 (en) | 2015-05-06 | 2019-12-31 | Mcafee, Llc | Alerting the presence of bundled software during an installation |
US9930060B2 (en) | 2015-06-01 | 2018-03-27 | Duo Security, Inc. | Method for enforcing endpoint health standards |
US9774579B2 (en) | 2015-07-27 | 2017-09-26 | Duo Security, Inc. | Method for key rotation |
US10691808B2 (en) * | 2015-12-10 | 2020-06-23 | Sap Se | Vulnerability analysis of software components |
US20170169229A1 (en) * | 2015-12-10 | 2017-06-15 | Sap Se | Vulnerability analysis of software components |
US20170272459A1 (en) * | 2016-03-18 | 2017-09-21 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of a router |
JP2017175593A (en) * | 2016-03-18 | 2017-09-28 | エーオー カスペルスキー ラボAO Kaspersky Lab | Method and system for eliminating vulnerability of router |
US9787710B1 (en) * | 2016-03-18 | 2017-10-10 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of a router |
US20170272460A1 (en) * | 2016-03-18 | 2017-09-21 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of smart devices |
US10419472B2 (en) | 2016-03-18 | 2019-09-17 | AO Kaspersky Lab | System and method for repairing vulnerabilities of devices connected to a data network |
US10084812B2 (en) | 2016-03-18 | 2018-09-25 | AO Kaspersky Lab | Method and system of repairing vulnerabilities of smart devices |
US10484416B2 (en) | 2016-03-18 | 2019-11-19 | AO Kaspersky Lab | System and method for repairing vulnerabilities of objects connected to a data network |
US9860267B2 (en) * | 2016-03-18 | 2018-01-02 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of smart devices |
US10498605B2 (en) * | 2016-06-02 | 2019-12-03 | Zscaler, Inc. | Cloud based systems and methods for determining and visualizing security risks of companies, users, and groups |
US20170359220A1 (en) * | 2016-06-02 | 2017-12-14 | Zscaler, Inc. | Cloud based systems and methods for determining and visualizing security risks of companies, users, and groups |
CN107231367A (en) * | 2017-06-21 | 2017-10-03 | 北京奇虎科技有限公司 | Method for automatically notifying, device and the server of signature information |
WO2019079359A1 (en) * | 2017-10-19 | 2019-04-25 | T-Mobile Usa, Inc. | Efficient security threat remediation |
US20190124106A1 (en) * | 2017-10-19 | 2019-04-25 | T-Mobile Usa, Inc. | Efficient security threat remediation |
US10412113B2 (en) | 2017-12-08 | 2019-09-10 | Duo Security, Inc. | Systems and methods for intelligently configuring computer security |
US11658962B2 (en) | 2018-12-07 | 2023-05-23 | Cisco Technology, Inc. | Systems and methods of push-based verification of a transaction |
US11349877B2 (en) * | 2019-06-20 | 2022-05-31 | Servicenow, Inc. | Solution management systems and methods for addressing cybersecurity vulnerabilities |
US11218503B2 (en) * | 2019-07-19 | 2022-01-04 | Jpmorgan Chase Bank, N.A. | System and method for implementing a vulnerability management module |
US11799896B2 (en) | 2019-07-19 | 2023-10-24 | Jpmorgan Chase Bank, N.A. | System and method for implementing a vulnerability management module |
JP7231664B2 (en) | 2020-05-14 | 2023-03-01 | 阿波▲羅▼智▲聯▼(北京)科技有限公司 | Vulnerability feature acquisition method, device and electronic device |
JP2021108189A (en) * | 2020-05-14 | 2021-07-29 | ベイジン バイドゥ ネットコム サイエンス テクノロジー カンパニー リミテッドBeijing Baidu Netcom Science Technology Co., Ltd. | Method for acquiring vulnerability feature, device, and electronic apparatus |
US11695796B1 (en) * | 2020-12-10 | 2023-07-04 | Amazon Technologies, Inc. | Device vulnerability detection during device handshake |
