System and method for evaluating and enhancing the security level of a network system
First Claim
Patent Images
1. A method for evaluating a security level of a network system, the method being implemented by one or more processors and comprising:
- identifying a plurality of security elements of the network system;
determining a security architecture of the network system based on the identified plurality of security elements;
wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach;
evaluating the security architecture to determine an evaluation for the network system;
wherein evaluating the security architecture includes determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
(ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;
outputting the evaluation to the user; and
updating the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user.
2 Assignments
0 Petitions
Accused Products
Abstract
Examples described herein provide for a system that evaluates a security level of a network system. Additionally, examples described herein evaluate a security level of a network system in order to enable a determination of components that can be used to enhance the security level of the network system.
-
Citations
20 Claims
-
1. A method for evaluating a security level of a network system, the method being implemented by one or more processors and comprising:
-
identifying a plurality of security elements of the network system; determining a security architecture of the network system based on the identified plurality of security elements; wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach; evaluating the security architecture to determine an evaluation for the network system; wherein evaluating the security architecture includes determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
(ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;outputting the evaluation to the user; and updating the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium that stores instructions for evaluating a security level of a network system, the instructions being executable by one or more processors to cause the one or more processors to perform operations that include:
-
identifying a plurality of security elements of the network system; determining a security architecture of the network system based on the identified plurality of security elements; wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach; evaluating the security architecture to determine an evaluation for the network system; wherein evaluating the security architecture includes determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
(ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;outputting the evaluation to the user; and updating the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer system comprising:
-
a memory that stores a set of instructions; one or more processors that access the instructions in the memory to; identify a plurality of security elements of a network system; determine a security architecture of the network system based on the identified plurality of security elements; wherein the processor determines the security architecture by implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach; evaluate the security architecture to determine an evaluation for the network system by determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
(ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;output the evaluation to the user; and update the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user.
-
Specification