CN1610887A - 计算机脆弱性自动解决方案*** - Google Patents
计算机脆弱性自动解决方案*** Download PDFInfo
- Publication number
- CN1610887A CN1610887A CNA028265742A CN02826574A CN1610887A CN 1610887 A CN1610887 A CN 1610887A CN A028265742 A CNA028265742 A CN A028265742A CN 02826574 A CN02826574 A CN 02826574A CN 1610887 A CN1610887 A CN 1610887A
- Authority
- CN
- China
- Prior art keywords
- fragility
- flag
- fix
- server
- computer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer And Data Communications (AREA)
- Stored Programmes (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
一种用于处理计算机安全脆弱性的***和方法。这一***和方法通常包括汇集关于多个计算机脆弱性的脆弱性信息;建立所述多个计算机脆弱性的修补数据库;建立一个修补标志(46)用来处理该计算机安全脆弱性;以及为客户端计算机(40)配置所述修补标志(46)。修补标志(46)本质上包括用于处理相应脆弱性的一系列动作。期望对该过程有一种可控的自动方案,其中***能够选择性配置修补标志(46);选择性解决脆弱性;定期配置修补标志(46);以及定期为客户端计算机(40)进行脆弱性扫描。
Description
相关申请的相互参考
本申请要求2001年12月31日申请的美国临时申请第60/345,689号的优先权。
技术领域
本发明一般涉及一种用于解决计算机中的安全脆弱性(vulnerability)的方法和***,尤其涉及一种脆弱性解决方案***,在该***中,可以汇集来自一个或多个来源的计算机安全脆弱性信息,产生全面的修补(remediation)更新并可控地自动分发给目标客户端计算机。
背景技术
计算机、计算机***以及运行于其上的应用程序正变得日益复杂。此外,随着因特网和其他现代网络技术的出现,计算机的相互连接不断增强,对单个计算机和计算机网络进行远程访问也变得越来越普遍。部分的由于这种复杂性的影响,需要解决的计算机安全脆弱性数量持续增加。比如,仅在2000年就发现了650个操作***脆弱性,其中Windows2000/NT平台126个,Windows 9x平台46个。据计算机安全协会的报告,1999年有417个脆弱性,2000年有1090个脆弱性,2001年有2437个脆弱性,估计2002年可能超过4000个。按照这一趋势,保护计算机不被这些脆弱性打开安全缺口的难度不断加大。而且,维护计算机***和/或网络安全的任务日益繁重和困难。
当前,各机构一般使用脆弱性扫描软件或者安全管理提供商来检测计算机的安全弱点。这些工具一般提供在计算环境下发现的脆弱性的详细信息,但只能提供纠正或解决所检测到的脆弱性的有限手段。一个机构为了去除发现的脆弱性,通常需要耗费大量的人力和资源来识别和/或修补每一个脆弱性,甚至耗费更多的人力为受影响的计算机安装脆弱性修补程序。通常,这涉及到访问每一个个体计算机并手动进行必要的修补。另外,一旦进行了修补,用户可以容易地卸载该修补,或者安装使修补无效的其它软件,这就浪费了原来花费在修补上的所有努力。
发明内容
根据本发明,提出一种方法和***,它提供一种更为自动和可控的方式来修补在个体计算机和计算机网络上的安全脆弱性。尤其是,提供一种脆弱性解决方案***,该***汇集脆弱性信息,并利用该信息来建立和随后更新脆弱性修补标志(signature),供下载使用。被下载的标志于是被选择性地用来处理或解决有安全脆弱性的客户端机器中的脆弱性。
在一个实施方案中,一种用于解决计算机脆弱性的方法包括汇集关于多个计算机脆弱性的脆弱性信息;建立所述多个计算机脆弱性的修补数据库;建立一个修补标志用来处理计算机脆弱性;为客户端计算机配置所述修补标志。脆弱性信息的汇集包括从至少一个安全情报媒介(比如一个关于已知计算机脆弱性信息的数据库,或者一个扫描客户端计算机的脆弱性并记录脆弱性信息的扫描服务)获取脆弱性信息。修补标志通常包含处理相应脆弱性的一系列动作。修补标志一般与一个相应的计算机脆弱性相关。可以为一台客户端计算机建立一个修补简表(profile)用于处理该计算机上的脆弱性,在该简表中包含为该客户端计算机选择的对应该客户端计算机上的脆弱性的修补标志。该修补标志可被上载到一个快速服务器(flash server),供客户端计算机或客户端服务器进行远程访问或者下载。还期望有一种可控修补方案,其中可包括选择性使用修补标志,选择性解决脆弱性,对客户端计算机脆弱性进行定期扫描,对修补标志进行定期配置等等。
在另一个实施方案中,一种用于解决计算机脆弱性的***包括一个能与拥有计算机脆弱性信息的安全情报媒介连接的修补服务器,以便将所述脆弱性信息汇集到修补数据库中。各种不同装置可与修补服务器连接以完善该***。比如,标志模块与修补服务器相连接,以便为每一个脆弱性建立修补标志。快速服务器可与标志模块相连接以远程访问所述修补标志。也可以包含客户端服务器,它能与所述快速服务器相连接以访问所述修补标志。也可以将配置模块与客户端服务器相连接,它能为与上述客户端服务器相连接的客户端计算机配置所述修补标志。配置模块也能为客户端计算机建立一个修补简表以处理该计算机上的脆弱性,其中修补简表通常包含为该客户端计算机选择的对应该客户端计算机上的脆弱性的修补标志。也可以将一个输入模块与修补服务器相连接,用于处理修补服务器与拥有计算机脆弱性的信息的安全情报媒介的连接。也可以将一个客户端模块与客户端服务器相连接,所述客户端模块处理客户端服务器与快速服务器之间的连接以访问所述修补标志。
在另一种实施方案中,计算机可读介质确切地包含一个计算机可执行的指令程序,该程序通过执行一个过程来解决计算机中的脆弱性,该过程包括汇集多个计算机的脆弱性信息;建立所述多个计算机脆弱性的修补数据库;建立修补标志来处理计算机脆弱性;向客户端计算机配置所述修补标志。
附图说明
图1用方块图说明根据本发明的脆弱性解决方案***的实施方案。
图2用方块图说明根据本发明的脆弱性解决方案***的另一种实施方案。
图3用流程图说明根据本发明的计算机脆弱性修补过程实施方案的概观。
图4用流程图说明根据本发明的计算机脆弱性修补的汇集和建立过程的实施方案。
图5A和图5B用流程图说明根据本发明的计算机脆弱性修补的修补管理过程的实施方案。
具体实施方式
在这一披露中,提供大量具体细节以便充分理解本发明。然而,本领域的技术人员将理解不需要这些具体细节也可以实现本发明。在其他情况下,已经使用示意图或者框图的形式说明过那些众所周知的要素,以便不会因不必要的细节而遮蔽本发明。此外,还略过了某些细节,因为它们对于完全理解本发明不是必要的,而被认为是在相关技术领域的技术人员的理解范围内。需要进一步指出的是,此处描述的所有功能除非若有说明,都可由硬件或者软件或二者的组合实现。在下面的说明书和权利要求书中,使用了某些术语来指示特定的***构成。本领域的技术人员将理解,可能有不同的名词称呼这些构成。这份文件并不想区分名字不同但不是功能不同的各个构成。在下面的讨论和权利要求中,以一种开放的方式使用术语“包含”和“包括”,因而应该解释为“包括,但不仅仅局限于...”;同样,术语“连接”用于表示直接或间接的电气或通信连接。这样,如果一个第一装置与一个第二装置相连接,那么这种连接可能是直接连接,也可能是通过其他装置或线路的间接连接;最后,术语“修补”通常用于表示通过降低或缓解脆弱性带来的安全风险处理或解决脆弱性。
图1说明根据本发明的脆弱性修补***10的实施方案。如图1所示,***10包含一个与多个情报媒介14相连接的修补服务器12。修补服务器12还与输入模块15、修补数据库16和标志模块18相连接。在这一实施方案中,输入模块15、修补数据库16和标志模块18并入修补服务器12中。比如,输入模块15、修补数据库16和标志模块18可以存储在修补服务器12的内存中。但是,同样也期望输入模块15、修补数据库16和标志模块18能够与修补服务器远程连接。
快速服务器20也与修补服务器12相连接。客户端服务器22与快速服务器20相连接。客户端模块23和配置模块24与客户端服务器22相连接。在这一实施方案中,客户端模块23和配置模块24并入客户端服务器22中。比如,客户端模块23和配置模块24可以存储在客户端服务器22的内存中。但是,同样也期望客户端模块23和配置模块24能够与客户端服务器22远程连接。最后,多台客户端计算机26与客户端服务器22相连接。
在***10的运行中,修补服务器12从情报媒介14中获取关于计算机安全脆弱性的信息。输入模块15提供修补服务器12和拥有此种信息的各种情报媒介之间的必要接口。情报媒介的实例包括:ISS因特网扫描器、QualysGuard、Nessus、Eeye、Harris、Retina、微软的hfNetCheck及其他。脆弱性信息可能以多种形式来自这些媒介,其中的两种形式是:1)来自安全情报机构涉及已知安全脆弱性(比如象微软Windows那样广泛应用的软件中的脆弱性)的一般性信息,2)在对客户端计算机或者计算机***26进行安全扫描中发现的特定脆弱性的具体信息。修补服务器12将从各种渠道获取的脆弱性信息汇集到修补数据库16。在将这些信息汇集到数据库16中时,修补服务器12以各种方式处理信息。比如,服务器12可能会删除不必要的信息,或者将这些信息分类为相关的脆弱性类型,或者去掉复制信息,识别或者联系某些相关脆弱性等等。
此外,修补服务器12使用标志模块18为脆弱性产生修补标志。典型的是,修补标志是用于处理或解决脆弱性的一系列动作。在这个实施方案中,修补标志包含如下类型的修补动作:服务管理、注册管理、安全许可管理、账目管理、政策管理、审计管理、文件管理、过程管理,以及服务打包、热修复(hot fix)和补丁安装。这些类型的修补动作在计算机安全业界是广为熟知的。
一个修补标志可以处理一个或多个脆弱性。但是,为了解释清楚,假定在这一实施方案中,每一个修补标志处理一个或一种类型的脆弱性。在该***的实施方案中,修补标志是一个抽象目标,它可以在多个平台中开发、执行,并不需要改变在修补***中使用的基础源代码。这就可以在修补***环境中创建修补标志,而修补标志可以被应用到修补***正在运行的任何***和环境中。建立修补标志的过程可能全部是自动的,也可能需要某些人为干预,或者二者的组合。实际上,某些情报媒介14在提供脆弱性信息时,实际上也同时提供修补或对修补提出建议。根据脆弱性的复杂等级,需要对应复杂等级的修补标志。比如,一些厂家通过自己的网站为自己的硬件或软件中的脆弱性提供“补丁”、“修复”或“更新”。因此标志可能包括到卖主网站找到补丁或更新,作为修补计算机脆弱性要进行的其中一种动作的指示。由于标志潜在的复杂等级,它并不总能像最初建立的那样成功运作。因此,标志模块18或修补服务器12要能够对已建立的标志进行测试或批准,从而确保标志能够成功解决针对的脆弱性,并且不会产生非计划中的破坏效果。
一旦建立了修补标志,在***10的实施方案中,修补标志就分配或者联系到修补数据库16中对应的脆弱性。因此,修补数据库16可以包含脆弱性信息和已识别脆弱性的对应的修补标志。作为选择,也期望标志可被存储在别的地方并通过指针或其他方式与对应的脆弱性远程联系。
可将修补标志和脆弱性信息发送到快速服务器20中用于分发。典型的是,只有当测试并批准了修补标志之后,才能发布或上载到快速服务器20,然后分发到正在寻找计算机脆弱性解决方案的客户端。客户端服务器22就可以从快速服务器20中下载需要的信息。在这一实施方案中,通常由用户进行下载,如IT或计算机安全人员。客户端服务器22可通过多种方式与快速服务器20相连接,包括因特网或直接拨号连接。在该***的实施方案中,客户端模块23提供必要的逻辑接口,用于从快速服务器20下载信息。典型的是,客户端服务器22周期性的从快速服务器20下载信息,以检查是否有更新的脆弱性和修补信息。客户端服务器22也可以通过全球网络,如因特网或其他,访问厂家网站21,以获取修补所需的额外补丁和更新。在***10的这一实施方案中,客户端服务器22对从快速服务器20下载的标志进行分析和解释。如果某个标志指定需要卖主网站21上的一个更新或补丁,客户端服务器22将连接到该网站,下载所需的信息,使与客户端服务器22相连接的客户端计算机26可以利用补丁或更新进行本地修补。
在这一实施方案中,也期望客户端服务器22保留客户端计算机26与之相连接的简表。客户端计算机26的简表本质上记录了涉及客户端计算机26的***信息。该简表主要包含了关于在客户端计算机26上完成修补的信息。但是,也期望该简表可以包含关于客户端计算机26的格式信息,以及运行在计算机26上的应用软件及其版本的信息等等,它们可能有助于管理该计算机的安全问题。通过将计算机简表与从快速服务器20下载的脆弱性和修补信息进行比较,客户端服务器22可以跟踪每一台客户端计算机需要什么修补。此外,客户端服务器22可以管理每一台客户端计算机26的脆弱性解决过程。比如,客户端服务器22或者安全和IT人员通过该服务器,能够为每一个客户端计算机26选择应该配置的修补标志,或者决定哪些脆弱性应或不应进行处理。此外,解决脆弱性可通过安排各种解决事件进行管理。比如,安排何时或以何种频度扫描客户端计算机26,以及调配处理这些脆弱性的修补标志的配置时间。
通过管理脆弱性解决方案,可使脆弱性修补更可靠和更成本有效。特别的是,修补可在业余时间进行,使对客户端计算机26的生产率造成的影响降低到最小。可以有选择地进行修补。可对修补进行跟踪和记录,这样就不会意外地重写或者取销修补。与不得不为每一台客户端计算机手动完成或者安装修补相反,也可从客户端服务器22自动完成修补,实际上,对于某些大型公司来说,手动完成修补是一项不可能完成的任务。
图2用方块图说明根据本发明的脆弱性解决方案***30的实施方案。尤其特别的是,图2用另一种方式来显现根据本发明的脆弱性***的体系结构。如图2所示,脆弱性***30的实施方案的体系结构通常包括汇集部分31和修补部分32。体系中的汇集部分31实质上负责获取和汇集计算机安全脆弱性信息,而修补部分32实质上负责为已识别的脆弱性建立修补标志,并以一种可控和自动的方式为客户端计算机配置那些修补。
如图2所示,***体系结构30中的汇集部分31包括情报媒介34、输入应用程序接口(API)或接口36、管理员38。输入API36提供与情报媒介34的接口。参考上面对图1的讨论,情报媒介34提供关于计算机安全脆弱性的信息。注意,这些情报媒介34包含自动脆弱性评估工具、安全情报服务、计算机硬件和软件的制造商等等。管理员38通过输入应用程序接口36从情报媒介34获取脆弱性信息。输入应用程序接口36通常包含从各种可用的情报媒介输入脆弱性评估数据所需的若干接口或输入向导。通常,情报媒介34提供指定必要接口的信息。一旦找到这些信息,就可以通过管理员38汇集、分类、选择或者管理脆弱性信息。
***体系结构30中的修补部分32最终使用由汇集部分31取出的脆弱性信息来修补客户端计算机40上的脆弱性。客户端计算机40如图所示与客户端服务器42相连接。客户端服务器42允许对客户端计算机40自动和可控地配置修补标志。修补部分32的体系结构表明,来自汇集部分31的脆弱性信息通过修补数据总线44、修补标志46和修补简表48传送到客户端服务器42和客户端计算机40。正如上面讨论的,修补标志46本质上是用于处理或解决脆弱性必采取的一组动作。修补标志可由情报媒介34通过脆弱性信息来提供,或者,更为典型的是,它需要根据接收到的脆弱性信息建立。这种建立包括处理脆弱性所采取的一些自动创建和/或手动创建的适当动作。前面还讨论过,还期望修补简表48能记录涉及客户端计算机40或者客户端服务器42的***信息。比如,该简表可以包含关于客户端计算机40或者服务器42的格式、运行在计算机40或服务器42上的软件应用和版本、已经在客户端计算机40或服务器42上执行的修补标志、计算机40的修补历史等信息。通过将计算机简表与获取的脆弱性和修补信息进行比较,就可以跟踪每一个计算机40或者服务器42需要进行什么修补。图2还表明该实施方案中的修补类型或者组合50包括配置管理、后门管理、服务管理、账目管理和补丁管理。可用的修补组合与修补总线44相连接。
图3用一个流程图说明根据本发明的计算机脆弱性修补过程实施方案的概述。修补过程60从方框61中的脆弱性评估开始。脆弱性评估包括使用自动化评估工具、审计方法和情报媒介来核实给定计算机或计算机网络中是否存在已知脆弱性。评估过程还包括装置的发现,也就是映射要评估的网络或子网络部件,识别用作脆弱性评估目标的装置。在方框62中,脆弱性信息输入或者汇集到***中,通常到修补数据库,并且可以建立修补标志来处理已识别的脆弱性。注意,修补标志通常与修补数据库中对应的脆弱性相联系,这样就可以在方框63中审查脆弱性信息。审查过程通常包括分析脆弱性信息,以排序和识别要修补的脆弱性,以及分析可接受的风险(也就是,什么地方不需要进行修补)。正如在方框64中指示的那样,可以按照需要安排修补发生的时间、地点以及方式。这就允许修补发生在非高峰时间,从而降低对计算机正常工作的干涉,并只对确定的目标计算机以期望的方式进行修补。在方框65中,修补标志被批准分发给客户端目标计算机。这期望可以选择性地配置修补标志。此外,设计用于处理已识别脆弱性的标志在被批准可用于配置之前,需要进行测试和修改。一旦批准,修补标志和脆弱性信息就在方框66分发给***客户端,供客户端的计算机使用。这样,就可以按照方框67中的安排进行修补。最后,可以通过状态报告和其他信息,审查进行的修补,以确保修补成功完成。此外,可以记录修补事件以保存修补信息。这类信息可包含在客户端计算机的简表中。注意,这种简表包含关于目标装置的信息,如***配置、软件和先前修补动作或修补历史。拥有这类信息,就可以在将来对客户端计算机进行可控修补。总的来说,图3的修补过程实施方案展现了本发明所期望的脆弱性评估、脆弱性修补和脆弱性管理。
图4用一个流程图说明根据本发明的计算机脆弱性修补的汇集和建立过程实施方案。本质上,汇集和建立过程70可被视为整个修补过程的子过程。过程70开始于方框71中的从情报媒介搜集脆弱性信息。如同先前所述,这些情报媒介包括自动脆弱性评估工具、安全情报服务、计算机硬件或软件的生产商等信息。脆弱性信息从情报媒介取出后,就被汇集到如方框72所示的修补数据库。在方框73,对脆弱性信息进行审查和分析。这包括将信息分类为相关的脆弱性或者其他脆弱性、分类或者识别某些相关的脆弱性、对脆弱性进行优先排序等等。如方框74所示,对脆弱性进行识别以创建修补标志。一个修补标志处理或者解决一个或一类脆弱性。修补标志在方框75中建立。注意,修补标志是一组用于解决或处理对应脆弱性的动作,比如,修改注册设置、更改安全许可、安装补丁等。修补标志的创建可以完全是自动的,或者也会包含某些手动输入。在方框76中,对修补标志进行测试,看它能否有效地处理或解决目标脆弱性。如果不能,那么过程就返回到方框75,重新建立另一个修补标志,然后再在方框76中进行再次测试。一旦建立了有效的标志,过程就继续到方框77。在方框77中,经选择的标志被批准分发给客户端。方框78中,将经批准的标志上载到快速服务器,供客户端下载。这样,用于处理或解决已识别脆弱性的新修补标志和更新的修补标志就可供客户端下载。
图5A和图5B用两个流程图说明根据本发明的用于计算机脆弱性修补的修补管理过程的实施方案。本质上,汇集与建立过程70可被视为整个修补过程的子过程。修补管理过程80的实施方案是一个典型的安装在客户端计算机上的软件应用,它与多个需要进行安全脆弱性修补的目标客户端计算机相连接。因此,过程80开始于方框81中的启动应用。在方框82中,可以从快速服务器下载可用的修补标志和脆弱性信息。在方框83中,可以输入脆弱性评估数据。通常,脆弱性评估数据来自扫描工具,扫描工具对需要考虑进行修补的目标计算机进行扫描和分析。脆弱性评估数据包含在目标计算机或装置上发现的安全脆弱性信息。以在目标计算机上发现的脆弱性为基础,在方框84中将脆弱性与修补标志进行匹配。在这一实施方案中,通过参考从快速服务器下载的修补数据库信息来实现已识别的脆弱性与相应的修补标志之间匹配。但是,同样也期望,这一信息可以提前下载、远程访问或立即下载,以确定脆弱性和可用标志之间的必要相关性。在方框85中,为每台目标计算机创建修补简表。注意,该简表通常包含在目标客户端计算机上已识别的脆弱性的相关信息,以及处理这些脆弱性的对应标志的信息。在方框86中,客户端用户,通常是IT人士或其他计算机安全人员有机会选择决定哪些脆弱性应该修补。一般而言,这种选择是通过对脆弱性信息、建议的标志和简表进行审查后完成的。可以为每一台计算机或者每一个脆弱性进行这种选择和审查。比如,可以选择一台特殊的计算机不进行任何修补,这可能是因为该计算机不存在重大的安全风险,可能是因为该机的脆弱性不严重,也可能是因为不能中止该机正在运行的过程来进行修补,等等。作为选择,也可以为所有的目标客户端计算机排除一个特殊的脆弱性,这样就不必对任何一台目标计算机修补脆弱性,这可能是因为这一脆弱性不会产生足够的安全风险,或者修补标志本身具有太高的风险等等。一旦用户选择性地控制将修补哪些脆弱性,在方框87中,用户就可以决定哪一台计算机可以接受修补。在方框88中,需要对被提议的修补进行分析,从而决定需要哪一个修补标志。在方框89中,向将要接受修补的目标客户端计算机通报修补即将进行。在这一实施方案中,通报必须包含传送给安装在每台客户端计算机上的本地修补应用程序的信息。在修补通报中可能还包含有修补计划安排的时间。比如,可能将修补安排在一个特定事件发生时,如用户退出、进入机器或者其他动作发生。此外,也可以将修补安排在特定时间进行,也就是说,使用目标客户端计算机的本地时钟,修补可以在进度时间表中进行初始化设置。或者作为选择,修补也可以在目标客户端计算机刚收到通报时就进行。不管是什么触发事件,在方框90中,当满足触发时就启动本地修补。
过程80在图5B中继续。一旦启动了修补,在方框91中,就下载针对客户端计算机的修补简表。通常,从客户端服务器下载简表,客户端修补管理过程应用程序就运行在客户端服务器上,它也是最先发送修补挂起通报的服务器。如同方框92注明的那样,然后解释简表的内容,并执行修补标志和该简表中指定的动作。如同方框93注明的那样,在修补过程中,要向客户端服务器和监视器报告修补状态。此外,如同方框94所标注的,还要对修补步骤进行优先排序和分析,以确保执行序列最有效。如同方框95标注的那样,某些修补动作要在重新启动后才能产生效果。在方框96中,目标客户端计算机完成修补后,就记录到客户端服务器。一旦修补完成,方框97指示生成说明修补效果的报告。在方框98中决定修补的成功与否。如果认为修补不成功,或者由对客户端计算机进行的额外安全扫描表明它没有解决已识别的脆弱性,或者修补动作产生了非计划的破坏性效果等等,就后退或者取消修补,按照方框99建议的那样重复进行修补过程。如果认为修补是成功的,也就是说,已经解决脆弱性并且没有产生破坏性效果,那么在方框100中,就结束过程。通过这种方式,用于处理或解决已识别脆弱性的新修补标志和更新修补标志,就可供下载,用于自动和可控地在目标客户端计算机上展开修补。
尽管已经说明和描述了本发明的特定设备和使用方法,但是显然,可以在所附权利要求书定义的本发明的范围内用等同部分替代所示部分,和进行其他改变。
由于本领域的技术人员显然知道可以修改和以不同但等价的方式实现本发明,因此在此公开的特定实施方案只是示意性的。另外,除了下面的权利要求书的描述以外,这里展示的构造或设计细节没有局限性。显然,上述公开的特定实施方案可以被调整或修改,而且所有这些变更都认为在本发明的范围和精神之内。因此,在此寻求的保护范围在下面的权利要求书中陈述。
Claims (47)
1.一种用于解决计算机中的脆弱性的方法,包括:
汇集关于多个计算机脆弱性的脆弱性信息;以及
建立所述多个计算机脆弱性的修补数据库。
2.根据权利要求1的方法,还包括建立一个修补标志以处理计算机脆弱性。
3.根据权利要求2的方法,还包括为客户端计算机配置所述修补标志。
4.根据权利要求1的方法,其中所述汇集脆弱性信息包括从至少一个安全情报媒介获取脆弱性信息。
5.根据权利要求4的方法,其中所述安全情报媒介包括关于已知计算机脆弱性信息的数据库。
6.根据权利要求4的方法,其中所述安全情报媒介包括对客户端计算机的脆弱性进行扫描并记录脆弱性信息的扫描服务。
7.根据权利要求2的方法,其中一个修补标志包括用于处理一个相应的脆弱性的一系列动作。
8.根据权利要求2的方法,其中所述建立修补数据库还包括使每一个修补标志与一个相应的计算机脆弱性相联系。
9.根据权利要求1的方法,其中所述建立修补数据库还包括建立、测试和批准对应于一个脆弱性的修补标志。
10.根据权利要求3的方法,其中所述配置所述修补标志包括为所述修补标志提供远程访问。
11.根据权利要求3的方法,其中所述配置所述修补标志包括为客户端计算机建立一个修补简表,用以处理该计算机上的脆弱性。
12.根据权利要求3的方法,其中所述修补简表包括为客户端计算机选择的对应该客户端计算机上的脆弱性的修补标志。
13.根据权利要求10的方法,其中所述配置所述修补标志还包括向快速服务器上载经批准的修补标志,用于客户端计算机或客户端服务器进行远程访问。
14.根据权利要求13的方法,其中所述配置所述修补标志还包括从所述快速服务器下载修补标志到客户端服务器。
15.根据权利要求3的方法,其中所述配置所述修补标志包括管理脆弱性解决方案。
16.根据权利要求15的方法,其中所述管理脆弱性解决方案包括选择性配置修补标志。
17.根据权利要求15的方法,其中所述管理脆弱性解决方案包括选择性解决脆弱性。
18.根据权利要求15的方法,其中所述管理脆弱性解决方案包括定期扫描客户端计算机中的脆弱性。
19.根据权利要求15的方法,其中所述管理脆弱性解决方案包括定期配置修补标志。
20.一种用于解决计算机脆弱性的***,包括:
一个修补服务器,其能够与拥有计算机脆弱性信息的安全情报媒介相连接,以便将所述脆弱性信息汇集到修补数据库中。
21.根据权利要求20的***,还包括与所述修补服务器相连接的标志模块,以便为每一个脆弱性建立一个修补标志。
22.根据权利要求21的***,还包括与所述标志模块相连接的快速服务器,以便远程访问所述修补标志。
23.根据权利要求22的***,还包括能与所述快速服务器相连接的客户端服务器,以访问所述修补标志。
24.根据权利要求23的***,还包括与所述客户端服务器相连接的配置模块,所述配置模块能够将所述修补标志配置到与所述客户端服务器相连接的客户端计算机中。
25.根据权利要求24的***,其中所述配置模块能够为客户端计算机建立一个修补简表以处理该计算机上的脆弱性。
26.根据权利要求25的***,其中所述修补简表包括为客户端计算机选择的对应该客户端计算机上的脆弱性的修补标志。
27.根据权利要求20的***,其中所述安全情报媒介包括关于已知计算机脆弱性的信息的数据库。
28.根据权利要求20的***,其中所述安全情报媒介包括对客户端计算机中的脆弱性进行扫描并记录脆弱性信息的扫描服务。
29.根据权利要求20的***,其中所述修补服务器为每一个脆弱性指定一个修补标志。
30.根据权利要求21的***,其中所述标志模块能够建立、测试和批准修补标志。
31.根据权利要求22的***,其中所述快速服务器提供对已批准的修补标志进行访问。
32.根据权利要求22的***,其中所述修补标志被上载到所述快速服务器。
33.根据权利要求23的***,其中所述客户端服务器从所述快速服务器下载所述修补标志。
34.根据权利要求24的***,其中所述配置模块允许可控的脆弱性解决方案。
35.根据权利要求34的***,其中所述可控脆弱性解决方案包括选择性配置修补标志。
36.根据权利要求34的***,其中所述可控脆弱性解决方案包括选择性解决脆弱性。
37.根据权利要求34的***,其中所述可控脆弱性解决方案包括对客户端计算机定期扫描脆弱性。
38.根据权利要求34的***,其中所述可控脆弱性解决方案包括定期配置修补标志。
39.根据权利要求24的***,其中所述配置模块为每一个客户端计算机建立一个修补简表。
40.根据要求要求39的***,其中所述修补简表包括用于解决所述客户端计算机上的脆弱性的修补标志。
41.根据权利要求39的***,其中所述修补标志可被选择性地包括在所述修补简表中。
42.根据权利要求21的***,其中所述修补标志包括用于处理相应脆弱性的一系列动作。
43.根据权利要求20的***,还包括一个与所述修补服务器相连接的输入模块,其处理修补服务器与拥有计算机脆弱性信息的安全情报媒介之间的连接。
44.根据权利要求23的***,还包括一个与所述客户端服务器相连接的客户端模块,其处理客户端服务器与快速服务器之间的连接以访问所述修补标志。
45.计算机可读介质,确切地包括一个可由计算机执行的用于完成解决计算机脆弱性的过程的指令程序,该过程包括:
汇集关于多个计算机脆弱性的脆弱性信息;以及
建立所述多个计算机脆弱性的修补数据库。
46.根据权利要求45的介质,其中所述过程还包括建立一个修补标志用于处理计算机脆弱性。
47.根据权利要求45的介质,其中所述过程还包括为客户端计算机配置所述修补标志。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US34568901P | 2001-12-31 | 2001-12-31 | |
US60/345,689 | 2001-12-31 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN1610887A true CN1610887A (zh) | 2005-04-27 |
Family
ID=23356073
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNA028265742A Pending CN1610887A (zh) | 2001-12-31 | 2002-12-31 | 计算机脆弱性自动解决方案*** |
Country Status (11)
Country | Link |
---|---|
US (2) | US7000247B2 (zh) |
EP (1) | EP1461707A1 (zh) |
JP (1) | JP2005532606A (zh) |
KR (1) | KR20040069324A (zh) |
CN (1) | CN1610887A (zh) |
AU (1) | AU2002360844A1 (zh) |
BR (1) | BR0215388A (zh) |
CA (1) | CA2472268A1 (zh) |
MX (1) | MXPA04006473A (zh) |
NO (1) | NO20043189L (zh) |
WO (1) | WO2003058457A1 (zh) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1941782B (zh) * | 2005-09-22 | 2011-09-28 | 阿尔卡特公司 | 将安全漏洞关联于资产的***和方法 |
CN101964780B (zh) * | 2010-01-28 | 2012-11-28 | 北京邮电大学 | 一种ip多媒体子***网络脆弱性分析方法与*** |
CN103562923A (zh) * | 2011-05-31 | 2014-02-05 | 惠普发展公司,有限责任合伙企业 | 应用程序安全测试 |
CN104614624A (zh) * | 2015-02-13 | 2015-05-13 | 东南大学 | 一种基于电力通信交互影响的电力***脆弱性的检测方法 |
US9501650B2 (en) | 2011-05-31 | 2016-11-22 | Hewlett Packard Enterprise Development Lp | Application security testing |
CN111164597A (zh) * | 2017-09-29 | 2020-05-15 | 国际商业机器公司 | 使用流聚类的补丁组的动态重组 |
Families Citing this family (312)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US7882555B2 (en) * | 2001-03-16 | 2011-02-01 | Kavado, Inc. | Application layer security method and system |
US6513122B1 (en) | 2001-06-29 | 2003-01-28 | Networks Associates Technology, Inc. | Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities |
US7124181B1 (en) | 2001-06-29 | 2006-10-17 | Mcafee, Inc. | System, method and computer program product for improved efficiency in network assessment utilizing variable timeout values |
US7257630B2 (en) * | 2002-01-15 | 2007-08-14 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7664845B2 (en) * | 2002-01-15 | 2010-02-16 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7243148B2 (en) * | 2002-01-15 | 2007-07-10 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7543056B2 (en) | 2002-01-15 | 2009-06-02 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7152105B2 (en) * | 2002-01-15 | 2006-12-19 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US6941467B2 (en) * | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US20060015942A1 (en) | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US7096498B2 (en) | 2002-03-08 | 2006-08-22 | Cipher Trust, Inc. | Systems and methods for message threat management |
US7080141B1 (en) * | 2002-04-12 | 2006-07-18 | Cisco Technology, Inc. | Arrangement for automated fault detection and fault resolution of a network device |
IL149583A0 (en) * | 2002-05-09 | 2003-07-06 | Kavado Israel Ltd | Method for automatic setting and updating of a security policy |
WO2003100617A1 (en) * | 2002-05-22 | 2003-12-04 | Lucid Security Corporation | Adaptive intrusion detection system |
US20040064722A1 (en) * | 2002-10-01 | 2004-04-01 | Dinesh Neelay | System and method for propagating patches to address vulnerabilities in computers |
US7188369B2 (en) * | 2002-10-03 | 2007-03-06 | Trend Micro, Inc. | System and method having an antivirus virtual scanning processor with plug-in functionalities |
US20040107345A1 (en) * | 2002-10-21 | 2004-06-03 | Brandt David D. | System and methodology providing automation security protocols and intrusion detection in an industrial controller environment |
US8909926B2 (en) * | 2002-10-21 | 2014-12-09 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
US9009084B2 (en) | 2002-10-21 | 2015-04-14 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis and network intrusion protection in an industrial environment |
US7353539B2 (en) * | 2002-11-04 | 2008-04-01 | Hewlett-Packard Development Company, L.P. | Signal level propagation mechanism for distribution of a payload to vulnerable systems |
US7694343B2 (en) * | 2002-11-27 | 2010-04-06 | Symantec Corporation | Client compliancy in a NAT environment |
US7827607B2 (en) * | 2002-11-27 | 2010-11-02 | Symantec Corporation | Enhanced client compliancy using database of security sensor data |
CN1739275A (zh) * | 2002-12-13 | 2006-02-22 | 计算机联合思想公司 | 内容管理*** |
US8091117B2 (en) * | 2003-02-14 | 2012-01-03 | Preventsys, Inc. | System and method for interfacing with heterogeneous network data gathering tools |
US7627891B2 (en) * | 2003-02-14 | 2009-12-01 | Preventsys, Inc. | Network audit and policy assurance system |
FR2852123A1 (fr) * | 2003-03-04 | 2004-09-10 | Paul Saravanane Marechal | Procede pour l'automatisation de la mise en oeuvre et la mise a jour d'un systeme d'information |
WO2004086180A2 (en) * | 2003-03-21 | 2004-10-07 | Computer Associates Think, Inc. | Auditing system and method |
US7496662B1 (en) | 2003-05-12 | 2009-02-24 | Sourcefire, Inc. | Systems and methods for determining characteristics of a network and assessing confidence |
WO2004107647A1 (en) * | 2003-05-17 | 2004-12-09 | Microsoft Corporation | Mechanism for evaluating security risks |
US20150033323A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Virtual patching system, method, and computer program product |
US20070113272A2 (en) * | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Real-time vulnerability monitoring |
US9118709B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20070256132A2 (en) * | 2003-07-01 | 2007-11-01 | Securityprofiling, Inc. | Vulnerability and remediation database |
US9350752B2 (en) * | 2003-07-01 | 2016-05-24 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US9100431B2 (en) * | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US20070112941A2 (en) * | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Client capture of vulnerability data |
US9118710B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20070118756A2 (en) * | 2003-07-01 | 2007-05-24 | Securityprofiling, Inc. | Policy-protection proxy |
US9118708B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Multi-path remediation |
US9118711B2 (en) * | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US8266699B2 (en) * | 2003-07-01 | 2012-09-11 | SecurityProfiling Inc. | Multiple-path remediation |
US7424706B2 (en) * | 2003-07-16 | 2008-09-09 | Microsoft Corporation | Automatic detection and patching of vulnerable files |
US7430760B2 (en) * | 2003-12-05 | 2008-09-30 | Microsoft Corporation | Security-related programming interface |
US7533413B2 (en) * | 2003-12-05 | 2009-05-12 | Microsoft Corporation | Method and system for processing events |
US7661123B2 (en) * | 2003-12-05 | 2010-02-09 | Microsoft Corporation | Security policy update supporting at least one security service provider |
US7647631B2 (en) * | 2003-12-10 | 2010-01-12 | Hewlett-Packard Development Company | Automated user interaction in application assessment |
US20050198530A1 (en) * | 2003-12-12 | 2005-09-08 | Chess David M. | Methods and apparatus for adaptive server reprovisioning under security assault |
US20050138431A1 (en) * | 2003-12-23 | 2005-06-23 | Harrison Jay P. | Network protection software and method |
US8024783B2 (en) | 2004-01-22 | 2011-09-20 | Ryan Riley | Modular agent architecture |
US20050166198A1 (en) * | 2004-01-22 | 2005-07-28 | Autonomic Software, Inc., A California Corporation | Distributed policy driven software delivery |
GB2410647A (en) * | 2004-01-31 | 2005-08-03 | Hewlett Packard Development Co | Identifying and Patching Vulnerabilities in a Network |
US8201257B1 (en) | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
US7519954B1 (en) | 2004-04-08 | 2009-04-14 | Mcafee, Inc. | System and method of operating system identification |
US7698275B2 (en) * | 2004-05-21 | 2010-04-13 | Computer Associates Think, Inc. | System and method for providing remediation management |
KR100956574B1 (ko) | 2004-07-13 | 2010-05-07 | 인터내셔널 비지네스 머신즈 코포레이션 | 타겟 컴퓨터 시스템들에 걸친 침입 검출, 침입 응답 및취약점 치료를 위한 방법들, 컴퓨터 프로그램 제품들 및데이터 구조들 |
US8458793B2 (en) * | 2004-07-13 | 2013-06-04 | International Business Machines Corporation | Methods, computer program products and data structures for intrusion detection, intrusion response and vulnerability remediation across target computer systems |
EP1630710B1 (en) * | 2004-07-21 | 2019-11-06 | Microsoft Technology Licensing, LLC | Containment of worms |
US7761920B2 (en) * | 2004-09-03 | 2010-07-20 | Fortinet, Inc. | Data structure for policy-based remediation selection |
US7665119B2 (en) | 2004-09-03 | 2010-02-16 | Secure Elements, Inc. | Policy-based selection of remediation |
US7774848B2 (en) * | 2004-07-23 | 2010-08-10 | Fortinet, Inc. | Mapping remediation to plurality of vulnerabilities |
US20060018478A1 (en) * | 2004-07-23 | 2006-01-26 | Diefenderfer Kristopher G | Secure communication protocol |
US8171555B2 (en) * | 2004-07-23 | 2012-05-01 | Fortinet, Inc. | Determining technology-appropriate remediation for vulnerability |
US7509676B2 (en) * | 2004-07-30 | 2009-03-24 | Electronic Data Systems Corporation | System and method for restricting access to an enterprise network |
US8146072B2 (en) * | 2004-07-30 | 2012-03-27 | Hewlett-Packard Development Company, L.P. | System and method for updating software on a computer |
US7703137B2 (en) * | 2004-09-03 | 2010-04-20 | Fortinet, Inc. | Centralized data transformation |
US7672948B2 (en) * | 2004-09-03 | 2010-03-02 | Fortinet, Inc. | Centralized data transformation |
US20060075503A1 (en) * | 2004-09-13 | 2006-04-06 | Achilles Guard, Inc. Dba Critical Watch | Method and system for applying security vulnerability management process to an organization |
US20060080738A1 (en) * | 2004-10-08 | 2006-04-13 | Bezilla Daniel B | Automatic criticality assessment |
US7793338B1 (en) | 2004-10-21 | 2010-09-07 | Mcafee, Inc. | System and method of network endpoint security |
JP4688472B2 (ja) * | 2004-11-01 | 2011-05-25 | 株式会社エヌ・ティ・ティ・ドコモ | 端末制御装置及び端末制御方法 |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US20060101519A1 (en) * | 2004-11-05 | 2006-05-11 | Lasswell Kevin W | Method to provide customized vulnerability information to a plurality of organizations |
US7895650B1 (en) * | 2004-12-15 | 2011-02-22 | Symantec Corporation | File system based risk profile transfer |
US20060185018A1 (en) * | 2005-02-17 | 2006-08-17 | Microsoft Corporation | Systems and methods for shielding an identified vulnerability |
US7278163B2 (en) * | 2005-02-22 | 2007-10-02 | Mcafee, Inc. | Security risk analysis system and method |
US8561190B2 (en) * | 2005-05-16 | 2013-10-15 | Microsoft Corporation | System and method of opportunistically protecting a computer from malware |
US7788723B2 (en) * | 2005-05-17 | 2010-08-31 | Computer Associates Think, Inc. | Method and apparatus for identifying computer vulnerabilities using exploit probes and remote scanning |
US7743421B2 (en) | 2005-05-18 | 2010-06-22 | Alcatel Lucent | Communication network security risk exposure management systems and methods |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
US8095984B2 (en) | 2005-09-22 | 2012-01-10 | Alcatel Lucent | Systems and methods of associating security vulnerabilities and assets |
US8544098B2 (en) * | 2005-09-22 | 2013-09-24 | Alcatel Lucent | Security vulnerability information aggregation |
US8438643B2 (en) * | 2005-09-22 | 2013-05-07 | Alcatel Lucent | Information system service-level security risk analysis |
US7805752B2 (en) * | 2005-11-09 | 2010-09-28 | Symantec Corporation | Dynamic endpoint compliance policy configuration |
US8046833B2 (en) * | 2005-11-14 | 2011-10-25 | Sourcefire, Inc. | Intrusion event correlation with network discovery information |
US7733803B2 (en) | 2005-11-14 | 2010-06-08 | Sourcefire, Inc. | Systems and methods for modifying network map attributes |
WO2007149612A2 (en) * | 2006-03-24 | 2007-12-27 | Avg Technologies Cy Limited | Software vulnerability exploitation shield |
