Computer-implemented method and device for providing security on a computer network
First Claim
1. A computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the method comprising:
- (A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key;
(B) calculating a digital fingerprint from the key and the value according to a hash function;
(C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein;
the index includes digital fingerprints for a plurality of registry keyword value sets;
each registry keyword value set is associated with at least one machine identifier;
the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and
the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including;
a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key;
a machine identifier corresponding to the respective computer storing the registry; and
the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function;
(D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria;
(E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein;
the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and
the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and
executing the specified remediation process on each computer assessed as having the vulnerability.
2 Assignments
0 Petitions
Accused Products
Abstract
Documents can be searched for, and include a keyword value set, that is at least a key and a value corresponding to the key. The documents store (i) a machine identifier corresponding to the computer storing the document, and (ii) a digital fingerprint calculated from the keyword value set. The documents are indexed into a search index that includes digital fingerprints for the keyword value sets. The machine identifier includes a configuration, attributes and a name of the computer. Search criteria are received that specifies a keyword string including a key and a value corresponding to the key. A digital fingerprint is calculated from the key and the value. A search is conducted for documents which include the digital fingerprint, including referencing a search index having the digital fingerprint to locate the documents. Search results are returned and can indicate the documents and/or respective machine identifiers stored in the document(s).
-
Citations
12 Claims
-
1. A computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the method comprising:
-
(A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key; (B) calculating a digital fingerprint from the key and the value according to a hash function; (C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein; the index includes digital fingerprints for a plurality of registry keyword value sets; each registry keyword value set is associated with at least one machine identifier; the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including; a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key; a machine identifier corresponding to the respective computer storing the registry; and the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function; (D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria; (E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein; the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and executing the specified remediation process on each computer assessed as having the vulnerability. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-readable storage medium comprising instructions for execution by a computer, the instructions including a computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the instructions for implementing:
-
(A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key; (B) calculating a digital fingerprint from the key and the value according to a hash function; (C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein; the index includes digital fingerprints for a plurality of registry keyword value sets; each registry keyword value set is associated with at least one machine identifier; the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including; a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key; a machine identifier corresponding to the respective computer storing the registry; and the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function; (D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria; and (E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein; the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and executing the specified remediation process on each computer assessed as having the vulnerability. - View Dependent Claims (6, 7, 8)
-
-
9. A computer system for searching for specified information stored in documents on a plurality of computers in a communication network, the computer system comprising:
-
at least one processor; at least one memory device; (A) a search engine held in the at least one memory device and executable by the at least one processor, the search engine configured for (1) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key; (2) calculating a digital fingerprint from the key and the value according to the hash function; (3) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein; the index includes digital fingerprints for a plurality of registry keyword value sets; each registry keyword value set is associated with at least one machine identifier; the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including; a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key; a machine identifier corresponding to the respective computer storing the registry; and the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function; and (4) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria; and (B) a computer security component held in the at least one memory device and executable by the at least one processor for assessing each computer of the returned machine identifiers, the computer security component executable to; assess whether the configuration and attributes of the computer is associated with a vulnerability, wherein; the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and execute the specified remediation process on each computer assessed as having the vulnerability. - View Dependent Claims (10, 11, 12)
-
Specification