Policy-based selection of remediation
First Claim
Patent Images
1. A method comprising:
- collecting, by an agent running on an endpoint system, information regarding a program-code-based operational state of the endpoint system;
transmitting, by the agent, the information to a remote computer system via a network coupling the endpoint system and the remote computer system in communication;
determining whether the program-code-based operational state of the endpoint system represents a violation of the one or more security policies by evaluating, by the remote computer system, the received information with respect to the one or more security policies, wherein each security policy of the one or more security policies defines at least one parameter condition violation of which is potentially indicative of unauthorized activity on the endpoint system or manipulation of the endpoint system; and
enforcing one or more security policies, by the remote computer system, with respect to the endpoint system based on the received information.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for remediating a security policy violation on a computer system are provided. According to one embodiment, an agent running on an endpoint system collects information regarding a program-code-based operational state of the endpoint system. The agent transmits the information to a remote computer system via a network coupling the endpoint system and the remote computer system in communication. The remote computer system enforces one or more security policies with respect to the endpoint system based on the received information.
-
Citations
13 Claims
-
1. A method comprising:
-
collecting, by an agent running on an endpoint system, information regarding a program-code-based operational state of the endpoint system; transmitting, by the agent, the information to a remote computer system via a network coupling the endpoint system and the remote computer system in communication; determining whether the program-code-based operational state of the endpoint system represents a violation of the one or more security policies by evaluating, by the remote computer system, the received information with respect to the one or more security policies, wherein each security policy of the one or more security policies defines at least one parameter condition violation of which is potentially indicative of unauthorized activity on the endpoint system or manipulation of the endpoint system; and enforcing one or more security policies, by the remote computer system, with respect to the endpoint system based on the received information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeFortinet Inc.
-
Original AssigneeFortinet Inc.
-
InventorsBezilla, Daniel B., Immordino, John L., Ogura, James Le
-
Primary Examiner(s)REVAK, CHRISTOPHER A
-
Application NumberUS14/153,017Publication NumberTime in Patent Office430 DaysField of SearchNoneUS Class Current726/1CPC Class CodesG06F 21/552 involving long-term monitor...G06F 21/57 Certifying or maintaining t...H04L 43/0876 Network utilisation, e.g. v...H04L 63/1441 Countermeasures against mal...H04L 63/20 for managing network securi...
