Automated evidence gathering
First Claim
Patent Images
1. A method comprising:
- receiving an instruction from a server at a target machine;
executing a pre-recorded action sequence in response to the received instruction to capture evidence data;
annotating the captured evidence data with meta-data; and
sending the annotated evidence data to the server from the target machine.
9 Assignments
0 Petitions
Accused Products
Abstract
Evidence gathering and analysis from networked machines can be automated and made policy-based. In one embodiment, the present invention includes, a networked machine receiving an instruction from a server to execute a pre-recorded action sequence designed to capture evidence data. The machine can annotate the captured evidence data with meta-data, and send the annotated evidence data to the server. The server can then perform analysis on the collected evidence data and present the evidence data and the analysis to an administrator.
-
Citations
21 Claims
-
1. A method comprising:
-
receiving an instruction from a server at a target machine;
executing a pre-recorded action sequence in response to the received instruction to capture evidence data;
annotating the captured evidence data with meta-data; and
sending the annotated evidence data to the server from the target machine. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method performed by a compliance management system comprising:
-
instructing a plurality of machines to gather evidence data by capturing screenshots of target views;
receiving the evidence data from the plurality of machines; and
storing the received evidence data. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A user interface comprising:
a policy editor to create and edit an evidence policy used to collect evidence data from a remote machine, the policy editor comprising graphic controls to record of an action sequence of keystrokes, mouse-clicks, and screenshots. - View Dependent Claims (15, 16)
-
17. A compliance management system comprising:
-
a network interface to send an instruction to a plurality of machines to gather evidence data by capturing screenshots of target views, and to receive the evidence data from the plurality of machines; and
a data store to store the received evidence data. - View Dependent Claims (18, 19, 20, 21)
-
Specification