Multiple-path remediation

US 8,266,699 B2
Filed: 07/01/2004
Issued: 09/11/2012
Est. Priority Date: 07/01/2003
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A system for responding to security vulnerabilities in a system of computing devices, comprising:

a database associatinga plurality of device vulnerabilities to which computing devices can be subject, each vulnerability having a vulnerability identifier, witha plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities;

such that;

each of the device vulnerabilities is associated with at least one remediation technique;

each remediation technique associated with a particular device vulnerability remediates that particular vulnerability;

each remediation technique has a remediation type selected from the type group consisting of patch, policy setting, and configuration option; and

a first one of the device vulnerabilities is associated with at least two alternative remediation techniques;

a query signal comprising the vulnerability identifier for the first one of the device vulnerabilities;

a response signal, automatically generated in response to the query signal, that describes the at least two remediation techniques;

a processor; and

a memory encoded with programming instructions executable by the processor to;

receive the response signal;

select one of the at least two alternative remediation techniques; and

apply the selected remediation technique.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

A security information management system is described, wherein a database of potential vulnerabilities is maintained, along with data describing remediation techniques (patches, policy settings, and configuration options) available to protect against them. At least one vulnerability is associated in the database with multiple available remediation techniques. In one embodiment, the system presents a user with the list of remediation techniques available to protect against a known vulnerability, accepts the user'"'"'s selection from the list, and executes the selected technique. In other embodiments, the system uses a predetermined prioritization schedule to automatically select among the available remediation techniques, then automatically executes the selected technique.

44 Citations

View as Search Results

17 Claims

1. A system for responding to security vulnerabilities in a system of computing devices, comprising:
- a database associatinga plurality of device vulnerabilities to which computing devices can be subject, each vulnerability having a vulnerability identifier, witha plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities;
  
  such that;
  
  each of the device vulnerabilities is associated with at least one remediation technique;
  
  each remediation technique associated with a particular device vulnerability remediates that particular vulnerability;
  
  each remediation technique has a remediation type selected from the type group consisting of patch, policy setting, and configuration option; and
  
  a first one of the device vulnerabilities is associated with at least two alternative remediation techniques;
  
  a query signal comprising the vulnerability identifier for the first one of the device vulnerabilities;
  
  a response signal, automatically generated in response to the query signal, that describes the at least two remediation techniques;
  
  a processor; and
  
  a memory encoded with programming instructions executable by the processor to;
  
  receive the response signal;
  
  select one of the at least two alternative remediation techniques; and
  
  apply the selected remediation technique.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, further comprising a user interface that:
    - offers the at least two alternative remediation techniques for selection by a user;
      
      accepts a selection by the user of at least one of the at least two alternative remediation techniques; and
      
      uses the selection to dictate how the processor selects the one of the at least two alternative remediation techniques.
  - 3. The system of claim 1,wherein the selecting of one of the at least two alternative remediation techniques is automatic.
  - 4. The system of claim 3, wherein:
    - each of the at least two alternative remediation techniques has a remediation type; and
      
      the automatic selecting is based on the remediation type of each of the at least two alternative remediation techniques.
  - 5. The system of claim 3, wherein the automatic selecting is based on input from a user that is acquired before the response signal is received.
  - 6. The system of claim 3, wherein the automatic selecting is based on input from a user that is acquired after the response signal is received.

7. A method of responding to security vulnerabilities in a system of computing devices, comprising:
- receiving a query signal at a database that associates a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein;
  
  each vulnerability has a vulnerability identifier;
  
  each vulnerability is associated with at least one remediation technique operable to remediate that particular vulnerability; and
  
  each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option;
  
  wherein the query signal comprises the vulnerability identifier for a first device vulnerability;
  
  transmitting a response signal, automatically generated in response to the query signal, that describes at least two alternative remediation techniques associated with the first device vulnerability;
  
  selecting one of the at least two alternative remediation techniques;
  
  applying the selected remediation technique;
  
  offering the at least two alternative remediation techniques for selection by a user via a user interface; and
  
  wherein the selecting step comprises accepting a selection by the user of at least one of the at least two alternative remediation techniques via the user interface.
- View Dependent Claims (8)
- - 8. The method of claim 7, wherein the selection by the user occurs before the receiving of the query.

