91 results about "Vulnerability management" patented technology

A system and method provides a graphical user interface (GUI) for users to monitor and manage sensitive information within an enterprise network. The GUI can provide users with information, such as the presence of input/output devices (I/O device), the location of documents containing sensitive information (sensitive documents), and the status of local security policy. The GUI can also provide users with real-time information, such as the occurrence of local security policy violations, the life-cycle of sensitive documents, and the sensitive information dynamic flow within the enterprise network.

An enterprise vulnerability management application (EVMA), enterprise vulnerability management process (EVMP) and system. In one embodiment, the EVMP may include executing computer software code on at least one computer hardware platform to receive login information from a user, inventory current information technology assets of the enterprise, conduct vulnerability scanning of the inventoried information technology assets, analyze vulnerability correlation and prioritization of the information technology assets, remediate one or more vulnerabilities of the information technology assets, and report to the user about the vulnerabilities and remediation undertaken. As part of the analysis, one or more vulnerability scores such as, for example, Common Vulnerability Scoring System (CVSS) scores, may be generated from base score metrics, temporal score metrics and environment score metrics.

A computer-implemented process of remediating device security vulnerabilities is carried out by determining identifications of electronic devices associated with an entity and calculating, for each device, a security cyber-vulnerability score. For instance, the cyber-vulnerability score is calculated by generating a device cyber-vulnerability score based upon known threats and vulnerabilities, generating a device level cyber-vulnerability score by augmenting the generated device cyber-vulnerability score based upon at least one device level parameter, generating an environmental cyber-vulnerability score, and computing an overall cyber-vulnerability score based upon the device level cyber-vulnerability score and the environmental cyber-vulnerability score. The computer-implemented process also comprises prioritizing the electronic devices based upon the computed overall cyber-vulnerability score, identifying whether a patch is available for at least one electronic device, and initiating a remediation/mitigation workflow to patch at least one electronic device.

A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.

A continuous vulnerability management system for identifying, analyzing, protecting, and reporting on digital assets is disclosed. The continuous vulnerability management system comprises a sandbox engine configured to scan digital assets for vulnerabilities, including a static analysis unit for static code scanning, a dynamic analysis unit for analyzing compiled code, and a statistical analysis unit for processing a risk score and generating an audit report. A knowledge base is also disclosed, including a knowledge base engine configured to acquire information related to new vulnerabilities to digital assets. A risk scoring engine is configured to analyze sandbox engine outcomes and assign a risk score to each vulnerable asset. A security control system is configured to act on an identified vulnerable asset based on the risk score assigned to the identified vulnerable asset.

A method, a multi-tenant security server apparatus and associated system for securing wireless communication of devices. The method includes transferring security policy configuration information from the security server to wireless devices. The method also includes ascertaining compliance of wireless activity of the wireless devices with the security policy configuration using client software modules installed on the wireless devices.

Policy controls for Web service resource objects in a hierarchical resource space are loosely coupled so that policy changes are applied and enforced across the objects. This technique ensures that different policies are not applied unintentionally to the same resource (for example, one at the Web services entry level, and the other at the resource level). By synchronizing the object in the manner described, neither the entity that deploys the application nor the security administrator need to be aware of the differences between the various types of requests that occur within a Web services environment. In a representative embodiment, resource objects are linked within a hierarchical resource space to provide synchronized policy control, where the policy is an audit policy, a quality-of-service (QoS) policy, a service level agreement (SLA) policy, a governance policy, a compliance policy, a patch management/vulnerability management policy, a user management policy, or a rights management policy.

