Method and system for applying security vulnerability management process to an organization

US 20060075503A1
Filed: 09/13/2005
Published: 04/06/2006
Est. Priority Date: 09/13/2004
Status: Abandoned Application

First Claim

Patent Images

1. A graphical user interface for managing vulnerability life cycle of a computer network of an organizational entity, comprising:

a multilevel tree structure including a plurality of nodes, wherein each node of the plurality of nodes is uniquely associated with a designated unit within the organizational entity;

at least one user icon connected to at least one of the nodes, the at least one user icon associated with a particular individual;

at least one group icon connected to at least one of the nodes, the at least one group icon associated with a plurality of individuals;

wherein each of the plurality of nodes, at least one user icon and at least one group icon are dynamically modifiable according to a structure of the organizational entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention comprises a graphical user interface for managing vulnerability life cycle of a computer network of an organizational entity. The graphical user interface includes a multilevel tree structure including a plurality of nodes. Each node of the plurality of nodes is uniquely associated with a designated unit within the organizational entity. The graphical user interface further includes at least one user icon connected to at least one of the nodes wherein the at least one user icon is associated with a particular individual. At least one group icon is connected to at least one of the nodes wherein the group icon is associated with a plurality of individuals. Each of the plurality of nodes, the at least one user icon and the at least one group icon are dynamically modifiable according to a structure of the organizational entity.

138 Citations

View as Search Results

40 Claims

1. A graphical user interface for managing vulnerability life cycle of a computer network of an organizational entity, comprising:
- a multilevel tree structure including a plurality of nodes, wherein each node of the plurality of nodes is uniquely associated with a designated unit within the organizational entity;
  
  at least one user icon connected to at least one of the nodes, the at least one user icon associated with a particular individual;
  
  at least one group icon connected to at least one of the nodes, the at least one group icon associated with a plurality of individuals;
  
  wherein each of the plurality of nodes, at least one user icon and at least one group icon are dynamically modifiable according to a structure of the organizational entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The graphical user interface of claim 1, further including a first icon associated with each of the plurality of nodes, at least one user icon and at least one group icon, the first icon enabling deletion of the node, the user icon or the group icon associated with the first icon.
  - 3. The graphical user interface of claim 2, further including a second icon associated with each of the plurality of nodes, at least one user icon and at least one group icon, the second icon enabling editing of data associated with the node, the user icon or the group icon associated with the second icon.
  - 4. The graphical user interface of claim 1, further including:
    - a first icon for adding a new node to the multilevel tree structure;
      
      a second icon for adding a new user icon to a node of the multilevel tree structure; and
      
      a third icon for adding a new group icon to the node of the multilevel tree structure.
  - 5. The graphical user interface of claim 1, wherein the designated unit comprises at least one of locations, departments, divisions, servers, computers, IP addresses, auditor'"'"'s functions, regulatory compliance, mission critical devices, and other designations.
  - 6. The graphical user interface of claim 1, further including a permissions page for designating permissions that are granted to a user and a group in a particular node for a particular functional object, wherein the permissions are also granted to any node below the particular node in the multilevel tree structure.
  - 7. The graphical user interface of claim 6, wherein the multilevel tree structure comprises a subset of the plurality of nodes of the multilevel tree structure based on the permissions granted in the permissions page.
  - 8. The graphical user interface of claim 6, wherein the permissions granted comprise functional objects including tabs, nodes, schedules, jobs, operational windows, permissions, reports, filters and other functions.
  - 9. The graphical user interface of claim 1, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for generating vulnerability assessment jobs for testing a vulnerability of IP addresses associated with the selected at least one node.
  - 10. The graphical user interface of claim 1, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting a type of vulnerability assessment report to be generated for IP addresses associated with at least one of the selected at least one node or at least one job within at least one node.
  - 11. The graphical user interface of claim 1, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting a remediation work flow of at least one vulnerability to be generated for IP addresses associated with the selected at least one node.
  - 12. The graphical user interface of claim 1, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting filtering of at least one vulnerability to be generated for IP addresses associated with the selected at least one node.
  - 13. The graphical user interface of claim 1, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure, and for selecting a risk score of the node in comparison to other nodes and for selecting the job icon under the node to see a reason attributing to the risk score.
  - 14. The graphical user interface of claim 1, wherein at least one job icon is connected to at least one of the nodes, the at least one job icon is associated with a particular job that has been established for the at least one of the nodes.
  - 15. The graphical user interface of claim 1, wherein at least one schedule icon is connected to at least one of the nodes, the at least one schedule icon is associated with a particular job that has been established for the at least one of the nodes.
  - 16. The graphical user interface of claim 1, wherein at least one operational window icon is connected to at least one of the nodes, the at least one operational window icon is associated with a particular schedule of a particular job that has been established for the at least one of the nodes.