9. A system for responding to security vulnerabilities in a system of computing devices, comprising a processor and a memory, the memory being encoded with a set of programming instructions executable by the processor to manage one or more computing devices by associating in a database:
- a plurality of device vulnerabilities, to which the computing devices can be subject, witha plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities,wherein;
  
  each device vulnerability has a vulnerability identifier and is associated in the database with at least one remediation technique;
  
  each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option;
  
  a first one of the device vulnerabilities is associated with at least two alternative remediation techniques;
  
  a query signal is sent to the device, the query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and
  
  a response signal is sent from the device, the response signal being automatically generated in response to the query signal and describing the at least two alternative remediation techniques; and
  
  the programming instructions are further executable to present a user interface operable to;
  
  offer the at least two alternative remediation techniques to a user; and
  
  accept a selection by the user of at least one of the at least two alternative remediation techniques.
- View Dependent Claims (10, 12, 13)
- - 10. The system of claim 9, wherein the programming instructions are further executable by the one or more processors to apply the at least one user-selected remediation technique.
  - 12. The system of claim 9, wherein:
    - the device automatically selects one of the at least two alternative remediation techniques; and
      
      the response signal identifies the selected remediation technique.
  - 13. The system of claim 12, wherein the automatic selection is based on a predetermined selection rule provided by a user.

11. A system for responding to security vulnerabilities in a system of computing devices, comprising a processor and a memory, the memory being encoded with a set of programming instructions executable by the processor to manage the computing devices by associating in a database:
- a plurality of device vulnerabilities, to which the computing devices can be subject, witha plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities,wherein;
  
  each device vulnerability has a vulnerability identifier and is associated in the database with at least one remediation technique;
  
  each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option;
  
  a first one of the device vulnerabilities is associated with at least two alternative remediation techniques;
  
  a query signal is sent to the device, the query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and
  
  a response signal is sent from the device, the response signal being automatically generated in response to the query signal and describing a selected one of the at least two alternative remediation techniques;
  
  wherein a first computing device includes a processor and a memory encoded with programming instructions executable by the processor to;
  
  receive the response signal;
  
  select automatically one of the at least two alternative remediation techniques; and
  
  apply the selected remediation technique.
- View Dependent Claims (16, 17)
- - 16. The system of claim 11, wherein:
    - the device automatically selects one of the at least two alternative remediation techniques; and
      
      the response signal identifies the selected remediation technique.
  - 17. The system of claim 16, wherein the automatic selection is based on a predetermined selection rule provided by a user.

14. A method of responding to security vulnerabilities in a system of computing devices, comprising:
- receiving a query signal at a database that associates a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein;
  
  each vulnerability has a vulnerability identifier;
  
  each vulnerability is associated with at least one remediation technique operable to remediate that particular vulnerability; and
  
  each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option;
  
  wherein the query signal comprises the vulnerability identifier for a first device vulnerability;
  
  transmitting a response signal, automatically generated in response to the query signal, that describes at least two alternative remediation techniques associated with the first device vulnerability;
  
  automatically selecting one of the at least two alternative remediation techniques; and
  
  applying the selected remediation technique;
  
  wherein each of the at least two alternative remediation techniques has a remediation type; and
  
  the automatic selecting is based on the remediation types of the at least two alternative remediation techniques.
- View Dependent Claims (15)
- - 15. The method of claim 14, wherein the automatic selecting is further based on input from a user, where the input is received before the receiving of the query.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
SecurityProfiling, LLC
Original Assignee
Securityprofiling Incorporated
Inventors
Oliphant, Brett M.
Primary Examiner(s)
ZIA, SYED

Application Number

US10/882,588
Publication Number

US 20050044389A1
Time in Patent Office

2,994 Days
Field of Search

None
US Class Current

726/25
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/57   Certifying or maintaining t...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

Multiple-path remediation

First Claim

2 Assignments

Litigations

1 Petition

Accused Products

Abstract

44 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Multiple-path remediation

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links