US7680880B2 (en) * | 2006-04-25 | 2010-03-16 | Mcafee, Inc. | System and method for protecting a computer network |
US8239915B1 (en) | 2006-06-30 | 2012-08-07 | Symantec Corporation | Endpoint management using trust rating data |
US8055682B1 (en) | 2006-06-30 | 2011-11-08 | At&T Intellectual Property Ii, L.P. | Security information repository system and method thereof |
US8266701B2 (en) * | 2006-07-12 | 2012-09-11 | Verizon Services Corp. | Systems and methods for measuring cyber based risks in an enterprise organization |
US20080028065A1 (en) * | 2006-07-26 | 2008-01-31 | Nt Objectives, Inc. | Application threat modeling |
US20080077976A1 (en) * | 2006-09-27 | 2008-03-27 | Rockwell Automation Technologies, Inc. | Cryptographic authentication protocol |
KR100817799B1 (ko) * | 2006-10-13 | 2008-03-31 | 한국정보보호진흥원 | 다중 취약점 점검 도구를 활용한 네트워크 취약점 통합분석 시스템 및 방법 |
GB2443459A (en) * | 2006-10-31 | 2008-05-07 | Hewlett Packard Development Co | Data packet incuding computing platform indication |
US8515912B2 (en) | 2010-07-15 | 2013-08-20 | Palantir Technologies, Inc. | Sharing and deconflicting data changes in a multimaster database system |
US8505092B2 (en) | 2007-01-05 | 2013-08-06 | Trend Micro Incorporated | Dynamic provisioning of protection software in a host intrusion prevention system |
US7930747B2 (en) * | 2007-01-08 | 2011-04-19 | Trend Micro Incorporated | Host intrusion prevention server |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US8069352B2 (en) * | 2007-02-28 | 2011-11-29 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
US20080244519A1 (en) * | 2007-03-30 | 2008-10-02 | Microsoft Corporation | Identifying, Correcting and Displaying Application Website and Device Compatibility Issues |
US8533841B2 (en) * | 2007-04-02 | 2013-09-10 | Microsoft Corporation | Deriving remediations from security compliance rules |
US8862752B2 (en) | 2007-04-11 | 2014-10-14 | Mcafee, Inc. | System, method, and computer program product for conditionally preventing the transfer of data based on a location thereof |
US7770203B2 (en) * | 2007-04-17 | 2010-08-03 | International Business Machines Corporation | Method of integrating a security operations policy into a threat management vector |
US8127353B2 (en) * | 2007-04-30 | 2012-02-28 | Sourcefire, Inc. | Real-time user awareness for a computer network |
US8850587B2 (en) * | 2007-05-04 | 2014-09-30 | Wipro Limited | Network security scanner for enterprise protection |
US8793802B2 (en) | 2007-05-22 | 2014-07-29 | Mcafee, Inc. | System, method, and computer program product for preventing data leakage utilizing a map of data |
US8661534B2 (en) | 2007-06-26 | 2014-02-25 | Microsoft Corporation | Security system with compliance checking and remediation |
US9118706B2 (en) * | 2007-06-29 | 2015-08-25 | Verizon Patent And Licensing Inc. | Using imported data from security tools |
US20090038014A1 (en) * | 2007-07-31 | 2009-02-05 | Paul Force | System and method for tracking remediation of security vulnerabilities |
US9064024B2 (en) | 2007-08-21 | 2015-06-23 | Google Inc. | Bundle generation |
US8181173B2 (en) * | 2007-10-12 | 2012-05-15 | International Business Machines Corporation | Determining priority for installing a patch into multiple patch recipients of a network |
US7996896B2 (en) | 2007-10-19 | 2011-08-09 | Trend Micro Incorporated | System for regulating host security configuration |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US20090144828A1 (en) * | 2007-12-04 | 2009-06-04 | Microsoft Corporation | Rapid signatures for protecting vulnerable browser configurations |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US9824372B1 (en) | 2008-02-11 | 2017-11-21 | Google Llc | Associating advertisements with videos |
US8839460B2 (en) * | 2008-03-07 | 2014-09-16 | Qualcomm Incorporated | Method for securely communicating information about the location of a compromised computing device |
US8850568B2 (en) * | 2008-03-07 | 2014-09-30 | Qualcomm Incorporated | Method and apparatus for detecting unauthorized access to a computing device and securely communicating information about such unauthorized access |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US20100095235A1 (en) * | 2008-04-08 | 2010-04-15 | Allgress, Inc. | Enterprise Information Security Management Software Used to Prove Return on Investment of Security Projects and Activities Using Interactive Graphs |
US8474043B2 (en) * | 2008-04-17 | 2013-06-25 | Sourcefire, Inc. | Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing |
US8689335B2 (en) * | 2008-06-25 | 2014-04-01 | Microsoft Corporation | Mapping between users and machines in an enterprise security assessment sharing system |
US8286255B2 (en) * | 2008-08-07 | 2012-10-09 | Sophos Plc | Computer file control through file tagging |
US8272055B2 (en) * | 2008-10-08 | 2012-09-18 | Sourcefire, Inc. | Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system |
US8347386B2 (en) | 2008-10-21 | 2013-01-01 | Lookout, Inc. | System and method for server-coupled malware prevention |
US9043919B2 (en) | 2008-10-21 | 2015-05-26 | Lookout, Inc. | Crawling multiple markets and correlating |
US8533844B2 (en) | 2008-10-21 | 2013-09-10 | Lookout, Inc. | System and method for security data collection and analysis |
US8051480B2 (en) | 2008-10-21 | 2011-11-01 | Lookout, Inc. | System and method for monitoring and analyzing multiple interfaces and multiple protocols |
US8984628B2 (en) | 2008-10-21 | 2015-03-17 | Lookout, Inc. | System and method for adverse mobile application identification |
US9367680B2 (en) | 2008-10-21 | 2016-06-14 | Lookout, Inc. | System and method for mobile communication device application advisement |
US9781148B2 (en) | 2008-10-21 | 2017-10-03 | Lookout, Inc. | Methods and systems for sharing risk responses between collections of mobile communications devices |
US9235704B2 (en) | 2008-10-21 | 2016-01-12 | Lookout, Inc. | System and method for a scanning API |
US8108933B2 (en) | 2008-10-21 | 2012-01-31 | Lookout, Inc. | System and method for attack and malware prevention |
US8087067B2 (en) | 2008-10-21 | 2011-12-27 | Lookout, Inc. | Secure mobile platform system |
US8060936B2 (en) | 2008-10-21 | 2011-11-15 | Lookout, Inc. | Security status and information display system |
US8707439B2 (en) * | 2008-12-19 | 2014-04-22 | Microsoft Corporation | Selecting security offerings |
US8448245B2 (en) * | 2009-01-17 | 2013-05-21 | Stopthehacker.com, Jaal LLC | Automated identification of phishing, phony and malicious web sites |
US8538815B2 (en) | 2009-02-17 | 2013-09-17 | Lookout, Inc. | System and method for mobile device replacement |
US8855601B2 (en) | 2009-02-17 | 2014-10-07 | Lookout, Inc. | System and method for remotely-initiated audio communication |
US8467768B2 (en) | 2009-02-17 | 2013-06-18 | Lookout, Inc. | System and method for remotely securing or recovering a mobile device |
US9042876B2 (en) | 2009-02-17 | 2015-05-26 | Lookout, Inc. | System and method for uploading location information based on device movement |
US9955352B2 (en) | 2009-02-17 | 2018-04-24 | Lookout, Inc. | Methods and systems for addressing mobile communications devices that are lost or stolen but not yet reported as such |
US8516594B2 (en) | 2009-04-24 | 2013-08-20 | Jeff Bennett | Enterprise information security management software for prediction modeling with interactive graphs |
US8397301B2 (en) | 2009-11-18 | 2013-03-12 | Lookout, Inc. | System and method for identifying and assessing vulnerabilities on a mobile communication device |
US9152708B1 (en) | 2009-12-14 | 2015-10-06 | Google Inc. | Target-video specific co-watched video clusters |
US9532222B2 (en) | 2010-03-03 | 2016-12-27 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US9544143B2 (en) * | 2010-03-03 | 2017-01-10 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions |
US9544328B1 (en) * | 2010-03-31 | 2017-01-10 | Trend Micro Incorporated | Methods and apparatus for providing mitigations to particular computers |
