METHOD AND SYSTEM FOR IMPROVING SECURITY AND RELIABILITY IN A NETWORKED APPLICATION ENVIRONMENT
First Claim
1. A computer-implemented method for managing a distributed computing architecture, the method comprising:
- discovering a resource within the distributed computing architecture;
determining a classification for the resource based on one or more classification criteria;
determining whether the classification corresponds to a record within a database; and
if the classification corresponds to a record within the database, then incrementing a counter associated with the record;
orif the classification does not correspond to a record within the database, theninitializing another record within the database that corresponds to the classification; and
initializing another counter associated with the another record.
1 Assignment
0 Petitions
Accused Products
Abstract
A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database. The security application scans a distributed computing architecture for the existence of security certificates, places newly discovered security certificates in a database, and deletes outdated security certificates. Advantageously, security and reliability are improved in a distributed computing architecture.
-
Citations
25 Claims
-
1. A computer-implemented method for managing a distributed computing architecture, the method comprising:
-
discovering a resource within the distributed computing architecture; determining a classification for the resource based on one or more classification criteria; determining whether the classification corresponds to a record within a database; and if the classification corresponds to a record within the database, then incrementing a counter associated with the record;
orif the classification does not correspond to a record within the database, then initializing another record within the database that corresponds to the classification; and initializing another counter associated with the another record. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-implemented method for managing a distributed computing architecture, the method comprising:
-
scanning a networked application within the distributed computing architecture for a security vulnerability; in response, detecting a first security vulnerability; comparing the first security vulnerability against a database that includes a listing of previously-discovered security vulnerabilities; and if the first security vulnerability is not listed within the database, then initializing a record within the database that corresponds to the first security vulnerability;
orif the first security vulnerability is listed within the database, then updating the record within the database that corresponds to the first security vulnerability to indicate that the first security vulnerability was detected. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer-implemented method for managing a distributed computing architecture, the method comprising:
-
discovering an access control list (ACL) within the distributed computing architecture; determining whether the ACL corresponds to a first record within a database; and if the ACL corresponds to a record within the database, then determining that a configuration of the ACL differs from a configuration of the record; and initializing another record within the database that corresponds to the record and has the configuration of the ACL;
orif the ACL does not correspond to a first record within the database, then initializing another record within the database that corresponds to the ACL and has the configuration of the ACL. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer-implemented method for managing a distributed computing architecture, the method comprising:
-
discovering a first security certificate within the distributed computing architecture that includes a first identifying label and an expiration date; comparing the first security certificate with a plurality of security certificates that resides within a storage repository; determining that the first security certificate corresponds to a second security certificate that resides within the storage repository; deleting the second security certificate from the storage repository; and storing the first security certificate within the storage repository. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
Specification