System and method for assessing the security posture of a network
First Claim
Patent Images
1. A method for assessing the security posture of a network comprising the steps of:
- creating a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability analysis programs;
exporting the system object model database of the network to the separate, non-integrated network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
analyzing the network with each network vulnerability analysis program to produce data results from each program; and
correlating the data results of the network vulnerability analysis programs to determine the security posture of the network.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and data processing system assesses the security vulnerability of a network by creating a system object model database representing a network. The system object model database supports the information data requirements of disparate network vulnerability analysis programs. The system object model database is exported to the disparate network vulnerability analysis programs. The network is analyzed with each network vulnerability analysis program to produce data results from each program. Data results are correlated to determine the security posture of the network.
165 Citations
36 Claims
-
1. A method for assessing the security posture of a network comprising the steps of:
-
creating a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability analysis programs; exporting the system object model database of the network to the separate, non-integrated network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database; analyzing the network with each network vulnerability analysis program to produce data results from each program; and correlating the data results of the network vulnerability analysis programs to determine the security posture of the network. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for assessing the security posture of a network comprising the steps of:
-
creating a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database; importing the system object model database of the network to the network vulnerability analysis programs through filters associated with each respective network vulnerability analysis program to export only the data required by a respective network vulnerability analysis program; analyzing the network with each network vulnerability analysis program to produce data results from each program; and correlating the data results of the network vulnerability analysis programs to determine the security posture of the network. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program that resides on a medium that can be read by a program, wherein the computer program comprises instructions to cause a computer to create a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated disparate network vulnerability analysis programs that analyze discrete network portions, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
-
export the system object model database of the network to the network vulnerability analysis programs; analyze the network with each network vulnerability/risk analysis program to produce data results from each program; and correlate the data results of the network vulnerability analysis programs to determine the security posture of the network. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A computer program that resides on a medium that can be read by a program, wherein the computer program comprises instructions to cause a computer to create a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability analysis programs that analyze discrete network portions, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
-
import the system object model database of the network to the network vulnerability analysis programs through filters associated with each respective network vulnerability analysis program so as to export only the data required by the respective network vulnerability analysis program; analyze the network with each network vulnerability analysis program to produce data results from each program; and correlate the data results of the network vulnerability analysis programs to determine the security posture of the network. - View Dependent Claims (20, 21, 22, 23, 24)
-
-
25. A data processing system for assessing the security vulnerability of a network comprising:
-
a plurality of separate, non-integrated network vulnerability/risk analysis programs used for analyzing a network; a system object model database that represents the network to be analyzed, wherein the system object model database supports the information data requirements of the network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database; an applications programming interface for exporting the system object model database of the network to the network vulnerability/risk analysis programs; and a processor for correlating the data results obtained from each network vulnerability analysis program after analyzing the network to determine the security posture of the network. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A data processing system for assessing the security vulnerability of a network comprising:
-
a plurality of separate, non-integrated network vulnerability/risk analysis programs used for analyzing a network; a system object model database that represents the network to be analyzed, wherein the system object model database supports the information data requirements of each network vulnerability analysis program, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database; an applications programming interface for exporting the system object model database of the network to the separate, non-integrated network vulnerability analysis programs; a filter associated with the applications programming interface and each respective network vulnerability analysis program for filtering the system object model database and exporting only the required data requirements to each network vulnerability analysis program; and a processor for correlating the data results obtained from each network vulnerability analysis program after analyzing the network to determine the security posture of the network. - View Dependent Claims (32, 33, 34, 35, 36)
-
Specification