Method to manage network security over a distributed network
First Claim
1. A computer security vulnerability remediation system, comprising:
- a. an enterprise server attached to a first network; and
b. one or more remote testing devices attached to one or more remote networks, wherein the enterprise server controls the function of the one or more remote testing devices.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a system with a first controller device that exercises control over one or more secondary controller devices and one or more remote testing devices. The remote testing devices accomplish all scanning of the distributed networks but remain under the control and management of the controller device. To complete a vulnerability assessment of the entire distributed network, the controller device schedules scans for each of the remote testing devices. The remote testing devices scan the network to which they are attached. Each remote testing device reports the results of the several scans to the controller device. The controller device also manages regulatory compliance information for the system. The controller device may consolidate the results to create an organization-wide vulnerability and compliance database.
90 Citations
8 Claims
-
1. A computer security vulnerability remediation system, comprising:
-
a. an enterprise server attached to a first network; and
b. one or more remote testing devices attached to one or more remote networks, wherein the enterprise server controls the function of the one or more remote testing devices.
-
-
2. A method to scan a distributed network for security vulnerabilities, comprising:
-
a. establishing an enterprise server on a first network;
b. establishing one or more remote testing devices on one or more remote networks c. coupling the enterprise server to the one or more remote testing devices;
d. the enterprise server scheduling a scan on at least one or the remote testing devices; and
e. the remote testing device scanning the remote network for security vulnerabilities.
-
-
3. A method to create a security policy for a distributed network, comprising:
-
a. establishing a security policy at an enterprise server on a first network;
b. distributing the security policy from the enterprise server to one or more remote testing devices on one or more remote networks;
c. integrating the security policy into a scanning requirement at the remote testing device;
d. scanning for violations of the security policy; and
e. creating a risk message if any violation of the security policy is found.
-
-
4. A method to remediate one or more security vulnerabilities in a distributed network, comprising:
-
a. receiving scan results, at an enterprise server attached to a first network, from one or more remote testing devices attached to one or more remote networks;
b. consolidating the received results with results generated from a scan of the first network by the enterprise server;
c. resolving one or more of the vulnerabilities; and
d. reporting a resolution to the enterprise server.
-
-
5. A method of assimilating and managing the security vulnerabilities and compliance issues across a hierarchical, distributed network, comprising:
-
a. receiving scan results and compliance posture information from subordinate enterprise server(s) by a master enterprise server;
b. processing the received results and compliance information with results from other subordinate enterprise servers by the master enterprise server to create an organization-wide or individual enterprise server view; and
c. managing the consolidated results, information, and remediation activities across the hierarchical, distributed network.
-
-
6. A method of analyzing a network'"'"'s status against a single or multiple published or proprietary security frameworks or public or private sector regulatory requirements, comprising;
-
a. receiving scan results and compliance posture information by an enterprise server;
b. a method of storing published security frameworks or regulatory requirements or the ability to create customized, proprietary security frameworks c. cross-correlation, statistical and differential analysis of the received results and compliance information against one or more security frameworks and regulatory requirements;
d. automatic or manual creation of remediation issues related to the analyzed results; and
e. distribution of remediation issues to relevant parties
-
-
7. A method of generating an automated questionnaire that helps evaluate an organization'"'"'s posture against published or proprietary security frameworks or regulatory requirements, comprising;
-
a. a method of storing published security frameworks or regulatory requirements or the ability to create customized, proprietary security frameworks;
b. manipulation of the stored security frameworks or regulatory requirements based on user selection such that customized questions are presented to the user that address only areas relevant to the user'"'"'s actual operating environment; and
c. collection of the user'"'"'s responses such that the questionnaire can either stand alone or provide the response data to an enterprise server.
-
-
8. A method of rules-based, event-driven, automated information security remediation and compliance activity management, comprising;
-
a. a process to create customized rules related to compliance and security issues for an organization that are correlated with available resources and activities on an enterprise server;
b. the automatic assignment of tasks or launching of an activity based on a related trigger event in the enterprise server'"'"'s remediation management module;
c. resolving one or more of the security or compliance issues; and
d. reporting a resolution to the enterprise server.
-
Specification