REGISTER now for FREE 
|
FREE patent keyword monitoring and additional FREE benefits. REGISTER now for FREE
|
|
|
Information Security > Monitoring Or Scanning Of Software Or Data Including Attack Prevention > Vulnerability Assessment Vulnerability AssessmentVulnerability Assessment patent applications listed are from June 2005 to current and include Date, Patent Application Number, Patent Title, Patent Abstract summary and are linked to the corresponding patent application page.11/22/07 - 20070271617 - Vulnerability check program, vulnerability check apparatus, and vulnerability check method Disclosed is a vulnerability check program allowing a computer to execute a vulnerability check method for detecting vulnerability of a program to be checked. The program allows the computer to execute: a determination rule management step that manages a determination rule concerning vulnerability; a program input step that reads in ... 11/15/07 - 20070266437 - Method and system for architecting a secure solution A system and method of designing a secure solution which meets the needs of a customer but which is appropriate and repeatable and may use components which are insecure or not trusted. In its preferred embodiment, the security system includes subsystems selected from access control, information flow, identity and credentials ... 11/01/07 - 20070256132 - Vulnerability and remediation database A security information management system is described, wherein client-side devices preferably collect and monitor information describing the operating system, software, and patches installed on the device(s), as well as configuration thereof. A database of this information is maintained, along with data describing vulnerabilities of available software and associated remediation techniques ... 10/25/07 - 20070250932 - Integrated enterprise-level compliance and risk management system In one embodiment, the present invention includes a plurality of distributed software interfaces to interface with a plurality of assets on a network. The present invention can also include an asset module to discover the plurality of assets using the plurality of distributed software interfaces and to allow a user ... 10/18/07 - 20070245421 - Protecting a data processing system from attack by a vandal who uses a vulnerability server Method and apparatus for protecting a data processing system such as an Internet server from attack by a vandal who uses an offensive vulnerability scanner to find an externally visible vulnerability of the data processing system. The method includes determining an externally visible vulnerability using a defensive vulnerability scanner, configuring ... 10/11/07 - 20070240225 - Architecture for automatic https boundary identification A method, system, and computer program product that enables a web designer/architect to be dynamically notified of the presence of unsecured content within a secure web site based on testing or users browsing activities. A boundary error detection and reporting (BEDR) utility is added to the web browser, web application ... 10/11/07 - 20070240224 - Sovereign information sharing service Embodiments herein provide a method, system, etc. for a sovereign information sharing service. More specifically, a method for secure distributed query processing comprises storing data tables from at least one data provider in at least one first computer comprising a sovereign server. Next, encrypted input and output of the data ... 10/11/07 - 20070240223 - Systems, methods, and apparatus to manage offshore software development Systems, methods and apparatus are disclosed to manage offshore software development. An example method disclosed herein includes electronically accessing offshore tool hardware and executing a compliance test on the offshore tool hardware, the compliance test returning a result. The example method further includes comparing the result of the compliance test ... 10/04/07 - 20070234428 - Method for secure single-packet remote authorization A method for secure single-packet remote authorization using a single packet authorization (SPA) server on a host system that passively monitors the network for connection attempts and anonymously accept or rejects said attempts depending on whether a valid SPA packet is detected, an SPA client on a client system that ... 09/13/07 - 20070214506 - Method and system of providing an integrated reputation service Reputation information, associated with a source that utilizes different communication formats, is accessed. First reputation information for one of the communication formats used by the source is correlated with second reputation information for another of the communication formats used by the source. A reputation measure is determined. The reputation measure ... 08/30/07 - 20070204347 - Automated computer system security compromise A system is provided for performing penetration testing of a target computer network by installing a remote agent in the target computer network. The system includes a local agent provided in a computer console and configured to receive and execute commands. A user interface is provided in the console and ... 08/30/07 - 20070204346 - Server security schema A server security schema that can incorporate server security-related expertise into an information model is provided. The novel server security schema component can be applied to an application server, a web server and/or a database server to converge knowledge into securing the server by identifying categories, vulnerabilities, threats, attacks and ... 