Assessing security control quality and state in an information technology infrastructure
First Claim
1. One or more non-transitory computer-readable media storing computer-executable instructions which when executed by a computer cause the computer to perform a method, the method comprising:
- displaying a user interface that indicates a security control status of assets in an information technology (IT) infrastructure that are monitored by two or more security controls,wherein the user interface includes at least a first portion of the user interface that displays a security control status of a first set of the assets monitored by a first security control, the first portion of the user interface displaying two or more security states monitored by the first security control and further indicating the number of assets in each of the two or more security states monitored by the first security control, and wherein the method further comprises allowing a user to select one of the two or more security states in the first portion of the user interface,wherein the user interface further includes at least a second portion of the user interface that displays a security control status of a second set of the assets monitored by a second security control, at least some of the second set of the assets monitored by the second security control overlapping with the first set of the assets monitored by the first security control, the second portion of the user interface displaying two or more security states monitored by the second security control and further indicating the number of assets in each of the two or more security states monitored by the second security control, andwherein the method further comprises, upon user selection of the one of the two or more security states in the first portion, automatically highlighting one or more of the security states in the second portion of the user interface monitored by the second security control and having overlapping assets with the selected one of the security states from the first portion,wherein the first security control is a vulnerability assessment security control, and wherein the first portion of the user interface comprises a two-dimensional vulnerability risk matrix comprising multiple indicators that form the matrix, one or more of the indicators indicating the number of assets monitored by the vulnerability assessment security control having the corresponding vulnerability risk represented by the respective indicator, andwherein the second security control is one of a policy compliance security control, a change data security control, or a log event data security control.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are representative embodiments of methods, apparatus, and systems for processing and managing information from one or more security control tools, such as a security configuration management tool, a vulnerability management tool, an event logging tool, or other IT infrastructure security or monitoring tool that is used to monitor, secure, and/or control assets in an IT infrastructure. For example, in some embodiments, user interfaces are disclosed that allow a user to quickly view, filter, and evaluate the degree of security control coverage in selected assets of an enterprise. In further embodiments, user interfaces are disclosed that allow a user to view and evaluate the current security state for selected assets in across a variety of categories and, in some cases, as guided by a two-dimensional vulnerability risk matrix.
35 Citations
12 Claims
-
1. One or more non-transitory computer-readable media storing computer-executable instructions which when executed by a computer cause the computer to perform a method, the method comprising:
-
displaying a user interface that indicates a security control status of assets in an information technology (IT) infrastructure that are monitored by two or more security controls, wherein the user interface includes at least a first portion of the user interface that displays a security control status of a first set of the assets monitored by a first security control, the first portion of the user interface displaying two or more security states monitored by the first security control and further indicating the number of assets in each of the two or more security states monitored by the first security control, and wherein the method further comprises allowing a user to select one of the two or more security states in the first portion of the user interface, wherein the user interface further includes at least a second portion of the user interface that displays a security control status of a second set of the assets monitored by a second security control, at least some of the second set of the assets monitored by the second security control overlapping with the first set of the assets monitored by the first security control, the second portion of the user interface displaying two or more security states monitored by the second security control and further indicating the number of assets in each of the two or more security states monitored by the second security control, and wherein the method further comprises, upon user selection of the one of the two or more security states in the first portion, automatically highlighting one or more of the security states in the second portion of the user interface monitored by the second security control and having overlapping assets with the selected one of the security states from the first portion, wherein the first security control is a vulnerability assessment security control, and wherein the first portion of the user interface comprises a two-dimensional vulnerability risk matrix comprising multiple indicators that form the matrix, one or more of the indicators indicating the number of assets monitored by the vulnerability assessment security control having the corresponding vulnerability risk represented by the respective indicator, and wherein the second security control is one of a policy compliance security control, a change data security control, or a log event data security control. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method, comprising:
-
displaying a user interface that indicates a security control status of assets in an information technology (IT) infrastructure that are monitored by two or more security controls, wherein the user interface includes at least a first portion of the user interface that displays a security control status of a first set of the assets monitored by a first security control, the first portion of the user interface displaying two or more security states monitored by the first security control and further indicating the number of assets in each of the two or more security states monitored by the first security control, and wherein the method further comprises allowing a user to select one of the two or more security states in the first portion of the user interface, wherein the user interface further includes at least a second portion of the user interface that displays a security control status of a second set of the assets monitored by a second security control, at least some of the second set of the assets monitored by the second security control overlapping with the first set of the assets monitored by the first security control, the second portion of the user interface displaying two or more security states monitored by the second security control and further indicating the number of assets in each of the two or more security states monitored by the second security control, and wherein the method further comprises, upon user selection of the one of the two or more security states in the first portion, automatically highlighting one or more of the security states in the second portion of the user interface monitored by the second security control and having overlapping assets with the selected one of the security states from the first portion, wherein the first security control is a vulnerability assessment security control, and wherein the first portion of the user interface comprises a two-dimensional vulnerability risk matrix comprising multiple indicators that form the matrix, one or more of the indicators indicating the number of assets monitored by the vulnerability assessment security control having the corresponding vulnerability risk represented by the respective indicator, and wherein the second security control is one of a policy compliance security control, a change data security control, or a log event data security control. - View Dependent Claims (6, 7, 8)
-
-
9. A system, comprising:
-
a processor; and a memory storing instructions, which when executed by the processor cause the processor to perform a method, the method comprising; displaying a user interface that indicates a security control status of assets in an information technology (IT) infrastructure that are monitored by two or more security controls, wherein the user interface includes at least a first portion of the user interface that displays a security control status of a first set of the assets monitored by a first security control, the first portion of the user interface displaying two or more security states monitored by the first security control and further indicating the number of assets in each of the two or more security states monitored by the first security control, and wherein the method further comprises allowing a user to select one of the two or more security states in the first portion of the user interface, wherein the user interface further includes at least a second portion of the user interface that displays a security control status of a second set of the assets monitored by a second security control, at least some of the second set of the assets monitored by the second security control overlapping with the first set of the assets monitored by the first security control, the second portion of the user interface displaying two or more security states monitored by the second security control and further indicating the number of assets in each of the two or more security states monitored by the second security control, and wherein the method further comprises, upon user selection of the one of the two or more security states in the first portion, automatically highlighting one or more of the security states in the second portion of the user interface monitored by the second security control and having overlapping assets with the selected one of the security states from the first portion, wherein the first security control is a vulnerability assessment security control, and wherein the first portion of the user interface comprises a two-dimensional vulnerability risk matrix comprising multiple indicators that form the matrix, one or more of the indicators indicating the number of assets monitored by the vulnerability assessment security control having the corresponding vulnerability risk represented by the respective indicator, and wherein the second security control is one of a policy compliance security control, a change data security control, or a log event data security control. - View Dependent Claims (10, 11, 12)
-
Specification