Method of assuring enterprise security standards compliance

US 20060156408A1
Filed: 01/11/2005
Published: 07/13/2006
Est. Priority Date: 01/11/2005
Status: Active Grant

First Claim

Patent Images

1. A method for determining a security posture of an enterprise, comprising:

responsive to an occurrence of an event in an enterprise environment, populating a first database with critical operations and mapping data;

populating a second database with historical data associated with the critical operations;

populating a third database with access control data associated with the critical operations;

generating a security compliance view of the enterprise based on a comparison of data in the first database, second database, and third database against similar security data elements from company or external policies; and

generating a security posture view by comparing the security compliance view against threat data in a fourth database.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, apparatus, and computer instructions for providing a current and complete security compliance view of an enterprise system. The present invention provides the ability to gain a real-time security posture and security compliance view of an enterprise and to assess the risk impact of known threats and attacks to continued business operations at various levels is provided. Responsive to a change to an enterprise environment, a request, or an external threat, an administrator loads or updates at least one of a Critical Application Operations database, a Historical database, an Access Control database, a Connectivity database, and a Threat database. Based on a comparison of information in the databases against similar security data elements from company or external policies, the administrator may generate a Security Compliance view of the enterprise. A Security Posture view may also be generated by comparing the Security Compliance view against data in the Threat database.

142 Citations

27 Claims

1. A method for determining a security posture of an enterprise, comprising:
- responsive to an occurrence of an event in an enterprise environment, populating a first database with critical operations and mapping data;
  
  populating a second database with historical data associated with the critical operations;
  
  populating a third database with access control data associated with the critical operations;
  
  generating a security compliance view of the enterprise based on a comparison of data in the first database, second database, and third database against similar security data elements from company or external policies; and
  
  generating a security posture view by comparing the security compliance view against threat data in a fourth database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the event is one of a request, or an external threat, or a change to the enterprise environment.
  - 3. The method of claim 1, wherein determining the security posture of the enterprise allows for analyzing potential risks to business applications and operations.
  - 4. The method of claim 3, wherein the potential risks to business applications and operations is shown in real-time.
  - 5. The method of claim 1, further comprising:
    - generating a threat result view by comparing elements in the fourth database against data in the third database, wherein generating the threat result view allows for determining an impact to enterprise operations if a threat is exploited.
  - 6. The method of claim 5, further comprising:
    - generating a resource exposure view by comparing the threat result view against mapping elements in the first database, wherein the resource exposure view allows for determining other resources vulnerable to a threat.
  - 7. The method of claim 1, wherein the populating steps are triggered when a change to identified elements in an internal or external enterprise environment is detected.
  - 8. The method of claim 1, wherein the populating steps are triggered from a request to generate at least one of the security compliance view, security posture view, threat result view, and resource exposure view.
  - 9. The method of claim 1, wherein an algorithm is used to assess current threats in the fourth database against the security compliance view to generate the security posture view.

10. A data processing system for determining a security posture of an enterprise, comprising:
- first populating means for populating a first database with critical operations and mapping data in response to an occurrence of an event in an enterprise environment;
  
  second populating means for populating a second database with historical data associated with the critical operations;
  
  third populating means for populating a third database with access control data associated with the critical operations;
  
  first generating means for generating a security compliance view of the enterprise based on a comparison of data in the first database, second database, and third database against similar security data elements from company or external policies; and
  
  second generating means for generating a security posture view by comparing the security compliance view against threat data in a fourth database.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The data processing system of claim 10, wherein the event is one of a request, or an external threat, or a change to the enterprise environment.
  - 12. The data processing system of claim 10, wherein determining the security posture of the enterprise allows for analyzing potential risks to business applications and operations.
  - 13. The data processing system of claim 12, wherein the potential risks to business applications and operations are shown in real-time.
  - 14. The data processing system of claim 10, further comprising:
    - third generating means for generating a threat result view by comparing elements in the fourth database against data in the third database, wherein generating the threat result view allows for determining an impact to enterprise operations if a threat is exploited.
  - 15. The data processing system of claim 14, further comprising:
    - fourth generating means for generating a resource exposure view by comparing the threat result view against mapping elements in the first database, wherein the resource exposure view allows for determining other resources vulnerable to a threat.
  - 16. The data processing system of claim 10, wherein the populating steps are triggered when a change to identified elements in an internal or external enterprise environment is detected.
  - 17. The data processing system of claim 10, wherein the populating steps are triggered from a request to generate at least one of the security compliance view, security posture view, threat result view, and resource exposure view.
  - 18. The data processing system of claim 10, wherein an algorithm is used to assess current threats in the fourth database against the security compliance view to generate the security posture view.

19. A computer program product in a computer readable medium for determining a security posture of an enterprise, comprising:
- first instructions for populating a first database with critical operations and mapping data in response to an occurrence of an event in an enterprise environment;
  
  second instructions for populating a second database with historical data associated with the critical operations;
  
  third instructions for populating a third database with access control data associated with the critical operations;
  
  fourth instructions for generating a security compliance view of the enterprise based on a comparison of data in the first database, second database, and third database against similar security data elements from company or external policies; and
  
  fifth instructions for generating a security posture view by comparing the security compliance view against threat data in a fourth database.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The computer program product of claim 19, wherein the event is one of a request, or an external threat, or a change to the enterprise environment.
  - 21. The computer program product of claim 19, wherein determining the security posture of the enterprise allows for analyzing potential risks to business applications and operations.
  - 22. The computer program product of claim 21, wherein the potential risks to business applications and operations are shown in real-time.
  - 23. The computer program product of claim 19, further comprising:
    - sixth instructions for generating a threat result view by comparing elements in the fourth database against data in the third database, wherein generating the threat result view allows for determining an impact to enterprise operations if a threat is exploited.
  - 24. The computer program product of claim 23, further comprising:
    - seventh instructions for generating a resource exposure view by comparing the threat result view against mapping elements in the first database, wherein the resource exposure view allows for determining other resources vulnerable to a threat.
  - 25. The computer program product of claim 19, wherein the populating steps are triggered when a change to identified elements in an internal or external enterprise environment is detected.
  - 26. The computer program product of claim 19, wherein the populating steps are triggered from a request to generate at least one of the security compliance view, security posture view, threat result view, and resource exposure view.
  - 27. The computer program product of claim 19, wherein an algorithm is used to assess current threats in the fourth database against the security compliance view to generate the security posture view.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
X Corp. (f/k/a Twitter, Inc.) (X Holdings Corp.)
Original Assignee
International Business Machines Corporation
Inventors
Jeffries, Clark Debs, Lingafelt, Charles Steven, Himberger, Kevin David, Roginsky, Allen Leonid, Singleton, Phillip

Granted Patent

US 7,657,942 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

G06Q 40/08   Insurance

G08B 21/22   responsive to presence or a...

Method of assuring enterprise security standards compliance

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

142 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Method of assuring enterprise security standards compliance

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

142 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links