ANTI-VULNERABILITY SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT
0 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product are provided for receiving actual vulnerability information from at least one first data storage that is generated utilizing potential vulnerability information from at least one second data storage. The actual vulnerability information is generated utilizing the potential vulnerability information. Further, the actual vulnerability information from the at least one first data storage is capable of identifying the plurality of actual vulnerabilities to which the plurality of networked computers are actually vulnerable. In use, an action may be caused to be automatically completed in connection with at least one of the networked devices.
6 Citations
22 Claims
-
1-2. -2. (canceled)
-
3. A computer program product embodied on a non-transitory computer readable medium, comprising:
-
code for deploying at least one client agent to at least one of a plurality of devices, the at least one client agent being capable of both identifying a plurality of aspects of the at least one device that are the bases for a plurality of weaknesses and applying a plurality of remediation techniques that remediate the weaknesses based on at least one data structure identifying the remediation techniques that remediate the weaknesses, where; each of at least a portion of the remediation techniques remediates at least one of the plurality of weaknesses; each of at least a portion of the remediation techniques has a remediation type including at least one of installation of software, a policy setting, or a configuration; said at least one data structure identifies; a first remediation technique that remediates a first particular weakness by automatically installing software for at least mitigating the first particular weakness, a second remediation technique that remediates a second particular weakness by automatically affecting a service for at least mitigating the second particular weakness, and a third remediation technique that remediates a third particular weakness by automatically changing a configuration or policy setting for at least mitigating the third particular weakness; and code for; identifying at least one first aspect of the at least one device that is a basis for the first particular weakness, utilizing the at least one client agent, determining whether the at least one device is subject to the first particular weakness, based on the at least one first aspect of the at least one device and the at least one data structure, conditionally applying the first remediation technique to the at least one device by automatically installing the software for at least mitigating the first particular weakness utilizing the at least one client agent, based on the determination whether the at least one device is subject to the first particular weakness, reporting to at least one server, utilizing the at least one client agent, first information relating to the application of the first remediation technique including an indication of whether the software was installed for at least mitigating the first particular weakness, identifying at least one second aspect of the at least one device that is a basis for the second particular weakness, utilizing the at least one client agent, determining whether the at least one device is subject to the second particular weakness, based on the at least one second aspect of the at least one device and the at least one data structure, conditionally applying the second remediation technique to the at least one device by automatically affecting the service for at least mitigating the second particular weakness utilizing the at least one client agent, based on the determination whether the at least one device is subject to the second particular weakness, reporting to the at least one server, utilizing the at least one client agent, second information relating to the application of the second remediation technique including an indication of whether the service was affected for at least mitigating the second particular weakness, identifying at least one third aspect of the at least one device that is a basis for the third particular weakness, utilizing the at least one client agent, determining whether the at least one device is subject to the third particular weakness, based on the at least one third aspect of the at least one device and the at least one data structure, conditionally applying the third remediation technique to the at least one device by automatically changing the configuration or policy setting for at least mitigating the third particular weakness utilizing the at least one client agent, based on the determination whether the at least one device is subject to the third particular weakness, and reporting to the at least one server, utilizing the at least one client agent, third information relating to the application of the third remediation technique including an indication of whether the configuration or policy setting was changed for at least mitigating the third particular weakness. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product embodied on a non-transitory computer readable medium, comprising:
-
code for deploying a single client agent to at least one of a plurality of devices, the single client agent being capable of both identifying a plurality of aspects of the at least one device that are the bases for a plurality of weaknesses and applying a plurality of remediation techniques that remediate the weaknesses based on at least one data structure residing at the at least one device and identifying the remediation techniques that remediate the weaknesses, where; each of at least a portion of the remediation techniques remediates at least one of the plurality of weaknesses; each of at least a portion of the remediation techniques has a remediation type including at least one of installation of software, a policy setting, or a configuration; said at least one data structure identifies; a first remediation technique that remediates a first particular weakness by automatically installing software for at least mitigating the first particular weakness, a second remediation technique that remediates a second particular weakness by automatically affecting a service for at least mitigating the second particular weakness, and a third remediation technique that remediates a third particular weakness by automatically changing a configuration or policy setting for at least mitigating the third particular weakness; and code for; identifying at least one of a first aspect, a second aspect, or a third aspect of the at least one device that is a basis for at least one of the first particular weakness, the second particular weakness, or the third particular weakness, utilizing the single client agent, determining whether the at least one device is subject to at least one of the first particular weakness, the second particular weakness, or the third particular weakness, based on the at least one data structure and at least one of the first aspect, the second aspect, or the third aspect of the at least one device, conditionally applying at least one of the first remediation technique, the second remediation technique, or the third remediation technique to the at least one device, utilizing the single client agent, based on the determination whether the at least one device is subject to the at least one of the first particular weakness, the second particular weakness, or the third particular weakness, and reporting to at least one server, utilizing the single client agent, at least one of first information relating to the application of the first remediation technique, second information relating to the application of the second remediation technique, or third information relating to the application of the third remediation technique. - View Dependent Claims (20)
-
-
21. A computer program product embodied on a non-transitory computer readable medium, comprising:
-
single client agent code capable of both identifying a plurality of aspects of at least one of a plurality of devices that are the bases for a plurality of weaknesses and applying a plurality of remediation techniques that remediate the weaknesses based on at least one data structure identifying the remediation techniques that remediate the weaknesses, where; each of at least a portion of the remediation techniques remediates at least one of the plurality of weaknesses; each of at least a portion of the remediation techniques has a remediation type including at least one of installation of software, a policy setting, or a configuration; said at least one data structure identifies; a first remediation technique that remediates a first particular weakness by automatically installing software for at least mitigating the first particular weakness, a second remediation technique that remediates a second particular weakness by automatically affecting a service for at least mitigating the second particular weakness, and a third remediation technique that remediates a third particular weakness by automatically changing a configuration or policy setting for at least mitigating the third particular weakness; wherein the single client agent code is further operable for; identifying at least one of a first aspect, a second aspect, or a third aspect of the at least one device that is a basis for at least one of the first particular weakness, the second particular weakness, or the third particular weakness, determining whether the at least one device is subject to at least one of the first particular weakness, the second particular weakness, or the third particular weakness, based on the at least one data structure and at least one of the first aspect, the second aspect, or the third aspect of the at least one device, conditionally applying at least one of the first remediation technique, the second remediation technique, or the third remediation technique to the at least one device, based on the determination whether the at least one device is subject to the at least one of the first particular weakness, the second particular weakness, or the third particular weakness, and reporting to at least one server at least one of first information relating to the application of the first remediation technique, second information relating to the application of the second remediation technique, or third information relating to the application of the third remediation technique. - View Dependent Claims (22)
-
Specification