SYSTEM AND METHOD FOR IDENTIFYING NETWORK SECURITY THREATS AND ASSESSING NETWORK SECURITY
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method of security assessment of a network is described. The system may include one or more security assessment computers controlled by a security assessor, and connected to a network, and first executable program code for acting as an agent on a first end device on the network. The first executable program code is configured to be executed by a browser application of the first end device, and is configured to collect software information, hardware information, and/or vulnerability information of the first end device and transmit the same to a first security assessment computer of the one or more security assessment computers. The information may be transmitted as part of a domain name server (DNS) request. The DNS request may include information identifying the first end device to thus allow modification of the first end device in response to analysis of the collected information.
42 Citations
21 Claims
- 1. (canceled)
-
2. A method for security assessment of a computer network, the method comprising:
-
transmitting a first executable program code from a security assessor that controls one or more security assessment computers on a network to a first end device on the network, the first executable program code for acting as an agent on the first end device, and the first executable program code configured to be executed by a browser application of the first end device, wherein the first executable program code is configured to collect software and/or hardware attribute information regarding the first end device and transmit the same to at least a first security assessment computer of the one or more security assessment computers. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
-
-
13. A method for security assessment of a computer network, the method comprising:
-
receiving a first executable program code at a first end device on the computer network, the first executable program code for acting as an agent on the first end device, and the first executable program code configured to be executed by a browser application of the first end device; executing the first executable program code via the browser application to collect software and/or hardware attribute information regarding the first end device; and transmitting the software and/or hardware attribute information from the first end device to at least a first security assessment computer of a security assessor. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
loading a program code into a plurality of browsers at end user devices of an entity'"'"'s network; using the program code performing a vulnerability assessment that determines vulnerabilities of the entity'"'"'s network; based on the determined vulnerabilities, performing a set of security tests on the end user devices that include those vulnerabilities. - View Dependent Claims (20, 21)
-
Specification