×

Computer-implemented method and device for providing security on a computer network

  • US 7,797,332 B1
  • Filed: 01/16/2007
  • Issued: 09/14/2010
  • Est. Priority Date: 01/17/2006
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the method comprising:

  • (A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key;

    (B) calculating a digital fingerprint from the key and the value according to a hash function;

    (C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein;

    the index includes digital fingerprints for a plurality of registry keyword value sets;

    each registry keyword value set is associated with at least one machine identifier;

    the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and

    the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including;

    a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key;

    a machine identifier corresponding to the respective computer storing the registry; and

    the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function;

    (D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria;

    (E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein;

    the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and

    the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and

    executing the specified remediation process on each computer assessed as having the vulnerability.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×