WO2011130510A1 (en) | 2010-04-16 | 2011-10-20 | Sourcefire, Inc. | System and method for near-real time network attack detection, and system and method for unified detection via detection routing |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8433790B2 (en) | 2010-06-11 | 2013-04-30 | Sourcefire, Inc. | System and method for assigning network blocks to sensors |
US8671182B2 (en) | 2010-06-22 | 2014-03-11 | Sourcefire, Inc. | System and method for resolving operating system or service identity conflicts |
US8839433B2 (en) | 2010-11-18 | 2014-09-16 | Comcast Cable Communications, Llc | Secure notification on networked devices |
US8646086B2 (en) * | 2010-11-22 | 2014-02-04 | International Business Machines Corporation | Image vulnerability repair in a networked computing environment |
US8510820B2 (en) | 2010-12-02 | 2013-08-13 | Duo Security, Inc. | System and method for embedded authentication |
US9282085B2 (en) | 2010-12-20 | 2016-03-08 | Duo Security, Inc. | System and method for digital user authentication |
US8601034B2 (en) | 2011-03-11 | 2013-12-03 | Sourcefire, Inc. | System and method for real time data awareness |
US8738765B2 (en) | 2011-06-14 | 2014-05-27 | Lookout, Inc. | Mobile device DNS optimization |
US8788881B2 (en) | 2011-08-17 | 2014-07-22 | Lookout, Inc. | System and method for mobile device push communications |
US8892885B2 (en) | 2011-08-31 | 2014-11-18 | Duo Security, Inc. | System and method for delivering a challenge response in an authentication protocol |
US9467463B2 (en) | 2011-09-02 | 2016-10-11 | Duo Security, Inc. | System and method for assessing vulnerability of a mobile device |
US8763077B2 (en) | 2011-10-07 | 2014-06-24 | Duo Security, Inc. | System and method for enforcing a policy for an authenticator device |
US9027141B2 (en) * | 2012-04-12 | 2015-05-05 | Netflix, Inc. | Method and system for improving security and reliability in a networked application environment |
US9407443B2 (en) | 2012-06-05 | 2016-08-02 | Lookout, Inc. | Component analysis of software applications on computing devices |
US9589129B2 (en) | 2012-06-05 | 2017-03-07 | Lookout, Inc. | Determining source of side-loaded software |
US9081975B2 (en) | 2012-10-22 | 2015-07-14 | Palantir Technologies, Inc. | Sharing information between nexuses that use different classification schemes for information access control |
US8655307B1 (en) | 2012-10-26 | 2014-02-18 | Lookout, Inc. | System and method for developing, updating, and using user device behavioral context models to modify user, device, and application state, settings and behavior for enhanced user security |
US9501761B2 (en) | 2012-11-05 | 2016-11-22 | Palantir Technologies, Inc. | System and method for sharing investigation results |
US20140137190A1 (en) * | 2012-11-09 | 2014-05-15 | Rapid7, Inc. | Methods and systems for passively detecting security levels in client devices |
US9208215B2 (en) | 2012-12-27 | 2015-12-08 | Lookout, Inc. | User classification based on data gathered from a computing device |
US9374369B2 (en) | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US8855599B2 (en) | 2012-12-31 | 2014-10-07 | Lookout, Inc. | Method and apparatus for auxiliary communications with mobile communications device |
US9424409B2 (en) | 2013-01-10 | 2016-08-23 | Lookout, Inc. | Method and system for protecting privacy and enhancing security on an electronic device |
US9338156B2 (en) | 2013-02-22 | 2016-05-10 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US8893230B2 (en) | 2013-02-22 | 2014-11-18 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US9607156B2 (en) * | 2013-02-22 | 2017-03-28 | Duo Security, Inc. | System and method for patching a device through exploitation |
US9443073B2 (en) | 2013-08-08 | 2016-09-13 | Duo Security, Inc. | System and method for verifying status of an authentication device |
US9953169B2 (en) | 2013-02-28 | 2018-04-24 | Entit Software Llc | Modify execution of application under test so user is power user |
US9405915B2 (en) * | 2013-03-14 | 2016-08-02 | Whitehat Security, Inc. | Techniques for correlating vulnerabilities across an evolving codebase |
US9965937B2 (en) | 2013-03-15 | 2018-05-08 | Palantir Technologies Inc. | External malware data item clustering and analysis |
US8818892B1 (en) | 2013-03-15 | 2014-08-26 | Palantir Technologies, Inc. | Prioritizing data clusters with customizable scoring strategies |
CA2910954C (en) | 2013-05-06 | 2017-08-01 | Staples, Inc. | It vulnerability management system |
US9053310B2 (en) | 2013-08-08 | 2015-06-09 | Duo Security, Inc. | System and method for verifying status of an authentication device through a biometric profile |
US9335897B2 (en) | 2013-08-08 | 2016-05-10 | Palantir Technologies Inc. | Long click display of a context menu |
US9092302B2 (en) | 2013-09-10 | 2015-07-28 | Duo Security, Inc. | System and method for determining component version compatibility across a device ecosystem |
US9608814B2 (en) | 2013-09-10 | 2017-03-28 | Duo Security, Inc. | System and method for centralized key distribution |
US20220012346A1 (en) * | 2013-09-13 | 2022-01-13 | Vmware, Inc. | Risk assessment for managed client devices |
US9642008B2 (en) | 2013-10-25 | 2017-05-02 | Lookout, Inc. | System and method for creating and assigning a policy for a mobile communications device based on personal data |
US9774448B2 (en) | 2013-10-30 | 2017-09-26 | Duo Security, Inc. | System and methods for opportunistic cryptographic key management on an electronic device |
US10223530B2 (en) * | 2013-11-13 | 2019-03-05 | Proofpoint, Inc. | System and method of protecting client computers |
US10122747B2 (en) | 2013-12-06 | 2018-11-06 | Lookout, Inc. | Response generation after distributed monitoring and evaluation of multiple devices |
US9753796B2 (en) | 2013-12-06 | 2017-09-05 | Lookout, Inc. | Distributed monitoring, evaluation, and response for multiple devices |
US10356032B2 (en) | 2013-12-26 | 2019-07-16 | Palantir Technologies Inc. | System and method for detecting confidential information emails |
US9338013B2 (en) | 2013-12-30 | 2016-05-10 | Palantir Technologies Inc. | Verifiable redactable audit log |
US8832832B1 (en) | 2014-01-03 | 2014-09-09 | Palantir Technologies Inc. | IP reputation |
US8966639B1 (en) | 2014-02-14 | 2015-02-24 | Risk I/O, Inc. | Internet breach correlation |
US8984643B1 (en) | 2014-02-14 | 2015-03-17 | Risk I/O, Inc. | Ordered computer vulnerability remediation reporting |
US9009827B1 (en) | 2014-02-20 | 2015-04-14 | Palantir Technologies Inc. | Security sharing system |
US9762590B2 (en) | 2014-04-17 | 2017-09-12 | Duo Security, Inc. | System and method for an integrity focused authentication service |
US9503467B2 (en) | 2014-05-22 | 2016-11-22 | Accenture Global Services Limited | Network anomaly detection |
KR20160002058A (ko) * | 2014-06-30 | 2016-01-07 | 한국전자통신연구원 | 모드버스 통신 패턴 학습에 기반한 비정상 트래픽 탐지 장치 및 방법 |
US9535974B1 (en) | 2014-06-30 | 2017-01-03 | Palantir Technologies Inc. | Systems and methods for identifying key phrase clusters within documents |
US9619557B2 (en) | 2014-06-30 | 2017-04-11 | Palantir Technologies, Inc. | Systems and methods for key phrase characterization of documents |
US10572496B1 (en) | 2014-07-03 | 2020-02-25 | Palantir Technologies Inc. | Distributed workflow system and database with access controls for city resiliency |
US9785773B2 (en) | 2014-07-03 | 2017-10-10 | Palantir Technologies Inc. | Malware data item analysis |
US9021260B1 (en) | 2014-07-03 | 2015-04-28 | Palantir Technologies Inc. | Malware data item analysis |
US9256664B2 (en) | 2014-07-03 | 2016-02-09 | Palantir Technologies Inc. | System and method for news events detection and visualization |
US9202249B1 (en) | 2014-07-03 | 2015-12-01 | Palantir Technologies Inc. | Data item clustering and analysis |
US9419992B2 (en) | 2014-08-13 | 2016-08-16 | Palantir Technologies Inc. | Unwanted tunneling alert system |
US9043894B1 (en) | 2014-11-06 | 2015-05-26 | Palantir Technologies Inc. | Malicious software detection in a computing system |
US10216938B2 (en) * | 2014-12-05 | 2019-02-26 | T-Mobile Usa, Inc. | Recombinant threat modeling |
US10574675B2 (en) | 2014-12-05 | 2020-02-25 | T-Mobile Usa, Inc. | Similarity search for discovering multiple vector attacks |
