Enterprise Information Security Management Software For Prediction Modeling With Interactive Graphs

US 20100275263A1
Filed: 04/26/2010
Published: 10/28/2010
Est. Priority Date: 04/24/2009
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving security assessment information for information technology assets of an organization, the security assessment information being representative of an existing risk exposure of the organization;

presenting the security assessment information to a user for the user to alter;

receiving altered security assessment information from the user, the altered security assessment information being representative of a hypothetical risk exposure of the organization;

determining first and second data points, wherein the first data point is determined using the security assessment information and is representative of the existing risk exposure, and the second data point is determined using the altered security assessment information and is representative of the hypothetical risk exposure; and

displaying a graph on an electronic screen and animating a plurality of successive visual representations in the graph, wherein an initial visual representation indicates the first data point, a final visual representation indicates the second data point, and the graph comprises a background comprising a first region having a first color and a second region having a second color, different from the first color.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various baseline security measurements of assets are collected and calculated by the system. A user creates a what-if scenario by changing one or more baseline security measurements. The system generates interactive, animated graphs that compare the baseline security measurements against the what-if scenario.

Citations

18 Claims

1. A method comprising:
- receiving security assessment information for information technology assets of an organization, the security assessment information being representative of an existing risk exposure of the organization;
  
  presenting the security assessment information to a user for the user to alter;
  
  receiving altered security assessment information from the user, the altered security assessment information being representative of a hypothetical risk exposure of the organization;
  
  determining first and second data points, wherein the first data point is determined using the security assessment information and is representative of the existing risk exposure, and the second data point is determined using the altered security assessment information and is representative of the hypothetical risk exposure; and
  
  displaying a graph on an electronic screen and animating a plurality of successive visual representations in the graph, wherein an initial visual representation indicates the first data point, a final visual representation indicates the second data point, and the graph comprises a background comprising a first region having a first color and a second region having a second color, different from the first color.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein the background comprises a third region having a third color, different from the second and first colors.
  - 3. The method of claim 1 wherein the visual representations are bubbles.
  - 4. The method of claim 1 wherein a line drawn from the initial visual representation to the final visual representation that has a positive slope indicates an increasing amount of risk.
  - 5. The method of claim 1 wherein when the initial visual representation is superimposed over the first region having the first color and the final visual representation is superimposed over the second region having the second color, the organization'"'"'s risk exposure has increased.
  - 6. The method of claim 1 wherein when the initial visual representation is superimposed over the second region having the second color and the final visual representation is superimposed over the first region having the first color, the organization'"'"'s risk exposure has decreased.
  - 7. The method of claim 1 wherein during the animating a plurality of successive visual representations in the graph, the first color of the first region remains constant.
  - 8. The method of claim 1 wherein the information technology assets comprise at least one of a server, a desktop computer, or a laptop computer.
  - 9. The method of claim 1 wherein the receiving security assessment information for information technology assets comprises receiving an impact evaluation and a likelihood evaluation for an asset, wherein the likelihood evaluation indicates a probability of an event occurring and the impact evaluation indicates a degree of disruption to the organization if the event occurs.
  - 10. The method of claim 1 wherein the security assessment information comprises actual cost expenditures for protecting the information technology assets and the altered security assessment information comprises hypothetical cost expenditures for protecting the information technology assets.

11. A method comprising:
- in a computer screen, providing a first portion of the screen with a plurality of user-adjustable options;
  
  in the computer screen, providing a second portion of the screen with a graph having a first axis, a second axis, and a background comprising a first region having a first color and a second region having a second color, different from the first color,wherein a first shortest distance between the first axis and a first edge of the first region is from the first axis to a leftmost edge of the first region, a second shortest distance between the second axis and a second edge of the first region is from the second axis to a bottommost edge of the first region, and the first region is between the second region and first and second axes; and
  
  after a first user-selectable option is selected, animating a first plurality of visual representations in the graph.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The method of claim 11 wherein the leftmost edge of the first region abuts the first axis and the bottommost edge of the first region abuts the second axis.
  - 13. The method of claim 11 wherein an area of the first region is greater than an area of the second region.
  - 14. The method of claim 11 wherein the background comprises a third region having a third color, different from the first and second colors.
  - 15. The method of claim 14 wherein the second region is between the first and third regions.
  - 16. The method of claim 14 wherein each of the first plurality of visual representations comprises a circle.
  - 17. The method of claim 11 comprising:
    - upon a user selecting one of the first plurality of visual representations in the graph, displaying in the computer screen information associated with the selected visual representation.
  - 18. The method of claim 11 wherein the first plurality of visual representations represents assets of a first type and the after a first user-selectable option is selected comprises:
    - determining whether a filter to filter assets of a second type, different from the first type, has been selected;
      
      when it is determined the filter has not been selected, animating a second plurality of visual representations in the graph, wherein the second plurality of visual representations represents assets of the second type; and
      
      when it is determined the filter has been selected, not animating the second plurality of visual representations.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Allgress, Inc.
Original Assignee
Allgress, Inc.
Inventors
Bennett, Jeff, Tang, William, Stager, Mike, Shevlin, Gordon

Granted Patent

US 8,516,594 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06T 11/001   Texturing; Colouring; Gener...

G06T 11/206   Drawing of charts or graphs

Enterprise Information Security Management Software For Prediction Modeling With Interactive Graphs

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Enterprise Information Security Management Software For Prediction Modeling With Interactive Graphs

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links