Method and system for configuring and scheduling security audits of a computer network
First Claim
1. A computer-implemented method for configuring and scheduling a security audit of a computer network comprising the steps of:
- conducting a discovery scan to identify an element of the computer network and determine the element'"'"'s functions and assigning an asset value for the element wherein the asset value indicates the relative importance of the element in the network;
configuring an audit scan to perform on the element, wherein the audit scan is a broader scan than the discovery scan;
scheduling a time to perform the audit scan on the element;
running the audit scan of the element at the scheduled time;
calculating a security score for the element based on the audit scan by summing one or more vulnerabilities associated with the element; and
scheduling another time to repeat the audit scan on the element, the scheduling based on the results of the audit scan and the security score.
4 Assignments
0 Petitions
Accused Products
Abstract
Managing the selection and scheduling of security audits run on a computing network. The computer network is surveyed by a security audit system to determine the function and relative importance of the elements in the network. Based on function and priority, a more thorough type of security audit is selected to run against each of the network elements by the security audit system. The security audit can also be automatically scheduled based on the information gathered from the survey. Once the system runs the security audit, a vulnerability assessment can be calculated for each element in the network. The vulnerability assessment can be presented in a format that facilitates interpretation and response by someone operating the system. The vulnerability assessment can also be used to configure and schedule future security audits.
518 Citations
19 Claims
-
1. A computer-implemented method for configuring and scheduling a security audit of a computer network comprising the steps of:
-
conducting a discovery scan to identify an element of the computer network and determine the element'"'"'s functions and assigning an asset value for the element wherein the asset value indicates the relative importance of the element in the network; configuring an audit scan to perform on the element, wherein the audit scan is a broader scan than the discovery scan; scheduling a time to perform the audit scan on the element; running the audit scan of the element at the scheduled time; calculating a security score for the element based on the audit scan by summing one or more vulnerabilities associated with the element; and scheduling another time to repeat the audit scan on the element, the scheduling based on the results of the audit scan and the security score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer prepare product for implementing security for a computing device, said computer program product comprising:
-
a computer readable medium having encoded therein; first program instructions to conduct a discovery scan to identify an element of the computer network and determine the element'"'"'s functions and assign an asset value for the element, wherein the asset value indicates the relative importance of the element in the network; second program instructions to configure an audit scan to perform on the element, wherein the audit scan is a broader scan than the discovery scan; third program instructions to schedule a time to perform the audit scan on the element; fourth program instructions to run the audit scan of the element at the scheduled time; fifth program instructions to calculate a security score for the element based on the audit scan by summing one or more vulnerabilities associated with the element; and sixth program instructions to schedule another time to repeat the audit scan on the element, the scheduling based on the results of the audit scan and the security score. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
Specification