METHOD AND SYSTEM FOR IMPROVING SECURITY AND RELIABILITY IN A NETWORKED APPLICATION ENVIRONMENT
First Claim
1. A computer-implemented method, comprising:
- discovering a resource stored within at least one memory element included in a distributed computing architecture;
determining a classification for the resource based on one or more classification criteria;
determining whether the classification corresponds to a record within a database; and
if the classification corresponds to a record within the database, then;
incrementing a counter associated with the record;
orif the classification does not correspond to a record within the database, then;
initializing another record within the database that corresponds to the classification, andinitializing another counter associated with the another record.
1 Assignment
0 Petitions
Accused Products
Abstract
A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database. The security application scans a distributed computing architecture for the existence of security certificates, places newly discovered security certificates in a database, and deletes outdated security certificates. Advantageously, security and reliability are improved in a distributed computing architecture.
-
Citations
21 Claims
-
1. A computer-implemented method, comprising:
-
discovering a resource stored within at least one memory element included in a distributed computing architecture; determining a classification for the resource based on one or more classification criteria; determining whether the classification corresponds to a record within a database; and if the classification corresponds to a record within the database, then; incrementing a counter associated with the record;
orif the classification does not correspond to a record within the database, then; initializing another record within the database that corresponds to the classification, and initializing another counter associated with the another record. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium including instructions that, when executed by a processor, cause the processor to perform the steps of:
-
scanning a networked application stored within at least one memory element included in a distributed computing architecture to detect a first security vulnerability; comparing the first security vulnerability against a database that includes a listing of previously-discovered security vulnerabilities; and if the first security vulnerability is not listed within the database, then; initializing a record within the database that corresponds to the first security vulnerability;
orif the first security vulnerability is listed within the database, then; updating a record within the database that corresponds to the first security vulnerability to indicate that the first security vulnerability was detected. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An administration server, comprising:
-
a memory storing a security application; and a processor coupled to the memory, wherein, when executed by the processor, the security application configures the processor to; discover an access control list (ACL) stored within at least one memory element included in a distributed computing architecture; determine whether the ACL corresponds to a first record within a database; and if the ACL corresponds to a record within the database, then determine that a configuration of the ACL differs from a configuration of the record; and initialize another record within the database that corresponds to the record and has the configuration of the ACL;
orif the ACL does not correspond to a first record within the database, then initialize another record within the database that corresponds to the ACL and has the configuration of the ACL. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification