Multiple-path remediation
DCFirst Claim
1. A system for responding to security vulnerabilities in a system of computing devices, comprising:
- a database associatinga plurality of device vulnerabilities to which computing devices can be subject, each vulnerability having a vulnerability identifier, witha plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities;
such that;
each of the device vulnerabilities is associated with at least one remediation technique;
each remediation technique associated with a particular device vulnerability remediates that particular vulnerability;
each remediation technique has a remediation type selected from the type group consisting of patch, policy setting, and configuration option; and
a first one of the device vulnerabilities is associated with at least two alternative remediation techniques;
a query signal comprising the vulnerability identifier for the first one of the device vulnerabilities;
a response signal, automatically generated in response to the query signal, that describes the at least two remediation techniques;
a processor; and
a memory encoded with programming instructions executable by the processor to;
receive the response signal;
select one of the at least two alternative remediation techniques; and
apply the selected remediation technique.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
A security information management system is described, wherein a database of potential vulnerabilities is maintained, along with data describing remediation techniques (patches, policy settings, and configuration options) available to protect against them. At least one vulnerability is associated in the database with multiple available remediation techniques. In one embodiment, the system presents a user with the list of remediation techniques available to protect against a known vulnerability, accepts the user'"'"'s selection from the list, and executes the selected technique. In other embodiments, the system uses a predetermined prioritization schedule to automatically select among the available remediation techniques, then automatically executes the selected technique.
44 Citations
17 Claims
-
1. A system for responding to security vulnerabilities in a system of computing devices, comprising:
-
a database associating a plurality of device vulnerabilities to which computing devices can be subject, each vulnerability having a vulnerability identifier, with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities; such that; each of the device vulnerabilities is associated with at least one remediation technique; each remediation technique associated with a particular device vulnerability remediates that particular vulnerability; each remediation technique has a remediation type selected from the type group consisting of patch, policy setting, and configuration option; and a first one of the device vulnerabilities is associated with at least two alternative remediation techniques; a query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; a response signal, automatically generated in response to the query signal, that describes the at least two remediation techniques; a processor; and a memory encoded with programming instructions executable by the processor to; receive the response signal; select one of the at least two alternative remediation techniques; and apply the selected remediation technique. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of responding to security vulnerabilities in a system of computing devices, comprising:
-
receiving a query signal at a database that associates a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein; each vulnerability has a vulnerability identifier; each vulnerability is associated with at least one remediation technique operable to remediate that particular vulnerability; and each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option; wherein the query signal comprises the vulnerability identifier for a first device vulnerability; transmitting a response signal, automatically generated in response to the query signal, that describes at least two alternative remediation techniques associated with the first device vulnerability; selecting one of the at least two alternative remediation techniques; applying the selected remediation technique; offering the at least two alternative remediation techniques for selection by a user via a user interface; and wherein the selecting step comprises accepting a selection by the user of at least one of the at least two alternative remediation techniques via the user interface. - View Dependent Claims (8)
-
-
9. A system for responding to security vulnerabilities in a system of computing devices, comprising a processor and a memory, the memory being encoded with a set of programming instructions executable by the processor to manage one or more computing devices by associating in a database:
-
a plurality of device vulnerabilities, to which the computing devices can be subject, with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein; each device vulnerability has a vulnerability identifier and is associated in the database with at least one remediation technique; each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option; a first one of the device vulnerabilities is associated with at least two alternative remediation techniques; a query signal is sent to the device, the query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and a response signal is sent from the device, the response signal being automatically generated in response to the query signal and describing the at least two alternative remediation techniques; and the programming instructions are further executable to present a user interface operable to; offer the at least two alternative remediation techniques to a user; and accept a selection by the user of at least one of the at least two alternative remediation techniques. - View Dependent Claims (10, 12, 13)
-
-
11. A system for responding to security vulnerabilities in a system of computing devices, comprising a processor and a memory, the memory being encoded with a set of programming instructions executable by the processor to manage the computing devices by associating in a database:
-
a plurality of device vulnerabilities, to which the computing devices can be subject, with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein; each device vulnerability has a vulnerability identifier and is associated in the database with at least one remediation technique; each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option; a first one of the device vulnerabilities is associated with at least two alternative remediation techniques; a query signal is sent to the device, the query signal comprising the vulnerability identifier for the first one of the device vulnerabilities; and a response signal is sent from the device, the response signal being automatically generated in response to the query signal and describing a selected one of the at least two alternative remediation techniques; wherein a first computing device includes a processor and a memory encoded with programming instructions executable by the processor to; receive the response signal; select automatically one of the at least two alternative remediation techniques; and apply the selected remediation technique. - View Dependent Claims (16, 17)
-
-
14. A method of responding to security vulnerabilities in a system of computing devices, comprising:
-
receiving a query signal at a database that associates a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities, wherein; each vulnerability has a vulnerability identifier; each vulnerability is associated with at least one remediation technique operable to remediate that particular vulnerability; and each remediation technique has a remediation type selected from the group consisting of patch, policy setting, and configuration option; wherein the query signal comprises the vulnerability identifier for a first device vulnerability; transmitting a response signal, automatically generated in response to the query signal, that describes at least two alternative remediation techniques associated with the first device vulnerability; automatically selecting one of the at least two alternative remediation techniques; and applying the selected remediation technique; wherein each of the at least two alternative remediation techniques has a remediation type; and the automatic selecting is based on the remediation types of the at least two alternative remediation techniques. - View Dependent Claims (15)
-
Specification