17. A graphical user interface for managing vulnerability life cycle of a computer network of an organizational entity, comprising:
- a multilevel tree structure including a plurality of nodes, wherein each node of the plurality of nodes is uniquely associated with a designated unit within the organizational entity;
  
  at least one user icon connected to at least one of the nodes, the at least one user icon associated with a particular individual;
  
  at least one group icon connected to at least one of the nodes, the at least one group icon associated with a plurality of individuals;
  
  wherein each of the plurality of nodes, the at least one user icon and the at least one group icon are dynamically modifiable according to a structure of the organizational entity;
  
  a first icon associated with each of the plurality of nodes, the at least one user icon and the at least one group icon, the first icon enabling deletion of the node, the user icon or the group icon associated with the first icon;
  
  a second icon associated with each of the plurality of nodes, and the at least one user icon and at least one group icon, the second icon enabling editing of data associated with the node, the user icon or the group icon associated with the second icon; and
  
  a permissions page for designating permissions that are granted to a user and a group within a particular node for functional objects, wherein the permissions are also granted to any node below the particular node in the multilevel tree structure.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 18. The graphical user interface of claim 17, further including:
    - a first icon for adding a new node to the multilevel tree structure;
      
      a second icon for adding a new user icon to a node of the multilevel tree structure; and
      
      a third icon for adding a new group icon to the node of the multilevel tree structure.
  - 19. The graphical user interface of claim 17, wherein the designated unit comprises at least one of departments, divisions, servers, computers, IP addresses, auditor'"'"'s functions, regulatory compliance, mission critical devices, and other designations.
  - 20. The graphical user interface of claim 17, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for generating vulnerability assessment jobs for testing a vulnerability of IP addresses associated with at least one of the selected at least one node or at least one job contained by the at least one node.
  - 21. The graphical user interface of claim 17, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting a type of vulnerability assessment report to be generated for IP addresses associated with the selected at least one node.
  - 22. The graphical user interface of claim 17, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting a remediation work flow of at least one vulnerability to be generated for IP addresses associated with the selected at least one node.
  - 23. The graphical user interface of claim 17, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting filtering of at least one vulnerability to be generated for IP addresses associated with the selected at least one node.
  - 24. The graphical user interface of claim 17, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure, and for selecting a risk score of the node in comparison to other nodes and for selecting the job icon under the node to see a reason attributing to the risk score.
  - 25. The graphical user interface of claim 17, wherein at least one job icon is connected to at least one of the nodes, the at least one job icon is associated with a particular job that has been established for the at least one of the nodes.
  - 26. The graphical user interface of claim 17, wherein at least one schedule icon is connected to at least one of the nodes, the at least one schedule icon is associated with a particular job that has been established for the at least one of the nodes.
  - 27. The graphical user interface of claim 17, wherein at least one operational window icon is connected to at least one of the nodes, the at least one operational window icon is associated with a particular schedule of a particular job that has been established for the at least one of the nodes.

