System and method for providing remediation management
Abstract
In one embodiment, software for remediation management is operable to automatically identify an asset in an enterprise network. One or more vulnerabilities of the identified asset is automatically identified based on comparing the identified asset to content associated with the one or more vulnerabilities. At least a portion of the content is collected from a plurality of third party content providers. Other example software for remediation management may be operable to identify one or more vulnerabilities of an asset based on comparing the asset to content associated with the one or more vulnerabilities and automatically generate remediations for the asset based on the content associated with the one or more vulnerabilities.
Claims
exact text as granted — not AI-modified1 . A system for managing remediations of a plurality of assets in an enterprise network, the system comprising:
a remediation server configured to:
receive information associated with at least one asset, from the plurality of assets, to be protected, and
generate an asset profile for the at least one asset to be protected, the asset profile comprising the received information associated with the at least one asset to be protected,
a content management server configured to:
receive, from the remediation server, a content request for content associated with vulnerabilities of one or more of the assets from the plurality of assets,
receive, from one or more content providers external to the enterprise network, the requested content, and
transmit at least a portion of the requested content to the remediation server,
wherein the remediation server is further configured to identify one or more vulnerabilities of the at least one asset to be protected by comparing the asset profile of the at least one asset to be protected to the received content.
2 . The system of claim 1 , wherein the received content includes content operable to remediate the one or more identified vulnerabilities of the at least one asset to be protected.
3 . The system of claim 2 , wherein the received content includes content operable to update a configuration setting of the at least one asset to be protected.
4 . The system of claim 2 , wherein the received content includes content operable to update a component of the at least one asset to be protected.
5 . The system of claim 1 , wherein the remediation server is further configured to:
receive, from the at least one asset to be protected, updated information associated with configuration settings and one or more components of the at least one asset to be protected; update the asset profile associated with the at least one asset to be protected based on the received updated information; and identify one or more additional vulnerabilities of the at least one asset to be protected based on comparing the updated asset profile to the received content, the received content including content operable to update the at least one asset to be protected.
6 . The system of claim 1 , further comprising at least one agent associated with the at least one asset to be protected, the agent being communicably coupled with the remediation server, wherein the agent is configured to:
receive, from the remediation server, a request for the information associated with the at least one asset to be protected, identify the information associated with the at least one asset to be protected, and transmit the information associated with the at least one asset to be protected to the remediation server.
7 . The system of claim 6 , wherein the remediation server is further configured to, devise one or more remediations for the one or more identified vulnerabilities, and wherein the at least one agent is further configured to receive the devised remediations from the remediation server.
8 . The system of claim 1 , wherein the received content includes at least one or more of a script, a release, a link, a patch, or a configuration setting.
9 . The system of claim 1 , wherein the at least one asset to be protected comprises at least two assets to be protected, and wherein the remediation server is further configured to:
associate the at least two assets to be protected as a group based on a subset of a plurality of characteristics of the at least two assets, wherein the one or more identified vulnerabilities are associated with the at least two assets of the group; and transmit at least a portion of the received content to the at least two assets of the group based on the one or more identified vulnerabilities.
10 . An article of manufacture comprising a computer readable storage medium, the computer readable storage medium comprising software for remediation management that configure one or more processors to:
receive, at a remediation server, information associated with at least one asset, from the plurality of assets, to be protected; generate, at the remediation server, an asset profile for the at least one asset to be protected, the asset profile comprising the received information associated with the at least one asset to be protected; transmit, from the remediation server to a content management server, a content request for content associated with vulnerabilities of one or more of the assets from the plurality of assets; receive, at the content management server, from one or more content providers external to the enterprise network, the requested content; receive, at the remediation server from the content management server, at least a portion of the requested content; and identify one or more vulnerabilities of the at least one asset to be protected by comparing the asset profile of the at least one asset to be protected to the received content.
11 . The article of manufacture of claim 10 , wherein the received content includes content operable to remediate the one or more identified vulnerabilities of the at least one asset to be protected.
12 . The article of manufacture of claim 11 , wherein the received content includes content operable to update a configuration setting of the at least one asset to be protected.
13 . The article of manufacture of claim 11 , wherein the received content includes content operable to update a component of the at least one asset to be protected.
14 . The article of manufacture of claim 10 , wherein the software for remediation management further configures the one or more processors to:
receive, at the remediation server from the at least one asset to be protected, updated information associated with configuration settings and one or more components of the at least one asset to be protected; update the asset profile associated with the at least one asset to be protected based on the received updated information; and identify one or more additional vulnerabilities of the at least one asset to be protected based on comparing the updated asset profile to the received content, the received content including content operable to update the at least one asset to be protected.
