System and method of verifying security best practices
First Claim
1. A computer system, comprising:
- a plurality of computers;
a master test engine configured to request that a test be conducted regarding a security practice of the plurality of computers; and
a plurality of local test engines, at least one each associated with each the plurality of computers, each of the local test engines being configured to conduct the test.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for verifying security best practices on a computer or for multiple computers on a network. A master test engine drives the verification process. The master test engine accesses a primary manifest data file which describes verification tests to be performed by each of the computers to be tested. To execute the tests within the primary manifest data file, one or more test executables are created. The text executables are run by local test engines which are located on each one of the computers on which tests are conducted. The local test engines drive the security tests on the computers, and access locally stored manifest data files, which are created and updated via the primary manifest data file.
-
Citations
22 Claims
-
1. A computer system, comprising:
-
a plurality of computers;
a master test engine configured to request that a test be conducted regarding a security practice of the plurality of computers; and
a plurality of local test engines, at least one each associated with each the plurality of computers, each of the local test engines being configured to conduct the test. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer-readable medium having computer-executable instructions comprising:
-
accessing a test to be run to verify a security practice on a computer;
executing the test on the computer to create a result; and
creating a portable results file including the result. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A method verifying security practices for a plurality of computers, comprising:
-
maintaining information in a data manifest about tests for verifying the security practices of the plurality of computers;
providing tests for verifying the security practices to the plurality of computers based upon the information;
receiving a call to update the information in the data manifest; and
updating the information in the data manifest in accordance with the call. - View Dependent Claims (20, 21, 22)
-
Specification