28. An apparatus, comprising:
- a computer-readable storage medium containing a set of instructions for a general purpose computer;
  
  wherein execution of the set of instructions by the general purpose computer configures the general purpose computer to;
  
  generate a graphical user interface for managing vulnerability life cycle of a computer network of a computer network of an organizational entity, the graphical user interface including;
  
  a multilevel tree structure including a plurality of nodes, wherein each node of the plurality of nodes is uniquely associated with a designated unit within the organizational entity;
  
  at least one user icon connected to at least one of the nodes, the at least one user icon associated with a particular individual;
  
  at least one group icon connected to at least one of the nodes, the at least one group icon associated with a plurality of individuals;
  
  wherein each of the plurality of nodes, the at least one user icon and at least one group icon are dynamically modifiable according to a structure of the organizational entity.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 29. The apparatus of claim 28, further including a first icon associated with each of the plurality of nodes, the at least one user icon and the at least one group icon, the first icon enabling deletion of the node, the user icon or the group icon associated with the first icon.
  - 30. The apparatus of claim 29, further including a second icon associated with each of the plurality of nodes, the at least one user icon and the at least one group icon, the second icon enabling editing of data associated with the node, the user icon or the group icon associated with the second icon.
  - 31. The apparatus of claim 28, further including:
    - a first icon for adding a new node to the multilevel tree structure;
      
      a second icon for adding a new user icon to a node of the multilevel tree structure; and
      
      a third icon for adding a new group icon to the node of the multilevel tree structure.
  - 32. The apparatus of claim 28, further including a permissions page for designating permissions that are granted to a particular node and for designating permissions for objects, wherein the permissions are also granted to any node and its contained objects below the particular node in the multilevel tree structure.
  - 33. The graphical user interface of claim 28, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for generating vulnerability assessment jobs for testing a vulnerability of IP addresses associated with the selected at least one node.
  - 34. The graphical user interface of claim 28, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting a type of vulnerability assessment report to be generated for IP addresses associated with at least one of the selected at least one node or at least one job contained by the at least one node.
  - 35. The graphical user interface of claim 28, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting a remediation work flow of at least one vulnerability to be generated for IP addresses associated with the selected at least one node.
  - 36. The graphical user interface of claim 28, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure and for selecting filtering of at least one vulnerability to be generated for IP addresses associated with the selected at least one node.
  - 37. The graphical user interface of claim 28, further including a page for selecting at least one node of the plurality nodes in the multilevel tree structure, and for selecting a risk score of the node in comparison to other nodes and for selecting the job icon under the node to see a reason attributing to the risk score.
  - 38. The graphical user interface of claim 28, wherein at least one job icon is connected to at least one of the nodes, the at least one job icon is associated with a particular job that has been established for the at least one of the nodes.
  - 39. The graphical user interface of claim 28, wherein at least one schedule icon is connected to at least one of the nodes, the at least one schedule icon is associated with a particular job that has been established for the at least one of the nodes.
  - 40. The graphical user interface of claim 28, wherein at least one operational window icon is connected to at least one of the nodes, the at least one operational window icon is associated with a particular schedule of a particular job that has been established for the at least one of the nodes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Achilles Guard, Inc. (Alert Logic Incorporated)
Original Assignee
Achilles Guard, Inc. (Alert Logic Incorporated)
Inventors
Bunker, Eva Elizabeth, Bunker, Nelson Waldo V, Mitchell, Kevin Michael

Application Number

US11/225,411
Publication Number

US 20060075503A1
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 11/324   Display of status information

G06F 21/577   Assessing vulnerabilities a...

G06F 21/604   Tools and structures for ma...

H04L 63/0236   Filtering by address, proto...

Method and system for applying security vulnerability management process to an organization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

138 Citations

40 Claims

Specification

Use Cases

Quick Links

Others

Method and system for applying security vulnerability management process to an organization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

138 Citations

40 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others