Reporter
First Claim
1. A method of generating a report comprising:
- receiving raw data, wherein the raw data comprises test results;
storing the raw data;
determining a plurality of raw vulnerabilities based on the raw data;
selecting, based on a report recipient, a plurality of selected vulnerabilities, wherein each of the plurality of selected vulnerabilities is contained in the set of the plurality of raw vulnerabilities;
selecting, for each of the plurality of selected vulnerabilities, a selected report element, wherein each selected report element is selected, based on the report recipient, from a plurality of report elements that corresponds to the selected vulnerability;
wherein the selected report elements are included in a report; and
transmitting the report to the report recipient.
1 Assignment
0 Petitions
Accused Products
Abstract
To answer the security needs of the market, a preferred embodiment was developed. A preferred embodiment provides real-time network security vulnerability assessment tests, possibly complete with recommended security solutions. External vulnerability assessment tests can emulate hacker methodology in a safe way and enable study of a network for security openings, thereby gaining a true view of risk level without affecting customer operations. Because this assessment can be performed over the Internet, both domestic and worldwide corporations benefit. A preferred embodiment'"'"'s physical subsystems combine to form a scalable holistic system that can be able to conduct tests for thousands of customers any place in the world. The security skills of experts can be embedded into a preferred embodiment systems and automated the test process to enable the security vulnerability test to be conducted on a continuous basis for multiple customers at the same time. A preferred embodiment can reduce the work time required for security practices of companies from three weeks to less than a day, as well as significantly increase their capacity. Component subsystems typically include a Database, Command Engine, Gateway, multiple Testers, Report Generator, and an RMCT.
314 Citations
24 Claims
-
1. A method of generating a report comprising:
-
receiving raw data, wherein the raw data comprises test results;
storing the raw data;
determining a plurality of raw vulnerabilities based on the raw data;
selecting, based on a report recipient, a plurality of selected vulnerabilities, wherein each of the plurality of selected vulnerabilities is contained in the set of the plurality of raw vulnerabilities;
selecting, for each of the plurality of selected vulnerabilities, a selected report element, wherein each selected report element is selected, based on the report recipient, from a plurality of report elements that corresponds to the selected vulnerability;
wherein the selected report elements are included in a report; and
transmitting the report to the report recipient. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of generating a report comprising:
-
receiving generic vulnerability data;
determining a plurality of raw vulnerabilities based on comparison of the generic vulnerability data with stored raw data, wherein the stored raw data comprise test results;
selecting, based on a report recipient, a plurality of selected vulnerabilities, wherein each of the plurality of selected vulnerabilities is contained in the set of the plurality of raw vulnerabilities;
selecting, for each of the plurality of selected vulnerabilities, a selected report element, wherein each selected report element is selected, based on the report recipient, from a plurality of report elements that corresponds to the selected vulnerability;
wherein the selected report elements are included in a report; and
transmitting the report to the report recipient. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A method of generating a report comprising:
-
specifying an attack;
ascertaining an attack footprint, wherein detection of the attack footprint by a collective device indicates at least a likelihood that the attack has been executed;
estimating an activity level for the attack among computing devices connected to a network based on prevalence of attack footprints on the network;
creating a report including the estimated activity level for the specified attack;
transmitting the report to a report recipient, wherein the system of the report recipient is vulnerable to the specified attack. - View Dependent Claims (23, 24)
-
Specification