Security vulnerability monitor

US 20050005152A1
Filed: 07/01/2003
Published: 01/06/2005
Est. Priority Date: 07/01/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

(a) receiving a security vulnerability alert associated with a software application; and

(b) determining whether said software application is resident on a device.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for automatically determining whether a security vulnerability alert is relevant to a device (e.g., personal computer, server, personal digital assistant [PDA], etc.), and automatically retrieving the associated software patches for relevant alerts, are disclosed. The illustrative embodiment intelligently determines whether the software application specified by a security vulnerability alert is resident on the device, whether the version of the software application on the device matches that of the security vulnerability alert, and whether the device'"'"'s hardware platform and operating system match those of the security vulnerability alert.

Citations

20 Claims

1. A method comprising:
- (a) receiving a security vulnerability alert associated with a software application; and
  
  (b) determining whether said software application is resident on a device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein (b) comprises consulting a software installation manager for said device.
  - 3. The method of claim 1 wherein (b) comprises consulting a registry for said device.
  - 4. The method of claim 1 wherein (b) comprises searching a file system of said device.
  - 5. The method of claim 4 wherein (b) also comprises performing a text-based scan of a file to determine the version of a software application on said device.
  - 6. The method of claim 4 wherein (b) also comprises executing a file in a sandbox to determine the version of a software application on said device.
  - 7. The method of claim 1 further comprising notifying a user of said security vulnerability alert when said software application is resident on said device.
  - 8. The method of claim 1 further comprising storing said security vulnerability alert in a database.
  - 9. The method of claim 1 further comprising notifying a user about a software patch associated with said security vulnerability alert when said software application is resident on said device.
  - 10. The method of claim 1 further comprising retrieving a software patch associated with said security vulnerability alert when said software application is resident on said device.
  - 11. The method of claim 10 further comprising installing said software patch on said device.

12. A method comprising:
- (a) receiving a request to install a software application on a device; and
  
  (b) querying a database for security vulnerability alerts for said software application.
- View Dependent Claims (13, 14)
- - 13. The method of claim 12 further comprising:
    - installing said software application on said device; and
      
      installing a software patch on said device when (b) returns a security vulnerability alert.
  - 14. The method of claim 13 further comprising retrieving said software patch.

15. A method comprising:
- (a) ascertaining what software applications are resident on a device; and
  
  (b) querying a database for security vulnerability alerts for said software applications.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15 further comprising installing a software patch when (b) returns a security vulnerability alert.
  - 17. The method of claim 16 further comprising retrieving said software patch.
  - 18. The method of claim 15 wherein (a) comprises consulting a software installation manager for said device.
  - 19. The method of claim 15 wherein (a) comprises consulting a registry for said device.
  - 20. The method of claim 15 wherein (a) comprises searching a file system of said device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Tsai, Timothy Kohchih, Singh, Navjot

Application Number

US10/611,264
Publication Number

US 20050005152A1
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/554 involving event detection a...

G06F 21/577 Assessing vulnerabilities a...

Security vulnerability monitor

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security vulnerability monitor

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links