08/16/07 - 20070192867 - Security appliances A security micro-appliance provides dynamic, reconfigurable threat protection. The micro-appliance may be deployed as a standalone system, or as a component in a distributed security system management from a central administrative location. In another aspect, a security appliance or micro-appliance employs RSS feeds and XML-based tests, alerts, and the like ... 08/09/07 - 20070186285 - Webcrawl internet security analysis and process An automated Web security analysis system and process identifies security vulnerabilities in a target Internet Web site by parsing through the target Web sit to search for a predetermined list of common security vulnerabilities. The process is recursive, exploiting information gathered throughout the process to search for additional security vulnerabilities. ... 08/09/07 - 20070186284 - Geographical threat response prioritization mapping system and methods of use Systems and methods for mapping threats (or vulnerabilities to attacks) based on a correlation of location data, such as wireless location data or a physical location, with an network address associated with a threat are provided. In one aspect, methods and systems include receiving threat data, retrieving location data, correlating ... 08/09/07 - 20070186283 - Apparatus and method for providing program protection engineering, security management, and report preparation for sensitive and classified projects An apparatus and method using a program protection engineering (P2E) toolkit to provide program protection engineering, security management, and report preparation for sensitive and classified projects. The P2E toolkit is an implementation of security policies, procedures, and methodologies associated with acquisition programs. Acquisition programs may range from large-scale classified systems ... 08/02/07 - 20070180532 - Broadcast receiver, data structure and method for providing diagnostic information A host includes a controller configured to receive a request external to the host, wherein the request is for diagnostic information associated with memory allocated for an application. The controller is further configured to collect the requested diagnostic information. ... 08/02/07 - 20070180531 - Analyzing interpretable code for harm potential Computerized facilitation of an assessment of risk associated with running interpretable code. The interpretable code under evaluation is parsed to identify a command unit within the interpretable code. One or more risk factors associated with the identified command unit is then identified using the parsed code. A report is then ... 07/26/07 - 20070174917 - Platform for analyzing the security of communication protocols and channels A security analyzer tests the security of a device by attacking the device and observing the device's response. Attacking the device includes sending one or more messages to the device. A message can be generated by the security analyzer or generated independently of the security analyzer. The security analyzer uses ... 07/19/07 - 20070169199 - Web service vulnerability metadata exchange system A web service vulnerability metadata exchange system that provides for verification of web services during development by testing for the latest vulnerabilities based on security, policy, and best practice profiles prior to release of the web services, and wherein the web service vulnerability metadata exchange system will automate the surveillance ... 07/12/07 - 20070162976 - Method of managing and mitigating security risks through planning An exemplary method is provided for managing and mitigating security risks through planning. A first security-related information of a requested product is received. A second security-related information of resources that are available for producing the requested product is received. A multi-stage process with security risks managed by the first security-related ... 06/21/07 - 20070143852 - Network security system having a device profiler communicatively coupled to a traffic monitor A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The ... 06/21/07 - 20070143851 - Method and systems for controlling access to computing resources based on known security vulnerabilities Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, ... 06/21/07 - 20070143850 - Methods and apparatus providing computer and network security utilizing probabilistic policy reposturing A system defines at least one key event to be monitored by at least one agent, and creates a graphical model for the at least one key event. The system observes the at least one key event. The system infers a degree of attack on the computer system based on ... 06/21/07 - 20070143849 - Method and a software system for end-to-end security assessment for security and cip professionals A method and software system for Security and CIP Professionals (CIP) that addresses the shortcomings in today's Critical Infrastructure Protection (CIP) methods, and offers a new security assessment methodology equipped to meet the present challenges of CIP, as well as future challenges. The method is based on an End-to-End Security ... 