US9367872B1 (en) | 2014-12-22 | 2016-06-14 | Palantir Technologies Inc. | Systems and user interfaces for dynamic and interactive investigation of bad actor behavior based on automatic clustering of related data in various data structures |
US9648036B2 (en) | 2014-12-29 | 2017-05-09 | Palantir Technologies Inc. | Systems for network risk assessment including processing of user access rights associated with a network of devices |
US9467455B2 (en) | 2014-12-29 | 2016-10-11 | Palantir Technologies Inc. | Systems for network risk assessment including processing of user access rights associated with a network of devices |
US10372879B2 (en) | 2014-12-31 | 2019-08-06 | Palantir Technologies Inc. | Medical claims lead summary report generation |
US9979719B2 (en) | 2015-01-06 | 2018-05-22 | Duo Security, Inc. | System and method for converting one-time passcodes to app-based authentication |
US9594913B2 (en) * | 2015-01-28 | 2017-03-14 | Wal-Mart Stores, Inc. | System, method, and non-transitory computer-readable storage media for analyzing software application modules and provide actionable intelligence on remediation efforts |
US20160234243A1 (en) * | 2015-02-06 | 2016-08-11 | Honeywell International Inc. | Technique for using infrastructure monitoring software to collect cyber-security risk data |
US10021119B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Apparatus and method for automatic handling of cyber-security risk events |
US10075475B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Apparatus and method for dynamic customization of cyber-security risk item rules |
US10075474B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications |
US10021125B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Infrastructure monitoring tool for collecting industrial process control and automation system risk data |
US10298608B2 (en) | 2015-02-11 | 2019-05-21 | Honeywell International Inc. | Apparatus and method for tying cyber-security risk analysis to common risk methodologies and risk levels |
US9641341B2 (en) | 2015-03-31 | 2017-05-02 | Duo Security, Inc. | Method for distributed trust authentication |
US10091222B1 (en) * | 2015-03-31 | 2018-10-02 | Juniper Networks, Inc. | Detecting data exfiltration as the data exfiltration occurs or after the data exfiltration occurs |
EP3289510B1 (en) | 2015-05-01 | 2020-06-17 | Lookout Inc. | Determining source of side-loaded software |
US9800604B2 (en) | 2015-05-06 | 2017-10-24 | Honeywell International Inc. | Apparatus and method for assigning cyber-security risk consequences in industrial process control environments |
US10089095B2 (en) * | 2015-05-06 | 2018-10-02 | Mcafee, Llc | Alerting the presence of bundled software during an installation |
ES2758755T3 (es) | 2015-06-01 | 2020-05-06 | Duo Security Inc | Método para aplicar normas de salud de punto final |
US9407652B1 (en) | 2015-06-26 | 2016-08-02 | Palantir Technologies Inc. | Network anomaly detection |
US9774579B2 (en) | 2015-07-27 | 2017-09-26 | Duo Security, Inc. | Method for key rotation |
US9456000B1 (en) | 2015-08-06 | 2016-09-27 | Palantir Technologies Inc. | Systems, methods, user interfaces, and computer-readable media for investigating potential malicious communications |
US9979743B2 (en) | 2015-08-13 | 2018-05-22 | Accenture Global Services Limited | Computer asset vulnerabilities |
US10489391B1 (en) | 2015-08-17 | 2019-11-26 | Palantir Technologies Inc. | Systems and methods for grouping and enriching data items accessed from one or more databases for presentation in a user interface |
US9537880B1 (en) | 2015-08-19 | 2017-01-03 | Palantir Technologies Inc. | Anomalous network monitoring, user behavior detection and database system |
US10102369B2 (en) | 2015-08-19 | 2018-10-16 | Palantir Technologies Inc. | Checkout system executable code monitoring, and user account compromise determination system |
US9886582B2 (en) | 2015-08-31 | 2018-02-06 | Accenture Global Sevices Limited | Contextualization of threat data |
US10044745B1 (en) | 2015-10-12 | 2018-08-07 | Palantir Technologies, Inc. | Systems for computer network security risk assessment including user compromise analysis associated with a network of devices |
US10691808B2 (en) * | 2015-12-10 | 2020-06-23 | Sap Se | Vulnerability analysis of software components |
US9888039B2 (en) | 2015-12-28 | 2018-02-06 | Palantir Technologies Inc. | Network-based permissioning system |
US9916465B1 (en) | 2015-12-29 | 2018-03-13 | Palantir Technologies Inc. | Systems and methods for automatic and customizable data minimization of electronic data stores |
US9860267B2 (en) * | 2016-03-18 | 2018-01-02 | AO Kaspersky Lab | Method and system of eliminating vulnerabilities of smart devices |
RU2636700C1 (ru) * | 2016-03-18 | 2017-11-27 | Акционерное общество "Лаборатория Касперского" | Способ устранения уязвимостей устройств, имеющих выход в Интернет |
US10084812B2 (en) | 2016-03-18 | 2018-09-25 | AO Kaspersky Lab | Method and system of repairing vulnerabilities of smart devices |
US10419472B2 (en) | 2016-03-18 | 2019-09-17 | AO Kaspersky Lab | System and method for repairing vulnerabilities of devices connected to a data network |
US20180270265A1 (en) * | 2016-05-13 | 2018-09-20 | Ola Sage | System and Method For Assessing Network Security Risks |
US10498711B1 (en) | 2016-05-20 | 2019-12-03 | Palantir Technologies Inc. | Providing a booting key to a remote system |
US10498605B2 (en) * | 2016-06-02 | 2019-12-03 | Zscaler, Inc. | Cloud based systems and methods for determining and visualizing security risks of companies, users, and groups |
US10084802B1 (en) | 2016-06-21 | 2018-09-25 | Palantir Technologies Inc. | Supervisory control and data acquisition |
US10291637B1 (en) | 2016-07-05 | 2019-05-14 | Palantir Technologies Inc. | Network anomaly detection and profiling |
US10698927B1 (en) | 2016-08-30 | 2020-06-30 | Palantir Technologies Inc. | Multiple sensor session and log information compression and correlation system |
US20180103044A1 (en) * | 2016-10-10 | 2018-04-12 | Richard E. Malinowski | Anti-malware client |
GB201617620D0 (en) * | 2016-10-18 | 2016-11-30 | Cybernetica As | Composite digital signatures |
US10728262B1 (en) | 2016-12-21 | 2020-07-28 | Palantir Technologies Inc. | Context-aware network-based malicious activity warning systems |
US10721262B2 (en) | 2016-12-28 | 2020-07-21 | Palantir Technologies Inc. | Resource-centric network cyber attack warning system |
US10754872B2 (en) | 2016-12-28 | 2020-08-25 | Palantir Technologies Inc. | Automatically executing tasks and configuring access control lists in a data transformation system |
RU2019130058A (ru) | 2017-03-28 | 2021-04-28 | Нек Корпорейшн | Устройство формирования подписей, способ формирования подписей и энергонезависимый считываемый компьютером носитель, сохраняющий программу |
US10218697B2 (en) | 2017-06-09 | 2019-02-26 | Lookout, Inc. | Use of device risk evaluation to manage access to services |
CN107231367B (zh) * | 2017-06-21 | 2021-03-19 | 北京奇虎科技有限公司 | 签名消息的自动通知方法、装置以及服务器 |
US10027551B1 (en) | 2017-06-29 | 2018-07-17 | Palantir Technologies, Inc. | Access controls through node-based effective policy identifiers |
US10963465B1 (en) | 2017-08-25 | 2021-03-30 | Palantir Technologies Inc. | Rapid importation of data including temporally tracked object recognition |
US10984427B1 (en) | 2017-09-13 | 2021-04-20 | Palantir Technologies Inc. | Approaches for analyzing entity relationships |
GB201716170D0 (en) | 2017-10-04 | 2017-11-15 | Palantir Technologies Inc | Controlling user creation of data resources on a data processing platform |
US10079832B1 (en) | 2017-10-18 | 2018-09-18 | Palantir Technologies Inc. | Controlling user creation of data resources on a data processing platform |
US20190124106A1 (en) * | 2017-10-19 | 2019-04-25 | T-Mobile Usa, Inc. | Efficient security threat remediation |
US10250401B1 (en) | 2017-11-29 | 2019-04-02 | Palantir Technologies Inc. | Systems and methods for providing category-sensitive chat channels |
US11133925B2 (en) | 2017-12-07 | 2021-09-28 | Palantir Technologies Inc. | Selective access to encrypted logs |
US10412113B2 (en) | 2017-12-08 | 2019-09-10 | Duo Security, Inc. | Systems and methods for intelligently configuring computer security |
