US2010100965A1PendingUtilityA1

System and method for providing remediation management

62
Assignee: COMPUTER ASS THINK INCPriority: May 21, 2004Filed: Dec 22, 2009Published: Apr 22, 2010
Est. expiryMay 21, 2024(expired)· nominal 20-yr term from priority
G06Q 10/10
62
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In one embodiment, software for remediation management is operable to automatically identify an asset in an enterprise network. One or more vulnerabilities of the identified asset is automatically identified based on comparing the identified asset to content associated with the one or more vulnerabilities. At least a portion of the content is collected from a plurality of third party content providers. Other example software for remediation management may be operable to identify one or more vulnerabilities of an asset based on comparing the asset to content associated with the one or more vulnerabilities and automatically generate remediations for the asset based on the content associated with the one or more vulnerabilities.

Claims

exact text as granted — not AI-modified
1 . A system for managing remediations of a plurality of assets in an enterprise network, the system comprising:
 a remediation server configured to:
 receive information associated with at least one asset, from the plurality of assets, to be protected, and 
 generate an asset profile for the at least one asset to be protected, the asset profile comprising the received information associated with the at least one asset to be protected, 
   a content management server configured to:
 receive, from the remediation server, a content request for content associated with vulnerabilities of one or more of the assets from the plurality of assets, 
 receive, from one or more content providers external to the enterprise network, the requested content, and 
 transmit at least a portion of the requested content to the remediation server, 
   wherein the remediation server is further configured to identify one or more vulnerabilities of the at least one asset to be protected by comparing the asset profile of the at least one asset to be protected to the received content.   
   
   
       2 . The system of  claim 1 , wherein the received content includes content operable to remediate the one or more identified vulnerabilities of the at least one asset to be protected. 
   
   
       3 . The system of  claim 2 , wherein the received content includes content operable to update a configuration setting of the at least one asset to be protected. 
   
   
       4 . The system of  claim 2 , wherein the received content includes content operable to update a component of the at least one asset to be protected. 
   
   
       5 . The system of  claim 1 , wherein the remediation server is further configured to:
 receive, from the at least one asset to be protected, updated information associated with configuration settings and one or more components of the at least one asset to be protected;   update the asset profile associated with the at least one asset to be protected based on the received updated information; and   identify one or more additional vulnerabilities of the at least one asset to be protected based on comparing the updated asset profile to the received content, the received content including content operable to update the at least one asset to be protected.   
   
   
       6 . The system of  claim 1 , further comprising at least one agent associated with the at least one asset to be protected, the agent being communicably coupled with the remediation server, wherein the agent is configured to:
 receive, from the remediation server, a request for the information associated with the at least one asset to be protected,   identify the information associated with the at least one asset to be protected, and   transmit the information associated with the at least one asset to be protected to the remediation server.   
   
   
       7 . The system of  claim 6 , wherein the remediation server is further configured to, devise one or more remediations for the one or more identified vulnerabilities, and wherein the at least one agent is further configured to receive the devised remediations from the remediation server. 
   
   
       8 . The system of  claim 1 , wherein the received content includes at least one or more of a script, a release, a link, a patch, or a configuration setting. 
   
   
       9 . The system of  claim 1 , wherein the at least one asset to be protected comprises at least two assets to be protected, and wherein the remediation server is further configured to:
 associate the at least two assets to be protected as a group based on a subset of a plurality of characteristics of the at least two assets, wherein the one or more identified vulnerabilities are associated with the at least two assets of the group; and   transmit at least a portion of the received content to the at least two assets of the group based on the one or more identified vulnerabilities.   
   
   
       10 . An article of manufacture comprising a computer readable storage medium, the computer readable storage medium comprising software for remediation management that configure one or more processors to:
 receive, at a remediation server, information associated with at least one asset, from the plurality of assets, to be protected;   generate, at the remediation server, an asset profile for the at least one asset to be protected, the asset profile comprising the received information associated with the at least one asset to be protected;   transmit, from the remediation server to a content management server, a content request for content associated with vulnerabilities of one or more of the assets from the plurality of assets;   receive, at the content management server, from one or more content providers external to the enterprise network, the requested content;   receive, at the remediation server from the content management server, at least a portion of the requested content; and   identify one or more vulnerabilities of the at least one asset to be protected by comparing the asset profile of the at least one asset to be protected to the received content.   
   
   
       11 . The article of manufacture of  claim 10 , wherein the received content includes content operable to remediate the one or more identified vulnerabilities of the at least one asset to be protected. 
   
   
       12 . The article of manufacture of  claim 11 , wherein the received content includes content operable to update a configuration setting of the at least one asset to be protected. 
   
   
       13 . The article of manufacture of  claim 11 , wherein the received content includes content operable to update a component of the at least one asset to be protected. 
   
   
       14 . The article of manufacture of  claim 10 , wherein the software for remediation management further configures the one or more processors to:
 receive, at the remediation server from the at least one asset to be protected, updated information associated with configuration settings and one or more components of the at least one asset to be protected;   update the asset profile associated with the at least one asset to be protected based on the received updated information; and   identify one or more additional vulnerabilities of the at least one asset to be protected based on comparing the updated asset profile to the received content, the received content including content operable to update the at least one asset to be protected.   
   