06/14/07 - 20070136814 - Critical function monitoring and compliance auditing system A system and method for monitoring, auditing and flagging compliance issues or other user defined exceptions with user defined systems for internal monitoring of adherence to critical functions and operations or systems such as ISO-9000 and other government mandated requirements such as HIPPA and other mandated security provisions as defined ... 06/14/07 - 20070136813 - Method for eliminating invalid intrusion alerts The method for eliminating invalid intrusion alerts operates according to a set of filter rules that are generated from given firewall rules. As a filter that implements this method receives an intrusion alert, it directly matches the features of the alert against its own rules, and then decides the validity ... 05/31/07 - 20070124817 - Message security framework A computer-implemented method of providing security for an application running on a messaging based operating system is provided. The method includes obtaining a first message from a message queue for the application. Then, it is determined whether the first message is of a type registered by the application as being ... 05/10/07 - 20070107061 - System and method for secure network connectivity A system and method to ensure that a remote computer making a VPN connection complies with network security policies. Server driven security checks may be configured to verify compliance with each access level before access is granted at that level. The security checks may be selected based at least according ... 05/10/07 - 20070107060 - System and method for secure network connectivity A system and method to ensure that a remote computer making a VPN connection complies with network security policies. Server-driven security checks may be configured to verify compliance with each access level before access is granted at that level. The security checks may be selected based at least according to ... 05/03/07 - 20070101433 - Widget security A widget security system, method and computer-readable medium detects a security event associated with a widget, assesses the risk associated with the security event, and initiates a security action based on the assessed risk. ... 05/03/07 - 20070101432 - Risk driven compliance management Environmental risk levels are leveraged to provide dynamic, user-tailorable, actions to detect network compliance and/or to remediate via manual and/or automatic means to bring the network into compliance given the risk level. The risk levels can be based on a combination of business, security, and operation factors and the like. ... 04/26/07 - 20070094735 - Method to consolidate and prioritize web application vulnerabilities This invention relates to a method for consolidating and prioritizing web application vulnerabilities. Specifically, this invention relates to a method for consolidating the root causes for vulnerabilities in web applications, and then prioritizing the vulnerabilities to identify which should be remediated first. ... 04/12/07 - 20070083933 - Detection of security vulnerabilities in computer programs Methods and systems for analyzing a computer program use static and interprocedural analysis techniques and engines. A data processing operation, such as a function, is automatically identified within the computer program. It is determined whether the function represents a potential source for entry of untrusted data into the computer program. ... 04/12/07 - 20070083932 - System and method for utilizing a gaming environment for evaluating security policies A system and method for utilizing a gaming environment for evaluating security policies is presented. An administrator uses a mapping system to map policy tags corresponding to a policy manager with game tags corresponding to a game manager. In addition, the mapping system configures a participant's game based upon gaming ... 03/22/07 - 20070067848 - Security vulnerability information aggregation Security vulnerability information aggregation techniques are disclosed. Vulnerability information associated with one or more security vulnerabilities is obtained from multiple sources and aggregated into respective unified vulnerability definitions for the one or more security vulnerabilities. Aggregation may involve format conversion, content aggregation, or both in some embodiments. Unified vulnerability definitions ... 03/22/07 - 20070067847 - Information system service-level security risk analysis Information system service-level security risk analysis systems, methods, and Graphical User Interfaces are disclosed. Assets of an information system that have relationships with a service provided by the information system are identified, and at least one security risk to the service is determined by analyzing security vulnerabilities associated with the ... 03/22/07 - 20070067846 - Systems and methods of associating security vulnerabilities and assets Systems and methods of associating security vulnerabilities and assets, and related Graphical User Interfaces (GUIs) and data structures, are disclosed. A definition of a security vulnerability, which includes multiple asset characteristics such as an asset platform that may be exploited via the security vulnerability and an asset platform that is ... 03/22/07 - 20070067845 - Application of cut-sets to network interdependency security risk assessment The invention is directed to providing threat and risk analysis for a network that has a high degree of inter-relationships and interdependencies among the assets comprising it, using a “cut set” enumeration method. The identified cut sets are used as the basis to the threat and risk analysis, since each ... 