NOTIFICATION SUBSYSTEM FOR GENERATING CONSOLIDATED, FILTERED, AND RELEVANT SECURITY RISK-BASED NOTIFICATIONS

US 20160234251A1
Filed: 09/30/2015
Published: 08/11/2016
Est. Priority Date: 02/06/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

discovering multiple devices in a computing system by a risk manager system;

grouping the multiple devices into multiple security zones by the risk manager system;

generating a risk value identifying at least one cyber-security risk of the devices for one of the security zones by the risk manager system;

comparing the risk value to a threshold by the risk manager system; and

automatically generating a notification for one or more users by the risk manager system when the risk value violates the threshold.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure provides a notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications. A method includes discovering multiple devices in a computing system. The method includes grouping the multiple devices into multiple security zones. The method includes generating a risk value identifying at least one cyber-security risk of the devices for one of the security zones. The method includes comparing the risk value to a threshold. The method includes automatically generating a notification for one or more users when the risk value violates the threshold.

Citations

20 Claims

1. A method comprising:
- discovering multiple devices in a computing system by a risk manager system;
  
  grouping the multiple devices into multiple security zones by the risk manager system;
  
  generating a risk value identifying at least one cyber-security risk of the devices for one of the security zones by the risk manager system;
  
  comparing the risk value to a threshold by the risk manager system; and
  
  automatically generating a notification for one or more users by the risk manager system when the risk value violates the threshold.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein discovering multiple devices is performed by a data collection component.
  - 3. The method of claim 1, wherein grouping the multiple devices into multiple security zones is performed by a rules engine.
  - 4. The method of claim 1, wherein grouping the multiple devices into multiple security zones is performed using a risk management database that stores rules and data identifying the cyber-security risks.
  - 5. The method of claim 1, wherein generating the risk value is performed for each security zone, and includes generating a respective risk value identifying at least one cyber-security risk of the devices in each respective security zone.
  - 6. The method of claim 1, wherein the notification is a System Center Operations Manager notification event.
  - 7. The method of claim 1, wherein the notification is transmitted to the one or more users according to a notification recipient list.

8. A risk manager system comprising:
- a controller; and
  
  a display, the risk manager system configured todiscover multiple devices in a computing system;
  
  group the multiple devices into multiple security zones;
  
  generate a risk value identifying at least one cyber-security risk of the devices for one of the security zones;
  
  compare the risk value to a threshold; and
  
  automatically generate a notification for one or more users when the risk value violates the threshold.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The risk manager system of claim 8, wherein discovering multiple devices is performed by a data collection component.
  - 10. The risk manager system of claim 8, wherein grouping the multiple devices into multiple security zones is performed by a rules engine.
  - 11. The risk manager system of claim 8, wherein grouping the multiple devices into multiple security zones is performed using a risk management database that stores rules and data identifying the cyber-security risks.
  - 12. The risk manager system of claim 8, wherein generating the risk value is performed for each security zone, and includes generating a respective risk value identifying at least one cyber-security risk of the devices in each respective security zone.
  - 13. The risk manager system of claim 8, wherein the notification is a System Center Operations Manager notification event.
  - 14. The risk manager system of claim 8, wherein the notification is transmitted to the one or more users according to a notification recipient list.

15. A non-transitory machine-readable medium encoded with executable instructions that, when executed, cause one or more processors of a risk management system to:
- discover multiple devices in a computing system;
  
  group the multiple devices into multiple security zones;
  
  generate a risk value identifying at least one cyber-security risk of the devices for one of the security zones;
  
  compare the risk value to a threshold; and
  
  automatically generate a notification for one or more users when the risk value violates the threshold.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory machine-readable medium of claim 15, wherein discovering multiple devices is performed by a data collection component.
  - 17. The non-transitory machine-readable medium of claim 15, wherein grouping the multiple devices into multiple security zones is performed by a rules engine.
  - 18. The non-transitory machine-readable medium of claim 15, wherein grouping the multiple devices into multiple security zones is performed using a risk management database that stores rules and data identifying the cyber-security risks.
  - 19. The non-transitory machine-readable medium of claim 15, wherein generating the risk value is performed for each security zone, and includes generating a respective risk value identifying at least one cyber-security risk of the devices in each respective security zone.
  - 20. The non-transitory machine-readable medium of claim 15, wherein the notification is a System Center Operations Manager notification event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Boice, Eric T., Kaakani, Ziad M., Carpenter, Seth G.

Granted Patent

US 10,075,474 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 41/12   Discovery or management of ...

H04L 63/02   for separating internal fro...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

NOTIFICATION SUBSYSTEM FOR GENERATING CONSOLIDATED, FILTERED, AND RELEVANT SECURITY RISK-BASED NOTIFICATIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

NOTIFICATION SUBSYSTEM FOR GENERATING CONSOLIDATED, FILTERED, AND RELEVANT SECURITY RISK-BASED NOTIFICATIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links