   
       15 . The article of manufacture of  claim 10 , wherein the software for remediation management further configures the one or more processors to:
 instantiate at least one agent associated with the at least one asset to be protected, the agent being communicably coupled with the remediation server;   receive, at the at least one agent from the remediation server, a request for the information associated with the at least one asset to be protected;   identify, at the at least one agent, the information associated with the at least one asset to be protected; and   transmit, from the at least one agent, the information associated with the at least one asset to be protected to the remediation server.   
   
   
       16 . The article of manufacture of  claim 15 , wherein the software for remediation management further configures the one or more processors to:
 devise, at the remediation server, one or more remediations for the one or more identified vulnerabilities; and   receive, at the at least one agent, the devised remediations from the remediation server.   
   
   
       17 . The article of manufacture of  claim 10 , wherein the received content includes at least one or more of a script, a release, a link, a patch, or a configuration setting. 
   
   
       18 . The article of manufacture of  claim 10 , wherein the at least one asset to be protected comprises at least two assets to be protected, and wherein the software for remediation management further configures the one or more processors to:
 associate, at the remediation server, the at least two assets to be protected as a group based on a subset of a plurality of characteristics of the at least two assets, wherein the one or more identified vulnerabilities are associated with the at least two assets of the group; and   transmit, by the remediation server, at least a portion of the received content to the at least two assets of the group based on the one or more identified vulnerabilities.   
   
   
       19 . A computer-implemented method for providing remediation management, that when executed by one or more processors cause the one or more processors to perform a plurality of operations comprising:
 receiving, at a remediation server, information associated with at least one asset, from the plurality of assets, to be protected;   generating, at the remediation server, an asset profile for the at least one asset to be protected, the asset profile comprising the received information associated with the at least one asset to be protected;   transmitting, from the remediation server to a content management server, a content request for content associated with vulnerabilities of one or more of the assets from the plurality of assets;   receiving, at the content management server, from one or more content providers external to the enterprise network, the requested content;   receiving, at the remediation server from the content management server, at least a portion of the requested content; and   identifying one or more vulnerabilities of the at least one asset to be protected by comparing the asset profile of the at least one asset to be protected to the received content.   
   
   
       20 . The method of  claim 19 , wherein the received content includes content operable to remediate the one or more identified vulnerabilities of the at least one asset to be protected. 
   
   
       21 . The method of  claim 20 , wherein the received content includes content operable to update a configuration setting of the at least one asset to be protected. 
   
   
       22 . The method of  claim 20 , wherein the received content includes content operable to update a component of the at least one asset to be protected. 
   
   
       23 . The method of  claim 19 , the plurality of operations further comprising:
 receiving, at the remediation server from the at least one asset to be protected, updated information associated with configuration settings and one or more components of the at least one asset to be protected;   updating the asset profile associated with the at least one asset to be protected based on the received updated information; and   identifying one or more additional vulnerabilities of the at least one asset to be protected based on comparing the updated asset profile to the received content, the received content including content operable to update the at least one asset to be protected.   
   
   
       24 . The method of  claim 19 , the plurality of operations further comprising:
 instantiating at least one agent associated with the at least one asset to be protected, the agent being communicably coupled with the remediation server;   receiving, at the at least one agent from the remediation server, a request for the information associated with the at least one asset to be protected;   identifying, at the at least one agent, the information associated with the at least one asset to be protected; and   transmitting, from the at least one agent, the information associated with the at least one asset to be protected to the remediation server.   
   
   
       25 . The method of  claim 24 , the plurality of operations further comprising:
 devising, at the remediation server, one or more remediations for the one or more identified vulnerabilities; and   receiving, at the at least one agent, the devised remediations from the remediation server.   
   
   
       26 . The method of  claim 19 , the plurality of operations further comprising:
 generating, at the remediation server, a remediation task list for the at least one asset to be protected; and   generating, at the remediation server, one or more remediations for the identified one or more vulnerabilities of the at least one asset to be protected, and include the generated one or more remediations in the remediation task list, wherein each of the one or more remediations comprises at least an asset identifier identifying the at least one asset to be protected, and particular content of the received content that is associated with an identified vulnerability of the at least one asset to be protected and operable to remediate the identified vulnerability.   
   
   
       27 . The method of  claim 19 , wherein the received content includes at least one or more of a script, a release, a link, a patch, or a configuration setting. 
   
   
       28 . The method of  claim 19 , wherein the at least one asset to be protected comprises at least two assets to be protected, and wherein plurality of operations further comprise:
 associating, at the remediation server, the at least two assets to be protected as a group based on a subset of a plurality of characteristics of the at least two assets, wherein the one or more identified vulnerabilities are associated with the at least two assets of the group; and   transmitting, by the remediation server, at least a portion of the received content to the at least two assets of the group based on the one or more identified vulnerabilities.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.