MULTIPLE-PATH REMEDIATION
First Claim
1. A system, comprising:
- a database associating a plurality of device vulnerabilities to which computing devices can be subject, each vulnerability having a vulnerability identifier, with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities;
such that;
each of the device vulnerabilities is associated with at least one remediation technique;
each remediation technique associated with a particular device vulnerability remediates that particular vulnerability;
each remediation technique has a remediation type selected from the type group consisting of patch, policy setting, and configuration option; and
a first one of the device vulnerabilities is associated with at least two remediation techniques;
a query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and
a response signal, automatically generated in response to the query signal, that describes the at least two remediation techniques.
2 Assignments
0 Petitions
Accused Products
Abstract
A security information management system is described, wherein a database of potential vulnerabilities is maintained, along with data describing remediation techniques (patches, policy settings, and configuration options) available to protect against them. At least one vulnerability is associated in the database with multiple available remediation techniques. In one embodiment, the system presents a user with the list of remediation techniques available to protect against a known vulnerability, accepts the user'"'"'s selection from the list, and executes the selected technique. In other embodiments, the system uses a predetermined prioritization schedule to automatically select among the available remediation techniques, then automatically executes the selected technique.
-
Citations
27 Claims
-
1. A system, comprising:
-
a database associating a plurality of device vulnerabilities to which computing devices can be subject, each vulnerability having a vulnerability identifier, with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities;
such that;
each of the device vulnerabilities is associated with at least one remediation technique;
each remediation technique associated with a particular device vulnerability remediates that particular vulnerability;
each remediation technique has a remediation type selected from the type group consisting of patch, policy setting, and configuration option; and
a first one of the device vulnerabilities is associated with at least two remediation techniques;
a query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and
a response signal, automatically generated in response to the query signal, that describes the at least two remediation techniques. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method, comprising:
-
providing a database that associates a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein;
each vulnerability has a vulnerability identifier;
each vulnerability is associated with at least one remediation technique operable to remediate that particular vulnerability; and
each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option;
transmitting a query signal comprising the vulnerability identifier for a first device vulnerability; and
transmitting a response signal, automatically generated in response to the query signal, that describes at least two remediation techniques associated with the first device vulnerability. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method of managing one or more computing devices, comprising:
-
maintaining a table that;
contains a plurality of vulnerabilities to which the computing devices might be vulnerable;
contains a plurality of remediation techniques, each selected from the group consisting of patches, configuration settings, and policy settings; and
associates each vulnerability with one or more remediation techniques that are effective to protect at least one of the computing devices from the vulnerability, in which a first vulnerability in the plurality of vulnerabilities is associated with both a first remediation technique and a second remediation technique;
identifying a computing device that is vulnerable to the first vulnerability;
presenting the first remediation technique and the second remediation technique to a user as options via a user interface;
accepting user input via the user interface, wherein the user input selects at least one of the first remediation technique and the second remediation technique; and
automatically implementing the at least one selected remediation technique. - View Dependent Claims (13, 14)
-
-
15. A system, including:
-
a processor; and
software running on the processor that;
maintains a list of vulnerabilities to which a computer might be vulnerable;
maintains a collection of remediation techniques that collectively remediate all of the vulnerabilities on the list; and
keeps track of one or more remediation techniques that remediate each vulnerability on the list, wherein a first particular vulnerability on the list might be remediated by either a first remediation technique or a second remediation technique. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. An apparatus, comprising a device encoded with logic executable by one or more processors to manage one or more computing devices by associating a plurality of device vulnerabilities, to which the computing devices can be subject, with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities,
wherein: -
each vulnerability has a vulnerability identifier and is associated with at least one remediation technique;
each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option;
a first one of the device vulnerabilities is associated with at least two remediation techniques;
a query signal is sent to the device, the query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and
a response signal is sent from the device, the response signal being automatically generated in response to the query signal. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
Specification