ANTI-VULNERABILITY SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT
First Claim
1. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
- code for;
accessing at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, such that;
each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, andeach mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option;
code for;
displaying at least one mitigation technique in connection with at least one vulnerability to be applied as an attack response, andreceiving user input for selecting the at least one mitigation technique in connection with the at least one vulnerability; and
code for;
receiving information in connection with at least one of a plurality of devices, andidentifying a particular attack in connection with the at least one device that takes advantage of the at least one vulnerability, based on the information;
wherein the computer program product is operable such that, as a result of the user input for selecting the at least one mitigation technique in connection with the at least one vulnerability, the particular attack is prevented from taking advantage of the at least one vulnerability, while there is no update at the at least one of the device that removes the at least one vulnerability from the at least one device.
0 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product are provided for accessing at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, such that: each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option. Further, the system, method, and computer program product are provided for displaying at least one mitigation technique in connection with at least one vulnerability to be applied as an attack response, and receiving user input for selecting the at least one mitigation technique in connection with the at least one vulnerability.
-
Citations
20 Claims
-
1. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
-
code for; accessing at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, such that; each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option; code for; displaying at least one mitigation technique in connection with at least one vulnerability to be applied as an attack response, and receiving user input for selecting the at least one mitigation technique in connection with the at least one vulnerability; and code for; receiving information in connection with at least one of a plurality of devices, and identifying a particular attack in connection with the at least one device that takes advantage of the at least one vulnerability, based on the information; wherein the computer program product is operable such that, as a result of the user input for selecting the at least one mitigation technique in connection with the at least one vulnerability, the particular attack is prevented from taking advantage of the at least one vulnerability, while there is no update at the at least one of the device that removes the at least one vulnerability from the at least one device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
-
code for; accessing at least one data structure identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, such that; each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option; code for; receiving information in connection with at least one of a plurality of devices; and identifying an attack on the at least one device that takes advantage of at least one of the vulnerabilities, based on the information; code for; automatically applying at least two of the plurality of mitigation techniques including at least one first mitigation technique of a first mitigation type and at least one second mitigation technique of a second mitigation type to the at least one device, in response to the attack for mitigating the attack; wherein the computer program product is operable such that the attack is mitigated by preventing the attack from taking advantage of the at least one vulnerability, while there is no update at the at least one of the device that removes the at least one vulnerability from the at least one device.
-
-
20. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
-
at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities associated with an operating system identified in connection with at least one of a plurality of devices, such that; each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option; code for; displaying at least two of the mitigation techniques in connection with at least one vulnerability, and receiving at least one user input in connection with the at least two mitigation techniques; code for; automatically applying the at least two mitigation techniques based on the user input, the at least two mitigation techniques including; at least one first mitigation technique for utilizing a firewall for attack mitigation, and at least one second mitigation technique for utilizing an intrusion prevention system for attack mitigation; and code for; receiving information in connection with the at least one device, and identifying a particular attack in connection with the at least one device that takes advantage of the at least one vulnerability, based on the information; wherein the computer program product is operable such that the attack is mitigated utilizing the first mitigation technique for utilizing the firewall for attack mitigation and the at least one second mitigation technique for second mitigation technique for utilizing the intrusion prevention system for attack mitigation, regardless of whether there is no update at the at least one of the device that removes the at least one vulnerability from the at least one device.
-
Specification