US10142349B1 (en) | 2018-02-22 | 2018-11-27 | Palantir Technologies Inc. | Verifying network-based permissioning rights |
US10812502B2 (en) | 2018-02-06 | 2020-10-20 | Bank Of America Corporation | Network device owner identification and communication triggering system |
US10819731B2 (en) | 2018-02-06 | 2020-10-27 | Bank Of America Corporation | Exception remediation logic rolling platform |
US10862915B2 (en) | 2018-02-06 | 2020-12-08 | Bank Of America Corporation | Exception remediation logic routing and suppression platform |
US11089042B2 (en) | 2018-02-06 | 2021-08-10 | Bank Of America Corporation | Vulnerability consequence triggering system for application freeze and removal |
US11265340B2 (en) | 2018-02-06 | 2022-03-01 | Bank Of America Corporation | Exception remediation acceptable use logic platform |
US10878051B1 (en) | 2018-03-30 | 2020-12-29 | Palantir Technologies Inc. | Mapping device identifiers |
EP3550791B1 (en) | 2018-04-03 | 2023-12-06 | Palantir Technologies Inc. | Controlling access to computer resources |
US10749889B2 (en) * | 2018-05-07 | 2020-08-18 | Servicenow, Inc. | Rule-based remediation of vulnerabilities in a managed network |
US10949400B2 (en) | 2018-05-09 | 2021-03-16 | Palantir Technologies Inc. | Systems and methods for tamper-resistant activity logging |
US11244063B2 (en) | 2018-06-11 | 2022-02-08 | Palantir Technologies Inc. | Row-level and column-level policy service |
US11030322B2 (en) | 2018-10-24 | 2021-06-08 | International Business Machines Corporation | Recommending the most relevant and urgent vulnerabilities within a security management system |
US11374958B2 (en) * | 2018-10-31 | 2022-06-28 | International Business Machines Corporation | Security protection rule prediction and enforcement |
US11277429B2 (en) | 2018-11-20 | 2022-03-15 | Saudi Arabian Oil Company | Cybersecurity vulnerability classification and remediation based on network utilization |
US11658962B2 (en) | 2018-12-07 | 2023-05-23 | Cisco Technology, Inc. | Systems and methods of push-based verification of a transaction |
EP3694173B1 (en) | 2019-02-08 | 2022-09-21 | Palantir Technologies Inc. | Isolating applications associated with multiple tenants within a computing platform |
US11290491B2 (en) * | 2019-03-14 | 2022-03-29 | Oracle International Corporation | Methods, systems, and computer readable media for utilizing a security service engine to assess security vulnerabilities on a security gateway element |
US11418544B2 (en) * | 2019-06-20 | 2022-08-16 | Servicenow, Inc. | Solution management systems and methods for addressing cybersecurity vulnerabilities |
WO2019170173A2 (en) * | 2019-06-27 | 2019-09-12 | Alibaba Group Holding Limited | Managing cybersecurity vulnerabilities using blockchain networks |
US11218503B2 (en) * | 2019-07-19 | 2022-01-04 | Jpmorgan Chase Bank, N.A. | System and method for implementing a vulnerability management module |
US11704441B2 (en) | 2019-09-03 | 2023-07-18 | Palantir Technologies Inc. | Charter-based access controls for managing computer resources |
EP3796165A1 (en) | 2019-09-18 | 2021-03-24 | Palantir Technologies Inc. | Systems and methods for autoscaling instance groups of computing platforms |
CN113672929A (zh) * | 2020-05-14 | 2021-11-19 | 阿波罗智联(北京)科技有限公司 | 漏洞特征获取方法、装置及电子设备 |
US11363041B2 (en) | 2020-05-15 | 2022-06-14 | International Business Machines Corporation | Protecting computer assets from malicious attacks |
US11176024B1 (en) | 2020-09-23 | 2021-11-16 | International Business Machines Corporation | Software patch application and testing optimization |
US11695796B1 (en) * | 2020-12-10 | 2023-07-04 | Amazon Technologies, Inc. | Device vulnerability detection during device handshake |
US20220222350A1 (en) * | 2021-01-08 | 2022-07-14 | Capital One Services, Llc | Vulnerability dashboard and automated remediation |
CN115174379A (zh) * | 2022-07-27 | 2022-10-11 | 西安热工研究院有限公司 | 一种工控网络的漏洞修复方法、装置及存储介质 |
Family Cites Families (60)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4999806A (en) * | 1987-09-04 | 1991-03-12 | Fred Chernow | Software distribution system |
US4954941A (en) * | 1988-08-31 | 1990-09-04 | Bell Communications Research, Inc. | Method and apparatus for program updating |
CA2053261A1 (en) * | 1989-04-28 | 1990-10-29 | Gary D. Hornbuckle | Method and apparatus for remotely controlling and monitoring the use of computer software |
US5805897A (en) * | 1992-07-31 | 1998-09-08 | International Business Machines Corporation | System and method for remote software configuration and distribution |
WO1994025913A2 (en) * | 1993-04-30 | 1994-11-10 | Novadigm, Inc. | Method and apparatus for enterprise desktop management |
US5860012A (en) * | 1993-09-30 | 1999-01-12 | Intel Corporation | Installation of application software through a network from a source computer system on to a target computer system |
US5564038A (en) * | 1994-05-20 | 1996-10-08 | International Business Machines Corporation | Method and apparatus for providing a trial period for a software license product using a date stamp and designated test period |
US5787246A (en) * | 1994-05-27 | 1998-07-28 | Microsoft Corporation | System for configuring devices for a computer system |
US5742829A (en) * | 1995-03-10 | 1998-04-21 | Microsoft Corporation | Automatic software installation on heterogeneous networked client computer systems |
US6282712B1 (en) * | 1995-03-10 | 2001-08-28 | Microsoft Corporation | Automatic software installation on heterogeneous networked computer systems |
US5699275A (en) * | 1995-04-12 | 1997-12-16 | Highwaymaster Communications, Inc. | System and method for remote patching of operating code located in a mobile unit |
US6078945A (en) * | 1995-06-21 | 2000-06-20 | Tao Group Limited | Operating system for use with computer networks incorporating two or more data processors linked together for parallel processing and incorporating improved dynamic load-sharing techniques |
AUPN479695A0 (en) * | 1995-08-16 | 1995-09-07 | Telstra Corporation Limited | A network analysis system |
US5852812A (en) * | 1995-08-23 | 1998-12-22 | Microsoft Corporation | Billing system for a network |
US5845077A (en) * | 1995-11-27 | 1998-12-01 | Microsoft Corporation | Method and system for identifying and obtaining computer software from a remote computer |
JPH09214493A (ja) * | 1996-02-08 | 1997-08-15 | Hitachi Ltd | ネットワークシステム |
US5764913A (en) * | 1996-04-05 | 1998-06-09 | Microsoft Corporation | Computer network status monitoring system |
US6049671A (en) * | 1996-04-18 | 2000-04-11 | Microsoft Corporation | Method for identifying and obtaining computer software from a network computer |
US5933646A (en) * | 1996-05-10 | 1999-08-03 | Apple Computer, Inc. | Software manager for administration of a computer operating system |
US6151643A (en) * | 1996-06-07 | 2000-11-21 | Networks Associates, Inc. | Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer |
US6052710A (en) * | 1996-06-28 | 2000-04-18 | Microsoft Corporation | System and method for making function calls over a distributed network |
US5799002A (en) * | 1996-07-02 | 1998-08-25 | Microsoft Corporation | Adaptive bandwidth throttling for network services |
US5919247A (en) * | 1996-07-24 | 1999-07-06 | Marimba, Inc. | Method for the distribution of code and data updates |
US5991802A (en) * | 1996-11-27 | 1999-11-23 | Microsoft Corporation | Method and system for invoking methods of objects over the internet |
US6061740A (en) * | 1996-12-09 | 2000-05-09 | Novell, Inc. | Method and apparatus for heterogeneous network management |
US6029247A (en) * | 1996-12-09 | 2000-02-22 | Novell, Inc. | Method and apparatus for transmitting secured data |
US5854794A (en) * | 1996-12-16 | 1998-12-29 | Ag Communication Systems Corporation | Digital transmission framing system |
US5960170A (en) * | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
US5933826A (en) * | 1997-03-21 | 1999-08-03 | Novell, Inc. | Method and apparatus for securing and storing executable content |
US6219675B1 (en) * | 1997-06-05 | 2001-04-17 | Microsoft Corporation | Distribution of a centralized database |
US6016499A (en) * | 1997-07-21 | 2000-01-18 | Novell, Inc. | System and method for accessing a directory services respository |
