Computer program product and apparatus for multi-path remediation
DCFirst Claim
1. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
- code for;
accessing at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, such that;
each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, andeach mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option;
code for;
displaying at least one mitigation technique for mitigating an effect of at least one attack that takes advantage of at least one vulnerability, andreceiving user input for selecting the at least one mitigation technique to be applied for mitigating the effect of the at least one attack that takes advantage of the at least one vulnerability; and
code for;
receiving information in connection with at least one of a plurality of devices, andidentifying an attack in connection with the at least one device that takes advantage of the at least one vulnerability, based on the information;
wherein the computer program product is operable such that, as a result of the user input for selecting the at least one mitigation technique to be applied for mitigating the effect of the at least one attack that takes advantage of the at least one vulnerability, the identified attack is prevented from taking advantage of the at least one vulnerability;
wherein the computer program product is operable such that one or more of the plurality of mitigation techniques is capable of being identified based on an identification of an operating system.
0 Assignments
Litigations
1 Petition
Accused Products
Abstract
A system, method, and computer program product are provided for a database associating a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities. Each of the device vulnerabilities is associated with at least one remediation technique. Each remediation technique associated with a particular device vulnerability remediates that particular vulnerability. Further, each remediation technique has a remediation type are selected from the type group consisting of patch, policy setting, and configuration option. Still yet, a first one of the device vulnerabilities is associated with at least two alternative remediation techniques.
906 Citations
20 Claims
-
1. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
-
code for; accessing at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, such that; each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option; code for; displaying at least one mitigation technique for mitigating an effect of at least one attack that takes advantage of at least one vulnerability, and receiving user input for selecting the at least one mitigation technique to be applied for mitigating the effect of the at least one attack that takes advantage of the at least one vulnerability; and code for; receiving information in connection with at least one of a plurality of devices, and identifying an attack in connection with the at least one device that takes advantage of the at least one vulnerability, based on the information; wherein the computer program product is operable such that, as a result of the user input for selecting the at least one mitigation technique to be applied for mitigating the effect of the at least one attack that takes advantage of the at least one vulnerability, the identified attack is prevented from taking advantage of the at least one vulnerability; wherein the computer program product is operable such that one or more of the plurality of mitigation techniques is capable of being identified based on an identification of an operating system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 16, 17, 18)
-
-
14. A computer program product embodied on a non-transitory computer readable medium, the computer program product comprising:
-
code for; accessing at least one data structure identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities, where; each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option; code for; receiving information in connection with at least one of a plurality of devices; and identifying an attack on the at least one device that takes advantage of at least one of the vulnerabilities, based on the information; code for; automatically applying at least two of the plurality of mitigation techniques including at least one first mitigation technique of a first mitigation type and at least one second mitigation technique of a second mitigation type to the at least one device, for mitigating an effect of the attack on the at least one device that takes advantage of the at least one vulnerability; wherein the computer program product is operable such that the effect of the attack is mitigated by preventing the attack from taking advantage of the at least one vulnerability; wherein the computer program product is operable such that one or more of the plurality of mitigation techniques is identified based on an identification of an operating system. - View Dependent Claims (19, 20)
-
-
15. An apparatus, comprising:
-
at least one data storage identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities associated with an operating system, where; each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability, and each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option; and a computer program product embodied on a non-transitory computer readable medium, the computer program product including; code for; displaying at least two of the mitigation techniques for mitigating an effect of at least one attack that takes advantage of at least one vulnerability, and receiving at least one user input in connection with the at least two mitigation techniques; code for; automatically applying the at least two mitigation techniques based on the at least one user input, the at least two mitigation techniques including; at least one first mitigation technique for utilizing a firewall for attack mitigation, and at least one second mitigation technique for utilizing an intrusion prevention system for attack mitigation; and code for; identifying information in connection with at least one device, and identifying an attack in connection with the at least one device that takes advantage of the at least one vulnerability, based on the information; wherein the computer program product is operable such that the identified attack is mitigated utilizing the first mitigation technique for utilizing the firewall for attack mitigation and the at least one second mitigation technique for second mitigation technique for utilizing the intrusion prevention system for attack mitigation; wherein the computer program product is operable such that the at least two mitigation techniques are displayed based on an identification of an operating system.
-
Specification