Systems and methods for evaluating compliance checks

US 8,584,247 B1
Filed: 06/09/2010
Issued: 11/12/2013
Est. Priority Date: 06/09/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for evaluating compliance checks, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:

maintaining a group of compliance standards for at least one computing network, each compliance standard comprising at least one compliance check for evaluating at least one aspect of a network device;

calculating a reputation score for at least one compliance check within the group of compliance standards based at least in part on a prevalence of the compliance check within the group of compliance standards that indicates a proportion of compliance standards that include the compliance check;

assigning the reputation score to the compliance check;

providing a recommendation for whether to implement the compliance check based at least in part on the reputation score assigned to the compliance check;

wherein the compliance check evaluates the network device to determine whether the network device is configured in a manner defined by the compliance check.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for evaluating compliance checks may include (1) maintaining a group of compliance standards for at least one computing network, with each compliance standard comprising at least one compliance check for evaluating at least one aspect of a network device, (2) calculating a reputation score for at least one compliance check within the group of compliance standards, (3) assigning the reputation score to the compliance check, and then (4) providing a recommendation for whether to implement the compliance check based at least in part on the reputation score assigned to the compliance check.

28 Citations

View as Search Results

20 Claims

1. A computer-implemented method for evaluating compliance checks, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- maintaining a group of compliance standards for at least one computing network, each compliance standard comprising at least one compliance check for evaluating at least one aspect of a network device;
  
  calculating a reputation score for at least one compliance check within the group of compliance standards based at least in part on a prevalence of the compliance check within the group of compliance standards that indicates a proportion of compliance standards that include the compliance check;
  
  assigning the reputation score to the compliance check;
  
  providing a recommendation for whether to implement the compliance check based at least in part on the reputation score assigned to the compliance check;
  
  wherein the compliance check evaluates the network device to determine whether the network device is configured in a manner defined by the compliance check.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-implemented method according to claim 1, wherein maintaining the group of compliance standards comprises at least one of:
    - obtaining the group of compliance standards from a single computing network;
      
      obtaining the group of compliance standards from a plurality of computing networks.
  - 3. The computer-implemented method according to claim 1, further comprising storing the group of compliance standards in a centralized database.
  - 4. The computer-implemented method according to claim 1, wherein calculating the reputation score for the compliance check comprises calculating the reputation score for the compliance check based at least in part on:
    - the source of origin of the compliance check;
      
      the efficacy of the compliance check.
  - 5. The computer-implemented method according to claim 1, wherein providing the recommendation comprises recommending modifying a compliance standard to include the compliance check.
  - 6. The computer-implemented method according to claim 1, wherein the reputation score for the compliance check within the group of compliance standards is further based on a proportion of devices that include the compliance check.
  - 7. The computer-implemented method according to claim 1, further comprisingdisplaying a map that illustrates the prevalence of the compliance check.
  - 8. The computer-implemented method according to claim 1, wherein the magnitude of the reputation score is proportional to the prevalence of the compliance check.
  - 9. The computer-implemented method according to claim 1,wherein calculating the reputation score for the compliance check comprises calculating the reputation score for the compliance check based at least in part on a number of incidents that are reported on devices that include the compliance check.

10. A system for evaluating compliance checks, the system comprising:
- a maintenance module programmed to maintain a group of compliance standards for at least one computing network, each compliance standard comprising at least one compliance check for evaluating at least one aspect of a network device;
  
  a scoring module programmed to;
  
  calculate a reputation score for at least one compliance check within the group of compliance standards based at least in part on a prevalence of the compliance check within the group of compliance standards that indicates a proportion of compliance standards that include the compliance check;
  
  assign the reputation score to the compliance check;
  
  a recommendation module programmed to provide a recommendation for whether to implement the compliance check based at least in part on the reputation score assigned to the compliance check;
  
  at least one processor configured to execute at least one of the maintenance module, the scoring module, and the recommendation module, whereinthe compliance check evaluates the network device to determine whether the network device is configured in a manner defined by the compliance check.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system according to claim 10, wherein the maintenance module maintains the group of compliance standards by at least one of:
    - obtaining the group of compliance standards from a single computing network;
      
      obtaining the group of compliance standards from a plurality of computing networks.
  - 12. The system according to claim 10, wherein the maintenance module maintains the group of compliance standards by storing the group of compliance standards in a centralized database.
  - 13. The system according to claim 10, wherein the scoring module calculates the reputation score for the compliance check based at least in part on at least one of:
    - the source of origin of the compliance check;
      
      the efficacy of the compliance check.
  - 14. The system according to claim 10, wherein the compliance standards apply to a common platform.
  - 15. The system according to claim 10, wherein the recommendation module provides the recommendation by recommending modifying a compliance standard to include the compliance check.
  - 16. The system according to claim 10, wherein the scoring module is further programmed to:
    - identify an additional compliance standard added to the group of compliance standards;
      
      update the reputation score assigned to the compliance check based at least in part on the additional compliance standard.
  - 17. The system according to claim 10, wherein the scoring module is further programmed to:
    - identify a reputation threshold;
      
      identify at least one high-reputation compliance check within the group of compliance standards that satisfies the reputation threshold;
      
      create a virtual reputation standard that includes the high-reputation compliance check.
  - 18. The system according to claim 17, wherein the scoring module is further programmed to compute an adherence score based on a comparison between a compliance standard that includes the compliance check and the virtual reputation standard.

19. A non-transitory computer-readable-storage medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
- maintain a group of compliance standards for at least one computing network, each compliance standard comprising at least one compliance check for evaluating at least one aspect of a network device;
  
  calculate a reputation score for at least one compliance check within the group of compliance standards based at least in part on a prevalence of the compliance check within the group of compliance standards that indicates a proportion of compliance standards that include the compliance check;
  
  assign the reputation score to the compliance check;
  
  provide a recommendation for whether to implement the compliance check based at least in part on the reputation score assigned to the compliance check;
  
  wherein the compliance check evaluates the network device to determine whether the network device is configured in a manner defined by the compliance check.
- View Dependent Claims (20)
- - 20. The computer-readable-storage medium according to claim 19, wherein the computer-executable instructions, when executed by the processor of the computing device, further cause the computing device to calculate the reputation score for the compliance check based at least in part on at least one of:
    - the source of origin of the compliance check;
      
      the efficacy of the compliance check.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Patil, Dipak
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Korsak, Oleg

Application Number

US12/797,301
Time in Patent Office

1,252 Days
Field of Search

None
US Class Current

726/25
CPC Class Codes

G06F 21/46   by designing passwords or c...

G06F 21/577   Assessing vulnerabilities a...

G06Q 10/101   Collaborative creation, e.g...

H04L 63/1433   Vulnerability analysis

Systems and methods for evaluating compliance checks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for evaluating compliance checks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others