Method and apparatus for continuous compliance assessment
First Claim
1. A method comprising:
- receiving, by a server, change data associated with a change detected by a target host, wherein the target host applies one or more collection policies defining what types of change data are to be detected by the target host and provides the change data in response to detecting that one or more rules, settings, and/or parameters at the target host, defined by a respective one of the one or more collection policies, have changed, wherein the change data includes an identification of the target host, an identification of the respective one of the one or more collection policies responsible for the change data, and the one or more changed rules, settings, and/or parameters;
filtering, by the server, the received change data, wherein the filtering includes determining whether the target host specified in the change data is associated with one or more waivers specified by one or more compliance policies; and
conditional on the target host not being associated with the one or more waivers specified by the one or more compliance policies, determining, by the server, whether the one or more rules, settings, and/or parameters meet the one or more compliance policies and generating one or more test results based at least on the determining.
3 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, a compliance server receives change data associated with a change captured on a target host. In various embodiments, the target host may have provided the change data in response to detecting the change, and the change data may include one or more rules, settings, and/or parameters. Also, in various embodiments, the compliance server may determine whether the one or more rules, settings, and/or parameters meet one or more compliance policies and generate one or more test results based at least on the results of the determining. Further, in some embodiments, the target host may detect a change to a rule, setting, and/or parameter based on a collection policy defining what change data is to be collected by the target host and provide data associated with the rule, setting, and/or parameter as change data to the compliance server.
162 Citations
26 Claims
-
1. A method comprising:
-
receiving, by a server, change data associated with a change detected by a target host, wherein the target host applies one or more collection policies defining what types of change data are to be detected by the target host and provides the change data in response to detecting that one or more rules, settings, and/or parameters at the target host, defined by a respective one of the one or more collection policies, have changed, wherein the change data includes an identification of the target host, an identification of the respective one of the one or more collection policies responsible for the change data, and the one or more changed rules, settings, and/or parameters; filtering, by the server, the received change data, wherein the filtering includes determining whether the target host specified in the change data is associated with one or more waivers specified by one or more compliance policies; and conditional on the target host not being associated with the one or more waivers specified by the one or more compliance policies, determining, by the server, whether the one or more rules, settings, and/or parameters meet the one or more compliance policies and generating one or more test results based at least on the determining. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A compliance server comprising:
-
a memory or storage device storing a change database for storing change data associated with a change captured on a target host, wherein the target host applies a plurality of collection policies defining what types of change data are to be detected by the target host and provides the change data in response to detecting the change, wherein the change data includes an identification of the target host, an identification of the respective one of the plurality of collection policies responsible for the change data, and one or more changed rules, settings, and/or parameters; and a hardware processor, the hardware processor being programmed to; receive, from the target host, the change data associated with the change captured on the target host, filter the received change data, the filtering including determining whether the target host specified in the change data is associated with one or more waivers specified by one or more compliance policies, and if the target host is not associated with the one or more waivers specified by the one or more compliance policies, determine whether the one or more changed rules, settings, and/or parameters meet the one or more compliance policies and generate one or more test results based at least on the determining. - View Dependent Claims (11, 12, 13)
-
-
14. A method comprising:
-
monitoring a change database to detect whether any new change data has been received from target hosts; upon detecting the new change data in the change database, notifying logic of a server of the new change data, the new change data being associated with a change captured on a target host, wherein the target host applies one or more collection policies defining what types of change data are to be detected by the target host and provides the new change data in response to detecting the change, wherein the new change data includes data identifying the target host, data identifying a respective one of the one or more collection policies responsible for the change data, and data identifying a change to a registry setting or configuration parameter at the target host; determining, by the server, whether the change to the registry setting or configuration parameter meets one or more compliance policies; generating, by the server, one or more test results based at least on the determining; and when the change to the registry setting or configuration parameter does not meet the one or more compliance policies, generating appropriate element data for the target host to place the target host into compliance with the one or more compliance policies. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A method comprising:
-
monitoring a change database to detect whether any new change data has been received from target hosts; upon detecting the new change data in the change database, notifying logic of a server of the new change data, the new change data being associated with a change detected at a target host, wherein the new change data includes data identifying the target host and data identifying a change to a registry setting or configuration parameter at the target host; determining, by the server, whether the change to the registry setting or configuration parameter meets one or more compliance policies; generating, by the server, one or more test results based at least on the results of the determining; and when the change to the registry setting or configuration parameter does not meet the one or more compliance policies, generating appropriate element data for the target host to place the target host into compliance with the one or more compliance policies, wherein the new change data includes a rule that generated the change, an identification of the target host from which the change data was collected, a specific element name associated with the change, and element data associated with the change. - View Dependent Claims (20, 21, 22)
-
-
23. A non-transitory storage medium storing computer-executable instructions which when executed by a computing device of a server cause the computing device to perform a method, the method comprising:
-
monitoring a change database to detect whether any new change data has been received from target hosts; upon detecting the new change data in the change database, notifying logic of a server of the new change data, the new change data being associated with a change detected at a target host, wherein the new change data includes data identifying the target host and data identifying a change to a registry setting or configuration parameter at the target host; determining, by the server, whether the change to the registry setting or configuration parameter meets one or more compliance policies; generating, by the server, one or more test results based at least on results of the determining; and when the change to the registry setting or configuration parameter does not meet the one or more compliance policies, generating appropriate element data for the target host to place the target host into compliance with the one or more compliance policies, wherein the new change data includes a rule that generated the change, an identification of the target host from which the change was collected, a specific element name associated with the change, and element data associated with the change. - View Dependent Claims (24, 25, 26)
-
Specification