US6282709B1 (en) * | 1997-11-12 | 2001-08-28 | Philips Electronics North America Corporation | Software update manager |
US5974454A (en) * | 1997-11-14 | 1999-10-26 | Microsoft Corporation | Method and system for installing and updating program module components |
US6151708A (en) * | 1997-12-19 | 2000-11-21 | Microsoft Corporation | Determining program update availability via set intersection over a sub-optical pathway |
JPH11194929A (ja) * | 1997-12-26 | 1999-07-21 | Nec Corp | クライアント・サーバ型システムにおけるクライアント側プログラム管理方式 |
US6035423A (en) * | 1997-12-31 | 2000-03-07 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
US6094679A (en) * | 1998-01-16 | 2000-07-25 | Microsoft Corporation | Distribution of software in a computer network environment |
US6202207B1 (en) * | 1998-01-28 | 2001-03-13 | International Business Machines Corporation | Method and a mechanism for synchronized updating of interoperating software |
US6108649A (en) * | 1998-03-03 | 2000-08-22 | Novell, Inc. | Method and system for supplanting a first name base with a second name base |
US6279113B1 (en) * | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6279156B1 (en) * | 1999-01-26 | 2001-08-21 | Dell Usa, L.P. | Method of installing software on and/or testing a computer system |
US6282175B1 (en) * | 1998-04-23 | 2001-08-28 | Hewlett-Packard Company | Method for tracking configuration changes in networks of computer systems through historical monitoring of configuration status of devices on the network. |
US6298445B1 (en) * | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US6216175B1 (en) * | 1998-06-08 | 2001-04-10 | Microsoft Corporation | Method for upgrading copies of an original file with same update data after normalizing differences between copies created during respective original installations |
WO1999066383A2 (en) * | 1998-06-15 | 1999-12-23 | Dmw Worldwide, Inc. | Method and apparatus for assessing the security of a computer system |
US6324656B1 (en) * | 1998-06-30 | 2001-11-27 | Cisco Technology, Inc. | System and method for rules-driven multi-phase network vulnerability assessment |
US6347375B1 (en) * | 1998-07-08 | 2002-02-12 | Ontrack Data International, Inc | Apparatus and method for remote virus diagnosis and repair |
US6272677B1 (en) * | 1998-08-28 | 2001-08-07 | International Business Machines Corporation | Method and system for automatic detection and distribution of code version updates |
US6263362B1 (en) * | 1998-09-01 | 2001-07-17 | Bigfix, Inc. | Inspector for computed relevance messaging |
US6138157A (en) * | 1998-10-12 | 2000-10-24 | Freshwater Software, Inc. | Method and apparatus for testing web sites |
US6157618A (en) * | 1999-01-26 | 2000-12-05 | Microsoft Corporation | Distributed internet user experience monitoring system |
US6721713B1 (en) * | 1999-05-27 | 2004-04-13 | Andersen Consulting Llp | Business alliance identification in a web architecture framework |
US6281790B1 (en) * | 1999-09-01 | 2001-08-28 | Net Talon Security Systems, Inc. | Method and apparatus for remotely monitoring a site |
US7159237B2 (en) * | 2000-03-16 | 2007-01-02 | Counterpane Internet Security, Inc. | Method and system for dynamic network intrusion monitoring, detection and response |
US6751661B1 (en) * | 2000-06-22 | 2004-06-15 | Applied Systems Intelligence, Inc. | Method and system for providing intelligent network management |
EP1327191B1 (en) * | 2000-09-22 | 2013-10-23 | Lumension Security, Inc. | Non-invasive automatic offsite patch fingerprinting and updating system and method |
US20040003266A1 (en) * | 2000-09-22 | 2004-01-01 | Patchlink Corporation | Non-invasive automatic offsite patch fingerprinting and updating system and method |
US6766458B1 (en) * | 2000-10-03 | 2004-07-20 | Networks Associates Technology, Inc. | Testing a computer system |
US20030135749A1 (en) * | 2001-10-31 | 2003-07-17 | Gales George S. | System and method of defining the security vulnerabilities of a computer system |
US6859793B1 (en) * | 2002-12-19 | 2005-02-22 | Networks Associates Technology, Inc. | Software license reporting and control system and method |
-
2002
- 2002-12-31 JP JP2003558701A patent/JP2005532606A/ja active Pending
- 2002-12-31 MX MXPA04006473A patent/MXPA04006473A/es unknown
- 2002-12-31 CA CA002472268A patent/CA2472268A1/en not_active Abandoned
- 2002-12-31 WO PCT/US2002/041819 patent/WO2003058457A1/en not_active Application Discontinuation
- 2002-12-31 US US10/335,490 patent/US7000247B2/en not_active Expired - Lifetime
- 2002-12-31 AU AU2002360844A patent/AU2002360844A1/en not_active Abandoned
- 2002-12-31 CN CNA028265742A patent/CN1610887A/zh active Pending
- 2002-12-31 EP EP02796133A patent/EP1461707A1/en not_active Withdrawn
- 2002-12-31 KR KR10-2004-7008944A patent/KR20040069324A/ko not_active Application Discontinuation
- 2002-12-31 BR BR0215388-2A patent/BR0215388A/pt not_active IP Right Cessation
-
2004
- 2004-07-27 NO NO20043189A patent/NO20043189L/no not_active Application Discontinuation
- 2004-12-10 US US11/009,782 patent/US7308712B2/en not_active Expired - Fee Related
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1941782B (zh) * | 2005-09-22 | 2011-09-28 | 阿尔卡特公司 | 将安全漏洞关联于资产的***和方法 |
CN101964780B (zh) * | 2010-01-28 | 2012-11-28 | 北京邮电大学 | 一种ip多媒体子***网络脆弱性分析方法与*** |
CN103562923A (zh) * | 2011-05-31 | 2014-02-05 | 惠普发展公司,有限责任合伙企业 | 应用程序安全测试 |
US9215247B2 (en) | 2011-05-31 | 2015-12-15 | Hewlett Packard Enterprise Development Lp | Application security testing |
CN103562923B (zh) * | 2011-05-31 | 2016-09-07 | 惠普发展公司,有限责任合伙企业 | 应用程序安全测试 |
US9501650B2 (en) | 2011-05-31 | 2016-11-22 | Hewlett Packard Enterprise Development Lp | Application security testing |
CN104614624A (zh) * | 2015-02-13 | 2015-05-13 | 东南大学 | 一种基于电力通信交互影响的电力***脆弱性的检测方法 |
CN111164597A (zh) * | 2017-09-29 | 2020-05-15 | 国际商业机器公司 | 使用流聚类的补丁组的动态重组 |
Also Published As
Publication number | Publication date |
---|---|
BR0215388A (pt) | 2004-12-07 |
EP1461707A1 (en) | 2004-09-29 |
JP2005532606A (ja) | 2005-10-27 |
US20030126472A1 (en) | 2003-07-03 |
AU2002360844A1 (en) | 2003-07-24 |
US20050229256A2 (en) | 2005-10-13 |
WO2003058457A1 (en) | 2003-07-17 |
US20050091542A1 (en) | 2005-04-28 |
KR20040069324A (ko) | 2004-08-05 |
US7000247B2 (en) | 2006-02-14 |
NO20043189L (no) | 2004-07-26 |
CA2472268A1 (en) | 2003-07-17 |
US7308712B2 (en) | 2007-12-11 |
MXPA04006473A (es) | 2004-10-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1610887A (zh) | 计算机脆弱性自动解决方案*** | |
EP3036645B1 (en) | Method and system for dynamic and comprehensive vulnerability management | |
US8650055B2 (en) | IT asset management system | |
CN1133928C (zh) | 计算机***的变化监视*** | |
US7500234B2 (en) | System-updating method and computer system adopting the method | |
US8832647B2 (en) | Tools for software stacks | |
US20110214021A1 (en) | Systems and methods for initiating software repairs in conjunction with software package updates | |
US20110214112A1 (en) | Systems and mehtods for generating predictive diagnostics via package update manager | |
US9116802B2 (en) | Diagnostic notification via package update manager | |
WO2020018523A1 (en) | System and method for distributed ledger-based software supply chain management | |
CN102681865A (zh) | 分布式***中的协调升级 | |
Dodson et al. | Mitigating the risk of software vulnerabilities by adopting a secure software development framework (ssdf) | |
Brown et al. | Reducing the cost of it operations-is automation always the answer? | |
Kneuper et al. | Software processes in the software product life cycle | |
Bartoletti et al. | Secure software distribution system | |
Knorr | Patching our critical infrastructure: Towards an efficient patch and update management for industrial control systems | |
Elbaum et al. | Deploying instrumented software to assist the testing activity | |
Mahnke | An Analysis of the Supply Chain Risks of Industrial Control Systems | |
CN117707896A (zh) | 接口调用异常的监控方法、装置、电子设备及存储介质 | |
JP2008009830A (ja) | 作業確認装置 | |
CN112667253A (zh) | 一种自动化部署方法 | |
Calvo et al. | Web-LCCA: an acquisition decision support tool for the 21st Century |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |