Security force automation
First Claim
1. An automated security monitoring and management framework comprising:
- (a) A central management center that provides visibility to an entire infrastructure and control of all modules in the framework;
(b) A security posture module that gathers hardware and software information into a centralized database;
(c) An auditing module that polls an environment for known security weaknesses;
(d) A threat analysis module that obtains and processes security advisories;
(e) An executive dashboard module for viewing overall network security health;
(f) A risk analysis module that provides predefined metrics to analyze system risks;
(g) A trouble ticketing module for the storage and tracking of current and historic security problems;
(h) A resolution module that analyzes and resolves problems in the infrastructure;
(i) A correlation engine module that compares data and ensures uniformity in the environment; and
(j) An incident discovery module that identifies techniques used by unauthorized persons in attempting to compromise a system.
0 Assignments
0 Petitions
Accused Products
Abstract
An automated security monitoring and management framework which mimics the mind of a seasoned security expert and which is designed to provide security management, governance and compliance with business context risk assessment is described. The framework comprises of a central management center and a plurality of modules, whereby said framework has the ability to incorporate all security mechanisms into one cohesive solution. Our approach in management eliminates the human factor providing consistent, repeatable and scalable result in the enterprise. It is an agent-less, vendor-agnostic framework that is constantly working to maintain security and governance. Moreover, said framework is capable of correlating alerts and events from disparate systems providing a global view of one'"'"'s security status, and hence acts as a system that helps in identifying the patterns of threats as they develop. The framework simulates the tasks of a security engineer and automates a day in the life cycle of a security engineer.
56 Citations
20 Claims
-
1. An automated security monitoring and management framework comprising:
-
(a) A central management center that provides visibility to an entire infrastructure and control of all modules in the framework;
(b) A security posture module that gathers hardware and software information into a centralized database;
(c) An auditing module that polls an environment for known security weaknesses;
(d) A threat analysis module that obtains and processes security advisories;
(e) An executive dashboard module for viewing overall network security health;
(f) A risk analysis module that provides predefined metrics to analyze system risks;
(g) A trouble ticketing module for the storage and tracking of current and historic security problems;
(h) A resolution module that analyzes and resolves problems in the infrastructure;
(i) A correlation engine module that compares data and ensures uniformity in the environment; and
(j) An incident discovery module that identifies techniques used by unauthorized persons in attempting to compromise a system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification