VULNERABILITY AND REMEDIATION DATABASE
First Claim
Patent Images
1. A remediation system, comprising:
- a database comprising a remediation table listing a plurality of remediation techniques; and
a vulnerabilities table listing a plurality of vulnerabilities, each having an identifier, and each being associated with at least one of the plurality of remediation techniques;
wherein a first remediation technique includes application of a software patch, a second remediation technique includes changing a system policy setting, and a third remediation technique includes changing a configuration registry setting;
a query signal comprising a first vulnerability identifier; and
a response signal, automatically generated in response to the query signal that communicates at least one remediation technique associated with a vulnerability that has the first vulnerability identifier.
2 Assignments
0 Petitions
Accused Products
Abstract
A security information management system is described, wherein client-side devices preferably collect and monitor information describing the operating system, software, and patches installed on the device(s), as well as configuration thereof. A database of this information is maintained, along with data describing vulnerabilities of available software and associated remediation techniques available for it. The remediation techniques in the database include some that apply software patches, some that change the device'"'"'s policy settings, and some that change one of the device'"'"'s configuration files or registry.
240 Citations
19 Claims
-
1. A remediation system, comprising:
-
a database comprising a remediation table listing a plurality of remediation techniques; and
a vulnerabilities table listing a plurality of vulnerabilities, each having an identifier, and each being associated with at least one of the plurality of remediation techniques;
wherein a first remediation technique includes application of a software patch, a second remediation technique includes changing a system policy setting, and a third remediation technique includes changing a configuration registry setting;
a query signal comprising a first vulnerability identifier; and
a response signal, automatically generated in response to the query signal that communicates at least one remediation technique associated with a vulnerability that has the first vulnerability identifier. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
-
-
2. In a system for remediating computing device vulnerabilities, wherein the system has a list of possible vulnerabilities and applicable remediation techniques, the improvement comprising:
-
a first remediation technique identifies a software patch that remediates a first vulnerability;
a second remediation technique identifies a policy change that remediates a second vulnerability; and
a third remediation technique identifies configuration registry change that remediates a third vulnerability. - View Dependent Claims (13, 14, 15)
-
-
3. An apparatus comprising a database that stores:
-
configuration information for each of a plurality of computing devices connected to a network, where the configuration information includes one or more installed operating system components, software applications, operating system and software patches, and security policy items;
a plurality of possible vulnerability exposures; and
a plurality of remediation techniques for the possible vulnerability exposures;
wherein the configuration information is retrieved from a source that is selected from the group consisting of software agents and a security server. - View Dependent Claims (4, 16, 17, 18, 19)
-
Specification