US20220222350A1 (en) * | 2021-01-08 | 2022-07-14 | Capital One Services, Llc | Vulnerability dashboard and automated remediation |
CN115174379A (en) * | 2022-07-27 | 2022-10-11 | 西安热工研究院有限公司 | Vulnerability repair method and device of industrial control network and storage medium |
Also Published As
Publication number | Publication date |
---|---|
BR0215388A (en) | 2004-12-07 |
US20050091542A1 (en) | 2005-04-28 |
US7000247B2 (en) | 2006-02-14 |
JP2005532606A (en) | 2005-10-27 |
CA2472268A1 (en) | 2003-07-17 |
US20050229256A2 (en) | 2005-10-13 |
CN1610887A (en) | 2005-04-27 |
KR20040069324A (en) | 2004-08-05 |
NO20043189L (en) | 2004-07-26 |
AU2002360844A1 (en) | 2003-07-24 |
MXPA04006473A (en) | 2004-10-04 |
EP1461707A1 (en) | 2004-09-29 |
US7308712B2 (en) | 2007-12-11 |
WO2003058457A1 (en) | 2003-07-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7000247B2 (en) | Automated computer vulnerability resolution system | |
US10893066B1 (en) | Computer program product and apparatus for multi-path remediation | |
US7278163B2 (en) | Security risk analysis system and method | |
US6023586A (en) | Integrity verifying and correcting software | |
US7490149B2 (en) | Security management apparatus, security management system, security management method, and security management program | |
US20060101517A1 (en) | Inventory management-based computer vulnerability resolution system | |
US7937697B2 (en) | Method, system and computer program for distributing software patches | |
US7752671B2 (en) | Method and device for questioning a plurality of computerized devices | |
US20020174422A1 (en) | Software distribution system | |
US20020147974A1 (en) | Networked installation system for deploying systems management platforms | |
US20160294861A1 (en) | Anti-vulnerability system, method, and computer program product | |
US20040210653A1 (en) | Method and system for patch management | |
US20060080656A1 (en) | Methods and instructions for patch management | |
US20150033351A1 (en) | Anti-vulnerability system, method, and computer program product | |
US20150033323A1 (en) | Virtual patching system, method, and computer program product | |
US20210326196A1 (en) | A remediation system to prevent incompatible program module installation in an information processing system | |
Mell et al. | Creating a patch and vulnerability management program | |
US20090319576A1 (en) | Extensible task execution techniques for network management | |
US7454791B1 (en) | Method and system for checking the security on a distributed computing environment | |
Splaine | Testing Web Security: Assessing the Security of Web Sites and Applications | |
Dempsey et al. | Automation support for security control assessments | |
WO2000075782A1 (en) | Security system | |
Souppaya et al. | Guide to enterprise patch management planning | |
Bartoletti et al. | Secure software distribution system | |
US6975955B1 (en) | Method and system for managing manufacturing test stations |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CITADEL SECURITY SOFTWARE, INC., TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BANZHOF, CARL E.;REEL/FRAME:013643/0923 Effective date: 20021231 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: MCAFEE SECURITY LLC,TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CITADEL SECURITY SOFTWARE, INC.;REEL/FRAME:018668/0179 Effective date: 20061204 Owner name: MCAFEE SECURITY LLC, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CITADEL SECURITY SOFTWARE, INC.;REEL/FRAME:018668/0179 Effective date: 20061204 |
