Combining assessment models and client targeting to identify network security vulnerabilities
First Claim
1. In a computing environment including a network, a method comprising:
- communicating with a first set of clients that are capable of self-assessment for security risks or security vulnerabilities, or self-assessment for both security risks and security vulnerabilities;
directing each client of the first set of clients to perform a self-assessment;
obtaining a first set of data corresponding to the self-assessment results from each of the clients;
performing a remote assessment on a second set of clients that to obtain a second set of data corresponding to remote assessment results; and
using the first set of data and second set of data to determine security risks and security vulnerabilities in the network.
2 Assignments
0 Petitions
Accused Products
Abstract
Described is a technology for managing network security by having network clients that are capable of self-assessment assess themselves for security risks and/or security vulnerabilities. Other clients may be remotely assessed for security risks and/or security vulnerabilities. Assessments may include antimalware scans, vulnerability assessment, and/or port scans. The results of the self-assessments and remote assessments are combined into a data set (e.g., a view) indicative of the network security state. In this manner, for example, significant network resources are conserved by allowing those clients capable of self-assessment to assess themselves and thereafter only provide their self-assessment results. Clients capable of self-assessment may also be remotely assessed, to determine whether any discrepancies exist between their remote assessments and self-assessments. Clients may be discovered, along with their self-assessment capabilities, by network communication.
192 Citations
20 Claims
-
1. In a computing environment including a network, a method comprising:
-
communicating with a first set of clients that are capable of self-assessment for security risks or security vulnerabilities, or self-assessment for both security risks and security vulnerabilities; directing each client of the first set of clients to perform a self-assessment; obtaining a first set of data corresponding to the self-assessment results from each of the clients; performing a remote assessment on a second set of clients that to obtain a second set of data corresponding to remote assessment results; and using the first set of data and second set of data to determine security risks and security vulnerabilities in the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. In a computing environment including a network, a system comprising:
-
a security server; a server agent associated with the security server, the server agent coupled for communication with a first set of at least one client managed by the security system, each client of the first set configured with an agent for self-assessment with respect to determining any security risks or security vulnerabilities, or determining both security risks and security vulnerabilities; a remote assessment component associated with the security server, the remote assessment component coupled for communication with a second set of at least one client managed by the security system to perform a remote assessment with respect to determining any security risks or security vulnerabilities, or determining both security risks and security vulnerabilities; and a reporting mechanism associated with the security server that combines results of the self-assessment of each client of the first set with the results of the remote assessment of each client of the second set to provide a combined data set indicative of security risks or security vulnerabilities, or both security risks and security vulnerabilities, of the clients managed by the security system. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer-readable medium having computer-executable instructions, which when executed perform steps, comprising:
-
managing a first set of clients of a network that are capable of self-assessment to each self-assess for security risks or security vulnerabilities, or self-assess for both security risks and security vulnerabilities, and to obtain a first set of results corresponding to the self assessments; remotely assessing a second set of clients of the network for security risks or security vulnerabilities, or both security risks and security vulnerabilities, to obtain a second set of results corresponding to the remote assessments; and combining the first and second sets of results into a combined data set indicative of security risks or security vulnerabilities, or both security risks and security vulnerabilities, of the first and second sets of the clients of the network. - View Dependent Claims (17, 18, 19, 20)
-
Specification