Method to generate a quantitative measurement of computer security vulnerabilities
First Claim
1. A system to measure the security risks to computer networks of one or more organizations, comprising:
- a. a plurality of computer security management systems, comprising;
i. a computer network;
ii. an Enterprise Server coupled to the computer network;
b. a collocation facility coupled to the plurality of computer security management systems; and
c. wherein the collocation facility receives information from at least one Enterprise Server related to security of the computer network, compares the information from the Enterprise Server against a standard, and generates a Laz score that measures the risk to the security of the computer network.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a system and method to provide a measurement of the risk that a computer network may have to computer security threats. The system includes a collocation facility that is coupled to a plurality of computer security management systems. Some or all of the vulnerability information is reported to the collocation facility. At the collocation facility, this information is compared to a standard. This comparison yields a number or other measurement of that organization'"'"'s risk in its computer security. The collocation facility can then report this measurement to any information user that wishes to know what the vulnerability is for that organization.
117 Citations
2 Claims
-
1. A system to measure the security risks to computer networks of one or more organizations, comprising:
-
a. a plurality of computer security management systems, comprising;
i. a computer network;
ii. an Enterprise Server coupled to the computer network;
b. a collocation facility coupled to the plurality of computer security management systems; and
c. wherein the collocation facility receives information from at least one Enterprise Server related to security of the computer network, compares the information from the Enterprise Server against a standard, and generates a Laz score that measures the risk to the security of the computer network.
-
-
2. A method to provide a measurement of the security of a computer network, comprising:
-
a. collecting information at an Enterprise Servers to create a Client Master File and other vulnerability information;
b. sending the client master file and other vulnerability information to a collocation facility;
c. receiving the client master file and other vulnerability information at the collocation facility;
d. comparing one or more items of vulnerability information in the client master file and other vulnerability information against a standard; and
e. generating a Laz score that reflects the comparison of the one or more items of vulnerability information in the client master file and other vulnerability information against a standard.
-
Specification
-
- Resources
-
Current AssigneeDemetrios Lazarikos, Troy T. Schumaker
-
Original AssigneeDemetrios Lazarikos, Troy T. Schumaker
-
InventorsLazarikos, Demetrios, Schumaker, Troy T.
-
Application NumberUS11/268,983Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current726/25CPC Class CodesG06F 21/577 Assessing vulnerabilities a...H04L 63/1433 Vulnerability analysis