|
AS | Assignment |
Owner name: MCAFEE, INC., A DELAWARE CORPORATION,CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MCAFEE SECURITY, LLC, A DELAWARE LIMITED LIABILITY COMPANY;REEL/FRAME:018923/0152 Effective date: 20070222 Owner name: MCAFEE, INC., A DELAWARE CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MCAFEE SECURITY, LLC, A DELAWARE LIMITED LIABILITY COMPANY;REEL/FRAME:018923/0152 Effective date: 20070222 |
|
B1 | Reexamination certificate first reexamination |
Free format text: THE PATENTABILITY OF CLAIMS 13-25 IS CONFIRMED. CLAIMS 1, 3, 6, 10, 26, 30-32, 35, 38 AND 41 ARE DETERMINED TO BE PATENTABLE AS AMENDED. CLAIMS 2, 4, 5, 7-9, 11, 12, 27-29, 33, 34, 36, 37, 39, 40 AND 42-44, DEPENDENT ON AN AMENDED CLAIM, ARE DETERMINED TO BE PATENTABLE. |
|
FEPP | Fee payment procedure |
Free format text: PAT HOLDER NO LONGER CLAIMS SMALL ENTITY STATUS, ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: STOL); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
RR | Request for reexamination filed |
Effective date: 20060302 |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
FEPP | Fee payment procedure |
Free format text: PAYER NUMBER DE-ASSIGNED (ORIGINAL EVENT CODE: RMPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 12 |
|
AS | Assignment |
Owner name: MCAFEE, LLC, CALIFORNIA Free format text: CHANGE OF NAME AND ENTITY CONVERSION;ASSIGNOR:MCAFEE, INC.;REEL/FRAME:043665/0918 Effective date: 20161220 |
|
AS | Assignment |
Owner name: MORGAN STANLEY SENIOR FUNDING, INC., MARYLAND Free format text: SECURITY INTEREST;ASSIGNOR:MCAFEE, LLC;REEL/FRAME:045056/0676 Effective date: 20170929 Owner name: JPMORGAN CHASE BANK, N.A., NEW YORK Free format text: SECURITY INTEREST;ASSIGNOR:MCAFEE, LLC;REEL/FRAME:045055/0786 Effective date: 20170929 |
|
AS | Assignment |
Owner name: MORGAN STANLEY SENIOR FUNDING, INC., MARYLAND Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE REMOVE PATENT 6336186 PREVIOUSLY RECORDED ON REEL 045056 FRAME 0676. ASSIGNOR(S) HEREBY CONFIRMS THE SECURITY INTEREST;ASSIGNOR:MCAFEE, LLC;REEL/FRAME:054206/0593 Effective date: 20170929 Owner name: JPMORGAN CHASE BANK, N.A., NEW YORK Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE REMOVE PATENT 6336186 PREVIOUSLY RECORDED ON REEL 045055 FRAME 786. ASSIGNOR(S) HEREBY CONFIRMS THE SECURITY INTEREST;ASSIGNOR:MCAFEE, LLC;REEL/FRAME:055854/0047 Effective date: 20170929 |
|
AS | Assignment |
Owner name: MCAFEE, LLC, CALIFORNIA Free format text: RELEASE OF INTELLECTUAL PROPERTY COLLATERAL - REEL/FRAME 045055/0786;ASSIGNOR:JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT;REEL/FRAME:054238/0001 Effective date: 20201026 |
|
AS | Assignment |
Owner name: MCAFEE, LLC, CALIFORNIA Free format text: RELEASE OF INTELLECTUAL PROPERTY COLLATERAL - REEL/FRAME 045056/0676;ASSIGNOR:MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL AGENT;REEL/FRAME:059354/0213 Effective date: 20220301 |
|
AS | Assignment |
Owner name: JPMORGAN CHASE BANK, N.A., AS ADMINISTRATIVE AGENT AND COLLATERAL AGENT, NEW YORK Free format text: SECURITY INTEREST;ASSIGNOR:MCAFEE, LLC;REEL/FRAME:059354/0335 Effective date: 20220301 |
|
AS | Assignment |
Owner name: JPMORGAN CHASE BANK, N.A., AS ADMINISTRATIVE AGENT, NEW YORK Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE THE PATENT TITLES AND REMOVE DUPLICATES IN THE SCHEDULE PREVIOUSLY RECORDED AT REEL: 059354 FRAME: 0335. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:MCAFEE, LLC;REEL/FRAME:060792/0307 Effective date: 20220301 |