The invention provides a vulnerability management system based on multi-engine vulnerability scanning association analysis. The vulnerability management system comprises: an asset detection managementmodule used for detecting asset information in a scanning network; a system vulnerability scanning module used for performing vulnerability scanning and analysis on a network device, an operating system, application service and a database according to the asset information, and supporting intelligent service identification; a Web vulnerability scanning module used for automatically parsing data according to the asset information, scanning the data, verifying a discovered WEB vulnerability, and recording a test data packet discovered by vulnerability scanning; a database security scanning module; a security baseline verification module; an industrial control vulnerability scanning module; an APP vulnerability scanning module; a WIFI security detection module; a report association analysismodule; and a whole-network distributed management module. The vulnerability management system provided by the invention can perform association analysis on a detection result and a compliance libraryof information security level protection to generate a level protection evaluation report that meets the specification requirements, and the security requirements of different customers are comprehensively met.

One or more relevant scanners used to identify asset vulnerabilities are identified, obtained, and logically arranged for deployment on an asset in accordance with a vulnerability management policy and a scanner deployment policy such that the relevant scanners are deployed at, or before, a determined ideal time to minimize the resources necessary to correct the vulnerabilities, if found. The relevant scanners are then automatically deployed in accordance with the scanner deployment policy and, if a vulnerability is identified, one or more associated remedies or remedy procedures are applied to the asset. At least one of the one or more relevant scanners are then re-deployed on the asset to determine if the identified vulnerability has been corrected and, if the vulnerability is not corrected at, or before, a defined time, protective measures are automatically taken.

The invention discloses a system and a method for managing security of a general network, and mainly overcomes the defects of poor openness and expansibility and weak functional completeness existing in the prior network security management system. The system mainly comprises peripheral equipment, a security agent terminal, a security management center and terminal management equipment, wherein the security management center applies security technology of network access control, intrusion detection, virus detection and vulnerability management to the security agent terminal through an interface component, a data base module and a user interface component; and under the unified management and control, all security technology is mutually complemented and matched to detect and control network behaviors, so that a distributed security protection system structure in which security strategies are under central management and the security detection is separately distributed is formed. The system and the method have the advantages of flexible configuration, easy expansion, good openness, support of the different level management, and suitability for the security management and protection of the computer network in governments, colleges and universities, and large- and medium-sized enterprises.

Systems and methods are provided which enable client environments, such as corporate and government enterprises, to adopt an integrated, strategic approach to governance, risk and compliance. The systems described herein provide a “cloud-based” information security service that provides such enterprises with round-the-clock visibility into security issues and risks across the enterprise. An advanced security information and event management system, also referred to as an information assurance portal (IAP), is described, which enables client customers to select various services such as threat and vulnerability management, asset classification and tracking, and business threat and risk assessments through a software-as-a-service portal.

A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.

An instance of a vulnerability risk management (VRM) module and a vulnerability management expert decision system (VMEDS) module are instantiated in a cloud. The VMEDS module imports scan results from a VRM vulnerability database and saves them as vulnerabilities to be reviewed in a VMEDS database. The VMEDS module converts vulnerabilities into facts. The VMEDS module builds a rule set in the knowledge base to verify whether certain vulnerabilities are false positives. Rules related to a vulnerability are received in plain English from a web-based front-end application. The VMEDS module tests each rule against all of the facts using the Rete algorithm. The VMEDS module executes the action associated with the rule derived from the Rete algorithm. The VMEDS module stores the results associated with the executing of the action in the VMEDS database and forwards the results to the VRM module.

The invention relates to the field of information security, and in particular to a vulnerability management system and a vulnerability management method. The vulnerability management system comprises an asset management module, a vulnerability scanning module, a vulnerability management module, a vulnerability processing module and a vulnerability analyzing module; all assets including public network assets and vulnerability can be comprehensively found by the asset management module and the vulnerability scanning module; analysis, trace and management of the vulnerability are realized by the vulnerability analyzing module, the vulnerability processing module and the vulnerability management module, so that the vulnerability management system has the effects that detailed record and trace can be carried out on the assets and the vulnerability, security conditions of the assets and the vulnerability in the system also can be evaluated and the management efficiency of the assets and the vulnerability in the system is improved.

A distributed asset identification and change awareness system for implementing vulnerability management includes a plurality of network asset information collection subsystems distributed in different regions and a distributed task scheduling and data processing subsystem, wherein tasks are decomposed based on a distributed architecture and allocated to appropriate resources through the task scheduling, task distribution and processing are realized for a plurality of nodes, and asset information detection and sensing are distributedly performed; the network asset information collection subsystems collect asset information of the networked active host; the data processing part of the distributed task scheduling and data processing subsystem obtains the asset information of the networked active host from the network asset information collection subsystems, and compares the asset information with the confirmed asset attribute information stored in the asset library to realize the automatic update of the asset information for the networked surviving host in the asset library. Vulnerability information is collected though vulnerability scanning, which may quickly treat and fix securityvulnerabilities in networked information systems.

A virtual asset creation template associated with a class of virtual assets is identified and analyzed to identify any vulnerabilities in the virtual asset creation template. If one or more vulnerabilities are identified in the virtual asset creation template, an appropriate remedy for each identified vulnerability identified in the virtual asset creation template is applied. If no vulnerability is identified in the virtual asset creation template, or once each vulnerability identified in the virtual asset creation template is remedied, each virtual asset of the virtual asset class generated using the virtual asset creation template is assigned an initial status of verified virtual asset.

The invention discloses a vulnerability scanning and threat intelligence based unified vulnerability management and warning platform. The platform comprises a multi-form vulnerability scanning engine module, an engine equipment management module, an accurate asset warning module, a priority analysis module, a process optimization analysis module, an internal plan communication module, a vulnerability management module and a system management module. Through a unified management mode, multiple lower multi-mode vulnerability scanning engines are subjected to unified dispatching, task issue and result return, asset statistic information and external intelligence information can be combined to realize threat warning of assets in the corporate scope, the platform can be used in the corporate information internal-external network single-network environment as well as in information internal-external network province, city and county cascade environment, the advantages of the platform in the longitudinal cascade or transverse distribution network environment can be reflected more fully, and integrated defense in electric power company information security is realized.

The invention discloses a vulnerability management system and method. The vulnerability management system comprises a vulnerability scanning module, a vulnerability management module, a vulnerability warning module, a vulnerability track processing module, a statistic analysis module and an asset equipment management module. Management control is conducted through vulnerability scanning, vulnerability warning, vulnerability management, vulnerability track processing, statistical analysis and asset equipment management. By the adoption of the vulnerability management system and method, all relevant information of vulnerability can be recorded in detail, tracking and tracing of the safety risk of a system device are facilitated, the safety condition of the whole network system can be effectively evaluated, the weak link in a network is identified, and then network security reinforcing work is guided.

Embodiments of the invention are directed to systems, methods, and computer program products for real-time generation and deployment of specific user information security vulnerability levels based on vulnerability assessments for the user. The invention utilizes a two-component system to detect security vulnerabilities for a user, generate a coherent vulnerability level for the user in real-time, and provides user specific mitigation actions depending on each user vulnerability assessment. The first component of the system is an information threat assessment engine, which identifies and/or receives external and internal data regarding users to determine information security threats. The second component is an analytics engine, which is configured to generate vulnerability levels and specific mitigation actions for the user based on threat patterning.

The embodiment of the invention provides a vulnerability management system integrating a vulnerability scanning engine and vulnerability work order management, and the system comprises a vulnerability work order management module which is used for carrying out the work order issuing and management of five different vulnerability management stages: vulnerability discovery, vulnerability verification, vulnerability disposal, vulnerability reinforcement, and vulnerability retest; a source code security audit module which is used for performing comprehensive static analysis on the software source code, performing semantic analysis in combination with an AST abstract syntax tree, performing multi-level semantic analysis and function backtracking, and detecting to obtain security vulnerabilities existing in the software source code; an offline weak password scanning module which is used for acquiring a password file through an SSH protocol and uploading the password file in a manual mode, and discovering a weak password through Hash matching. According to the system, various vulnerability problems, including various security holes, security configuration problems and non-compliance behaviors, existing in the information system can be comprehensively and accurately detected.