Network security visualization methods, apparatus and graphical user interfaces

US 7,890,869 B1
Filed: 06/12/2007
Issued: 02/15/2011
Est. Priority Date: 06/12/2006
Status: Active Grant

First Claim

Patent Images

1. A method for a computer system including a display comprising:

determining a plurality of security metrics associated with a plurality of servers within a network;

displaying a tree map on the display representing at least a portion of the network;

wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers;

wherein a size of shapes in the plurality of shapes are determined in response to a first security metric from the plurality of security metric associated with the servers;

wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the server; and

wherein the first security metric is selected from a group consisting of;

a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for a computer system including a display includes determining a plurality of security metrics associated with a plurality of servers within a network, displaying a tree map on the display representing at least a portion of the network, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers, wherein a size of shapes in the plurality of shapes are determined in response to a first security metric from the plurality of security metric associated with the servers, and wherein an appearance of the shapes are determined in response to a second security metric from the plurality of security metrics associated with the servers.

Citations

20 Claims

1. A method for a computer system including a display comprising:
- determining a plurality of security metrics associated with a plurality of servers within a network;
  
  displaying a tree map on the display representing at least a portion of the network;
  
  wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers;
  
  wherein a size of shapes in the plurality of shapes are determined in response to a first security metric from the plurality of security metric associated with the servers;
  
  wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the server; and
  
  wherein the first security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein the first security metric represents a change of a value with respect to time.
  - 3. The method of claim 1 further comprising:
    - receiving a selection of a shape from the plurality of shapes; and
      
      simultaneous with displaying the tree map, displaying configuration data associated with a server associated with the shape that was selected.
  - 4. The method of claim 1 further comprising displaying a histogram representing vulnerability certainty of the plurality of servers within the network.

5. A method for a computer system including a display comprising:
- determining a plurality of security metrics associated with a plurality of servers within a network;
  
  displaying a tree map on the display representing at least a portion of the network;
  
  wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers;
  
  wherein a size of shapes in the plurality of shapes are determined in response to a first security metric from the plurality of security metric associated with the servers;
  
  wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the server;
  
  wherein the appearance comprises color of a shape; and
  
  wherein the second security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.

6. A method for a computer system including a display comprising:
- determining a plurality of security metrics associated with a plurality of servers within a network;
  
  displaying a tree map on the display representing at least a portion of the network;
  
  receiving a selection of a shape from the plurality of shapes; and
  
  simultaneous with displaying the tree map, displaying configuration data associated with a server associated with the shape that was selected;
  
  wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers;
  
  wherein a size of shapes in the plurality of shapes are determined in response to a first security metric from the plurality of security metric associated with the servers;
  
  wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the server; and
  
  wherein the configuration data is selected from a group consisting of;
  
  vulnerability data, port data, application data, patch data, vulnerability certainty, business value, business value, exploitability, downstream risk.

7. A computer system comprising:
- a display device configured to generate a graphical user interface, the graphical user interface comprising;
  
  a first portion configured to display a tree map on the display device of the computer system representing at least a portion of a computer network including a plurality of server devices, wherein the portion of the network is associated with a plurality of security metrics, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of server devices, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metrics associated with the server devices, and wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers; and
  
  a second portion configured to display a textual display of security metrics from the plurality of security metrics on the display device;
  
  wherein the first security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.
- View Dependent Claims (8, 10, 11)
- - 8. The computer system of claim 7 further comprising a third portion configured to display a histogram representing vulnerability certainty of the plurality of servers within the network.
  - 10. The computer system of claim 7 further comprising user-selectable regions on the tree map;
    - wherein the graphical user interface also includes a third portion configured to display configuration data associated with a server associated with user-selected user-selectable regions.
  - 11. The computer system of claim 7 wherein the first security metric represents a change of a value with respect to time.

9. A computer system comprising:
- a display device configured to generate a graphical user interface, the graphical user interface comprising;
  
  a first portion configured to display a tree map on the display device of the computer system representing at least a portion of a computer network including a plurality of server devices, wherein the portion of the network is associated with a plurality of security metrics, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of server devices, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metrics associated with the server devices, and wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers; and
  
  a second portion configured to display a textual display of security metrics from the plurality of security metrics on the display device;
  
  wherein the appearance comprises color of a shape; and
  
  wherein the second security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.

12. A computer system comprising:
- a display device configured to generate a graphical user interface, the graphical user interface comprising;
  
  a first portion configured to display a tree map on the display device of the computer system representing at least a portion of a computer network including a plurality of server devices, wherein the portion of the network is associated with a plurality of security metrics, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of server devices, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metrics associated with the server devices, and wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers;
  
  said first portion being further configured to receive a selection of a shape from the plurality of shapes and, simultaneous with displaying the tree map, to display configuration data associated with a server associated with the shape that was selected; and
  
  a second portion configured to display a textual display of security metrics from the plurality of security metrics on the display device;
  
  wherein the configuration data is selected from a group consisting of;
  
  vulnerability data, port data, application data, patch data, vulnerability certainty, business value, business value, exploitability, and downstream risk.

13. A computer program product including computer-executable code resident on a tangible media comprising:
- code that directs the computer system to determine a plurality of security metrics associated with a plurality of servers within a network;
  
  code that directs the computer system to display a tree map on the display representing at least a portion of the network, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metric associated with the servers, and wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers;
  
  wherein the first security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.

14. A computer program product including computer-executable code resident on a tangible media comprising:
- code that directs the computer system to determine a plurality of security metrics associated with a plurality of servers within a network;
  
  code that directs the computer system to display a tree map on the display representing at least a portion of the network, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metric associated with the servers, and wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers;
  
  wherein the appearance comprises color of a shape; and
  
  wherein the second security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.

15. A computer program product including computer-executable code resident on a tangible media comprising:
- code that directs the computer system to determine a plurality of security metrics associated with a plurality of servers within a network;
  
  code that directs the computer system to display a tree map on the display representing at least a portion of the network, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metric associated with the servers, and wherein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers;
  
  code that directs the computer system to display configuration data associated with the serverwherein the configuration data is selected from a group consisting of;
  
  vulnerability data, port data, application data, patch data, vulnerability certainty, business value, business value, exploitability, downstream risk.

16. A computer system comprising:
- a processor configured to determine a plurality of security metrics associated with a plurality of servers within a network;
  
  a memory configured to store the plurality of security metrics; and
  
  a display for displaying a tree map on the display representing at least a portion of the network, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metric associated with the servers, and herein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers;
  
  wherein the first security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.
- View Dependent Claims (17, 18, 19)
- - 17. The computer system of claim 16wherein the first security metric represents a change of a value with respect to time.
  - 18. The computer system of claim 16wherein the processor is configured to receive a selection of a shape from the plurality of shapes;
    - wherein the memory is configured to store configuration data associated with servers associated with shapes from the plurality of shapes; and
      
      wherein the display is also configured to display the configuration data associated with a server associated with the shape that was selected.
  - 19. The computer system of claim 16wherein the display is configured to display a histogram representing vulnerability certainty of the plurality of servers within the network.

20. A computer system comprising:
- a processor configured to determine a plurality of security metrics associated with a plurality of servers within a network;
  
  a memory configured to store the plurality of security metrics; and
  
  a display for displaying a tree map on the display representing at least a portion of the network, wherein the tree map comprises a plurality of shapes associated with servers from the plurality of servers, wherein a size of shapes in the plurality of shapes is determined in response to a first security metric from the plurality of security metric associated with the servers, and herein an appearance of the shapes is determined in response to a second security metric from the plurality of security metrics associated with the servers;
  
  wherein the appearance comprises color of a shape; and
  
  wherein the second security metric is selected from a group consisting of;
  
  a business value associated with a server location, certainty of a vulnerability, severity of a vulnerability, freshness of a vulnerability, market share of components, difficulty of vulnerability, mitigation priority, risk, and exploitability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Redseal, Inc.
Original Assignee
Redseal Systems Incorporated
Inventors
Mayer, Alain Jules, Lloyd, Michael, Laing, Brian
Primary Examiner(s)
Bashore; William L
Assistant Examiner(s)
ZAHR, ASHRAF A

Application Number

US11/761,972
Time in Patent Office

1,344 Days
Field of Search

715/734, 715/736, 726/25, 709/224
US Class Current

715/736
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2145   Inheriting rights or proper...

H04L 41/22   comprising specially adapte...

H04L 63/1433   Vulnerability analysis

H04L 67/125   involving control of end-de...

H04L 67/75   Indicating network or usage...

Network security visualization methods, apparatus and graphical user interfaces

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Network security visualization methods, apparatus and graphical user interfaces

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links