Method and system for configuring and scheduling security audits of a computer network
1 Assignment
0 Petitions
Accused Products
Abstract
Managing the selection and scheduling of security audits run on a computing network. The computer network is surveyed by a security audit system to determine the function and relative importance of the elements in the network. Based on function and priority, a more thorough type of security audit is selected to run against each of the network elements by the security audit system. The security audit can also be automatically scheduled based on the information gathered from the survey. Once the system runs the security audit, a vulnerability assessment can be calculated for each element in the network. The vulnerability assessment can be presented in a format that facilitates interpretation and response by someone operating the system. The vulnerability assessment can also be used to configure and schedule future security audits.
-
Citations
45 Claims
-
1-12. -12. (canceled)
-
13. A computer-implemented method for configuring and scheduling a security audit of a computer network comprising the steps of:
-
conducting a discovery scan to identify an element of the computer network and assigning an asset value for the element, wherein the asset value indicates the relative importance of the element in the network;
configuring an audit scan to perform on the element;
scheduling a time to perform the audit scan on the element;
running the audit scan at the scheduled time on the element; and
calculating a security score for the element based on the audit scan by summing one or more vulnerabilities associated with the element. - View Dependent Claims (15, 16, 17, 19, 20)
-
-
14. (canceled)
-
18. (canceled)
-
21. (canceled)
-
22. A method for assessing the security of a network comprising the steps of:
-
receiving an initial scan identifying a network element and the function of the network element and assigning an asset value for the network element, wherein the asset value indicates the relative importance of the network element in the network;
selecting an audit scan to perform on the network element, the selection based on the initial scan, wherein the audit scan is broader than the initial scan;
scheduling the audit scan to perform on the network element;
performing the audit scan on the network element at the scheduled time;
receiving data from the selected audit scan of the network element; and
computing a security score for the network element from the selected audit scan by summing one or more vulnerabilities associated with the network element. - View Dependent Claims (23, 24, 26, 27)
-
-
25. (canceled)
-
28. (canceled)
-
29. (canceled)
-
30. A method for assessing the security of a network comprising the steps of:
-
receiving an initial scan identifying a network element and assigning an asset value for the network element, wherein the asset value indicates the relative importance of the network element;
selecting an audit scan to perform on the network element, said selection based on the initial scan;
performing the selected audit scan on the network;
receiving data from the selected audit scan of the network element; and
computing a security score for the network element from the selected audit scan by summing one or more vulnerabilities associated with the network element. - View Dependent Claims (31, 32, 33, 35, 36)
-
-
34. (canceled)
-
37. (canceled)
-
38. (canceled)
-
39. A system for configuring and scheduling a security audit of a computer network comprising:
-
the computer network;
a security audit system operable for conducting a discovery scan to identify an element of the computer network and assigning an asset value for the element, wherein the asset value indicates the relative importance of the element in the network, configuring and scheduling an audit scan of the element, and computing a security score for the network element from the selected audit scan by summing one or more vulnerabilities associated with the network element; and
a console operable for receiving information from the security audit system and transmitting information to the security audit system about the discovery scan and the audit scan. - View Dependent Claims (40, 41, 42, 43, 44, 45)
-
Specification