최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0499236 (2014-09-28) |
등록번호 | US-9118709 (2015-08-25) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 4 인용 특허 : 700 |
A system, method, and computer program product are provided including client and server code configured to cooperate, resulting in display, via at least one user interface, of a plurality of user options for causing different actions of different types in connection with at least one of the networke
A system, method, and computer program product are provided including client and server code configured to cooperate, resulting in display, via at least one user interface, of a plurality of user options for causing different actions of different types in connection with at least one of the networked devices that is actually vulnerable to at least one of a plurality of actual vulnerabilities for at least mitigating an occurrence. The user options include a first user option for causing a first action for dropping packets in connection with the at least one networked device for mitigating the occurrence and a second user option for causing a second action for installation of a patch on the at least one networked device for removing the at least one vulnerability from the at least one networked device. Based on receipt of first user input selecting the first option via the at least one user interface, the first action is caused for dropping packets in connection with the at least one networked device for mitigating the occurrence. Based on receipt of second user input selecting the second option via the at least one user interface, the second action is caused for installation of the patch on the at least one networked device, utilizing the client code, for removing the at least one vulnerability from the at least one networked device.
1. A computer program product embodied on a non-transitory computer readable medium, comprising: code for:identifying at least one aspect of at least one networked device;accessing at least one data structure including particular weakness information related to a plurality of particular weaknesses,
1. A computer program product embodied on a non-transitory computer readable medium, comprising: code for:identifying at least one aspect of at least one networked device;accessing at least one data structure including particular weakness information related to a plurality of particular weaknesses, a portion of the particular weakness information related to the particular weaknesses being associated with at least one of a plurality of techniques capable of removing a corresponding particular weakness from the at least one networked device when the at least one networked device actually has the corresponding particular weakness, such that: a first portion of the particular weakness information related to a first particular weakness is associated with a first technique for completing an installation of software for removing the first particular weakness,a second portion of the particular weakness information related to a second particular weakness is associated with a second technique for affecting a service for removing the second particular weakness, anda third portion of the particular weakness information related to a third particular weakness is associated with a third technique for changing a configuration for removing the third particular weakness; the first technique, the second technique, and the third technique being different from each other;determining whether the at least one networked device actually has one or more of the particular weaknesses, based on the at least one data structure and the at least one aspect of the at least one networked device;performing one or more actions based on the determination, such that: when it is determined that the at least one networked device actually has the first particular weakness: the first technique is applied on the at least one networked device by automatically completing the installation of the software on the at least one networked device for removing the first particular weakness from the at least one networked device;when it is determined that the at least one networked device actually has the second particular weakness: the second technique is applied on the at least one networked device by automatically affecting the service in connection with the at least one networked device for removing the second particular weakness from the at least one networked device;when it is determined that the at least one networked device actually has the third particular weakness: the third technique is applied on the at least one networked device by automatically changing the configuration of the at least one networked device for removing the third particular weakness from the at least one networked device;generating status information that is based on a completion of the one or more actions;communicating the status information;said computer program product further operable for:identifying a request for a network resource by the at least one networked device;receiving the status information from the at least one networked device;after the identification of the request for the network resource, determining a reaction to the request for the network resource, based the status information; andcausing the reaction;wherein the computer program product is operable such that the request for the network resource includes a connection request, and the reaction includes allowing or blocking the connection request;wherein the computer program product is operable such that, in addition to being capable of supporting at least one aspect of both the identification of the at least one aspect of the at least one networked device and the performance of the one or more actions, a single client agent is further capable of supporting at least one aspect of the communication of the status information such that, in response to the identification of the request for the network resource by the at least one networked device, the reaction to the request for the network resource is capable of being determined, based the status information, which is received in connection with the request for the network resource. 2. The computer program product of claim 1, wherein the computer program product is operable such that the status information indicates whether the at least one networked device complies with a predetermined security policy. 3. The computer program product of claim 1, wherein the computer program product is operable such that the status information indicates whether the at least one networked device complies with a minimum security policy set. 4. The computer program product of claim 1, wherein the computer program product is operable such that the status information includes security status information that characterizes zero or more weaknesses to which the at least one networked device is subject. 5. The computer program product of claim 1, wherein the computer program product is operable such that the status information includes an indication whether the at least one networked device actually has at least one of the first particular weakness, the second particular weakness, or the third particular weakness. 6. The computer program product of claim 1, wherein the computer program product is operable such that the status information includes an indication whether the software is installed. 7. The computer program product of claim 1, wherein the computer program product is operable such that the status information indicates whether the at least one networked device meets a baseline level of security. 8. The computer program product of claim 1, wherein the computer program product is operable such that the status information is received after the request for network resource is identified. 9. The computer program product of claim 1, wherein the computer program product is operable for: displaying, via at least one user interface, a plurality of user options for causing different actions in connection with the at least one of the networked device, the user options including a first user option for causing automatic installation of a patch on the at least one networked device for removing at least one weakness from the at least one networked device,receiving first user input selecting the first option via the at least one user interface, for causing the automatic installation of the patch on the at least one networked device for removing the at least one weakness from the at least one networked device, andbased on receipt of the first user input selecting the first option via the at least one user interface, causing the automatic installation of the patch on the at least one networked device for removing the at least one weakness from the at least one networked device. 10. The computer program product of claim 9, wherein the computer program product is operable such that the installation of the patch is automatically completed in response to a first single-click via the at least one user interface, and a rollback of the installation of the patch is automatically completed in response to second single-click via the at least one user interface. 11. The computer program product of claim 9, wherein the computer program product is operable such that the installation of the patch causes a change in the status information from the at least one networked device such that, after an identification of another request for the network resource, a different reaction is determined for the another request for the network resource. 12. The computer program product of claim 1, wherein the computer program product is operable such that a least one of: said particular weakness information including at least one of a weakness identifier or information describing at least one aspect of one of the weaknesses;said first technique, the second technique, and the third technique are of different technique types;said first technique, the second technique, and the third technique are remediation techniques;said at least one aspect includes at least one of software installed on the at least one networked device, a configuration setting of the at least one networked device, a policy setting of the at least one networked device, or a patch installed on the at least one networked device;said causing is performed by server code;at least of said particular weaknesses is capable of being exploited by at least one attack;at least of said particular weaknesses includes a performance weakness; orsaid affect on said service includes at least one of stopping, disabling, or removing the service. 13. The computer program product of claim 1, wherein the computer program product is operable for use with at least one NOC server, a data warehouse, and an SDK for allowing access to information associated with at least one vulnerability and at least one remediation technique, and wherein the computer program product is further operable for determining which devices have weaknesses by directly querying a firmware or operating computer program product of the devices. 14. A computer program product embodied on a non-transitory computer readable medium, comprising: code for identifying at least one aspect of at least one networked device;code for accessing at least one data structure describing a plurality of techniques capable of at least mitigating a plurality of particular weaknesses, each of the techniques capable of at least mitigating a corresponding particular weakness, where:a first technique is described which is capable of removing a first particular weakness by completing an installation of software for at least mitigating the first particular weakness,a second technique is described which is capable of removing a second particular weakness by affecting a service for at least mitigating the second particular weakness, anda third technique is described which is capable of removing a third particular weakness by changing a configuration for at least mitigating the third particular weakness; the first technique, the second technique, and the third technique being different from each other;code for determining whether the at least one networked device actually has one or more of the particular weaknesses, based on the at least one data structure and the at least one aspect of the at least one networked device;code for performing one or more actions based on the determination, such that:when it is determined that the at least one networked device actually has the first particular weakness: the first technique is applied on the at least one networked device by automatically completing the installation of the software on the at least one networked device for at least mitigating the first particular weakness on the at least one networked device;when it is determined that the at least one networked device actually has the second particular weakness: the second technique is applied on the at least one networked device by automatically affecting the service in connection with the at least one networked device for at least mitigating the second particular weakness on the at least one networked device;when it is determined that the at least one networked device actually has the third particular weakness: the third technique is applied on the at least one networked device by automatically changing the configuration of the at least one networked device for at least mitigating the third particular weakness on the at least one networked device;code for generating status information indicating whether at least one of the first technique, the second technique, or the third technique has been applied; andcode for communicating the status information such that, in response to an identification of a request for a network resource by the at least one networked device, a reaction to the request for the network resource is capable of being caused, based the status information;wherein the computer program product is operable such that, in addition to being capable of supporting at least one aspect of both the identification of the at least one aspect of the at least one networked device and the performance of the one or more actions, a single client agent is further capable of supporting at least one aspect of the communication of the status information such that, in response to the identification of the request for the network resource by the at least one networked device, the reaction to the request for the network resource is capable of being caused, based the status information, which is identified in connection with the identification of the request for the network resource. 15. A computer program product embodied on at least one non-transitory computer readable medium, comprising: code for deploying a single client agent to at least one of a plurality of devices, the single client agent being capable of both identifying a plurality of aspects of the at least one device that are the bases for a plurality of weaknesses and applying a plurality of remediation techniques that remediate the weaknesses based on at least one data structure identifying the remediation techniques that remediate the weaknesses, where:each of at least a portion of the remediation techniques remediates at least one of the plurality of weaknesses;each of at least a portion of the remediation techniques has a remediation type including at least one of installation of software, a policy setting, or a configuration;said at least one data structure identifies: a first remediation technique that remediates a first particular weakness by automatically installing software for at least mitigating the first particular weakness,a second remediation technique that remediates a second particular weakness by automatically affecting a service for at least mitigating the second particular weakness, anda third remediation technique that remediates a third particular weakness by automatically changing a configuration or policy setting for at least mitigating the third particular weakness; the first remediation technique, the second remediation technique, and the third remediation technique being different from each other; andcode for:identifying at least one of a first aspect, a second aspect, or a third aspect of the at least one device that is a basis for at least one of the first particular weakness, the second particular weakness, or the third particular weakness, utilizing the single client agent,determining whether the at least one device is subject to at least one of the first particular weakness, the second particular weakness, or the third particular weakness, based on the at least one data structure and at least one of the first aspect, the second aspect, or the third aspect of the at least one device,conditionally applying at least one of the first remediation technique, the second remediation technique, or the third remediation technique to the at least one device, utilizing the single client agent, based on the determination whether the at least one device is subject to the at least one of the first particular weakness, the second particular weakness, or the third particular weakness, andreporting to at least one server, utilizing the single client agent, at least one of first status information relating to the application of the first remediation technique, second status information relating to the application of the second remediation technique, or third status information relating to the application of the third remediation technique;wherein the computer program product is operable such that, in addition to being capable of supporting both identifying the aspects of the devices that are the bases for the weaknesses and applying the remediation techniques that remediate the weaknesses, the single client agent is further capable of supporting at least one aspect of the reporting which, in turn, is capable of being used for supporting at least one aspect of: identifying a request for a network resource by the at least one device including a connection request, and, after the identification of the request for the network resource, blocking the connection request based on at least one of the first status information, the second status information, or the third status information, which is received in connection with the request for the network resource. 16. The computer program product of claim 15, wherein the computer program product is configured such that the at least one data structure is capable of residing at the at least one device. 17. The computer program product of claim 15, wherein the computer program product is integrated with a firewall for the blocking of the connection request. 18. The computer program product of claim 15, wherein the computer program product is configured such that the at least one aspect of the identifying and the blocking includes providing at least one of the first status information, the second status information, or the third status information so that the blocking is capable of being based thereon. 19. The computer program product of claim 15, wherein the computer program product is configured such that the at least one of the first status information, the second status information, or the third status information is received from the at least one server after the request for the network resource so that the blocking is capable of being based thereon. 20. The computer program product of claim 15, wherein the computer program product is configured such that the use of the single client agent for each of the supporting results in more integration such that the computer program product is thereby capable of responding to weaknesses faster and more effectively.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.