15 . The article of manufacture of claim 10 , wherein the software for remediation management further configures the one or more processors to:
instantiate at least one agent associated with the at least one asset to be protected, the agent being communicably coupled with the remediation server; receive, at the at least one agent from the remediation server, a request for the information associated with the at least one asset to be protected; identify, at the at least one agent, the information associated with the at least one asset to be protected; and transmit, from the at least one agent, the information associated with the at least one asset to be protected to the remediation server.
16 . The article of manufacture of claim 15 , wherein the software for remediation management further configures the one or more processors to:
devise, at the remediation server, one or more remediations for the one or more identified vulnerabilities; and receive, at the at least one agent, the devised remediations from the remediation server.
17 . The article of manufacture of claim 10 , wherein the received content includes at least one or more of a script, a release, a link, a patch, or a configuration setting.
18 . The article of manufacture of claim 10 , wherein the at least one asset to be protected comprises at least two assets to be protected, and wherein the software for remediation management further configures the one or more processors to:
associate, at the remediation server, the at least two assets to be protected as a group based on a subset of a plurality of characteristics of the at least two assets, wherein the one or more identified vulnerabilities are associated with the at least two assets of the group; and transmit, by the remediation server, at least a portion of the received content to the at least two assets of the group based on the one or more identified vulnerabilities.
19 . A computer-implemented method for providing remediation management, that when executed by one or more processors cause the one or more processors to perform a plurality of operations comprising:
receiving, at a remediation server, information associated with at least one asset, from the plurality of assets, to be protected; generating, at the remediation server, an asset profile for the at least one asset to be protected, the asset profile comprising the received information associated with the at least one asset to be protected; transmitting, from the remediation server to a content management server, a content request for content associated with vulnerabilities of one or more of the assets from the plurality of assets; receiving, at the content management server, from one or more content providers external to the enterprise network, the requested content; receiving, at the remediation server from the content management server, at least a portion of the requested content; and identifying one or more vulnerabilities of the at least one asset to be protected by comparing the asset profile of the at least one asset to be protected to the received content.
20 . The method of claim 19 , wherein the received content includes content operable to remediate the one or more identified vulnerabilities of the at least one asset to be protected.
21 . The method of claim 20 , wherein the received content includes content operable to update a configuration setting of the at least one asset to be protected.
22 . The method of claim 20 , wherein the received content includes content operable to update a component of the at least one asset to be protected.
23 . The method of claim 19 , the plurality of operations further comprising:
receiving, at the remediation server from the at least one asset to be protected, updated information associated with configuration settings and one or more components of the at least one asset to be protected; updating the asset profile associated with the at least one asset to be protected based on the received updated information; and identifying one or more additional vulnerabilities of the at least one asset to be protected based on comparing the updated asset profile to the received content, the received content including content operable to update the at least one asset to be protected.
24 . The method of claim 19 , the plurality of operations further comprising:
instantiating at least one agent associated with the at least one asset to be protected, the agent being communicably coupled with the remediation server; receiving, at the at least one agent from the remediation server, a request for the information associated with the at least one asset to be protected; identifying, at the at least one agent, the information associated with the at least one asset to be protected; and transmitting, from the at least one agent, the information associated with the at least one asset to be protected to the remediation server.
25 . The method of claim 24 , the plurality of operations further comprising:
devising, at the remediation server, one or more remediations for the one or more identified vulnerabilities; and receiving, at the at least one agent, the devised remediations from the remediation server.
26 . The method of claim 19 , the plurality of operations further comprising:
generating, at the remediation server, a remediation task list for the at least one asset to be protected; and generating, at the remediation server, one or more remediations for the identified one or more vulnerabilities of the at least one asset to be protected, and include the generated one or more remediations in the remediation task list, wherein each of the one or more remediations comprises at least an asset identifier identifying the at least one asset to be protected, and particular content of the received content that is associated with an identified vulnerability of the at least one asset to be protected and operable to remediate the identified vulnerability.
27 . The method of claim 19 , wherein the received content includes at least one or more of a script, a release, a link, a patch, or a configuration setting.
28 . The method of claim 19 , wherein the at least one asset to be protected comprises at least two assets to be protected, and wherein plurality of operations further comprise:
associating, at the remediation server, the at least two assets to be protected as a group based on a subset of a plurality of characteristics of the at least two assets, wherein the one or more identified vulnerabilities are associated with the at least two assets of the group; and transmitting, by the remediation server, at least a portion of the received content to the at least two assets of the group based on the one or more identified vulnerabilities.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.