03/15/07 - 20070061885 - System and method for managing security testing The subject matter relates generally to a system and method for managing security testing. Particularly, this invention relates to maintaining a security database by correlating multiple sources of vulnerability data and also to managing security testing from plural vendors. This invention also relates to providing secure session tracking by performing ... 02/22/07 - 20070044156 - Method and apparatus for verifying firewall and router configuration for peer-to-peer applications A method and apparatus are disclosed that test the configuration of routers and firewalls interposed between a computer on which an application runs and a network, and determine if the configuration is suitable for the application to operate correctly. When the configuration is not correct, appropriate advice is given. ... 02/22/07 - 20070044155 - Port scanning method and device, port scanning detection method and device, port scanning system, computer program and computer program product For port scanning an authentication bit sequence is created as an output of an authentication transformation, the authentication transformation having as input at least a given destination address and a given secret key. The authentication bit sequence is embedded in at least one authentication port scan event packet comprising the ... 01/18/07 - 20070016955 - Practical threat analysis The following subject matter provides a computer-implemented method and system for calculation of cost-effectiveness of countermeasures in mitigating the threats on a system through calculating risk of threats. The calculation is run on a model of assets, threats, vulnerabilities and countermeasures and enables the production of easy to understand reports ... 01/18/07 - 20070016954 - Browser security notification Tools are described that notify a user of a security risk in a network browser. The tools can determine that a security setting of a network browser poses a security risk and notify the user of this risk. In some situations the tools also enable a user to reduce the ... 01/11/07 - 20070011746 - Per-user and system granular audit policy implementation System performance may be optimized, and extraneous audit noise reduced, by providing the capability of exercising a fine degree of control over individual audit events. A user such as an auditor interested in an individual audit event can obtain desired results without also obtaining results of all other individual audit ... 01/04/07 - 20070006315 - Network asset security risk surface assessment apparatus and method In accordance with at least one embodiment of the present invention, a method of computing a risk surface vector, comprises the operations of gathering raw assessments, forming single assessments, creating asset values, scaling by asset values, calculating higher-level assessment formulas per asset, creating asset-value weighted averages for aggregate groups, and ... 01/04/07 - 20070006314 - Self-certifying alert A containment system may include generating and/or sending an alert as the basis for safely sharing knowledge about detected worms. An alert may contain information that proves that a given program has a vulnerability. The alert may be self-certifying such that its authenticity may be independently verified by a computing ... 12/21/06 - 20060288420 - 0-touch and 1-touch techniques for improving the availability of computer programs under protection without compromising security Protected software, such as an application and/or DLL, is monitored by protective software to guard against attacks, while distinguishing spurious, benign events from attacks. In a 1-touch approach, the protected software is monitored in a testing environment to detect spurious, benign events caused by, e.g., incompatibility or interoperability problems. The ... 12/14/06 - 20060282897 - Secure web application development and execution environment Providing secure web application development and operation. In a web development environment, code developed for the web application is analyzed to identify vulnerabilities and remedial actions are identified. The remedial actions may be automatically invoked or a developer can be prompted to take particular actions to remediate the vulnerability. ... 12/14/06 - 20060282896 - Critical period protection Systems and methods for protecting a computer during a period of increased vulnerability. In one implementation, a method for protecting a computer is provided. The method includes monitoring a computing device having an first security state for one or more events indicating a time period of increased vulnerability. The method ... 12/07/06 - 20060277606 - Technique for determining web services vulnerabilities and compliance A technique for testing applications for vulnerabilities that may be as a result of loosely defined criteria and restrictions associated with interfacing to the applications. Interfaces associated with an application to be tested are identified. The interfaces may include the names of services provided by the application as well as ... 11/23/06 - 20060265751 - Communication network security risk exposure management systems and methods Communication network security risk exposure management systems and methods are disclosed. Risks to a communication network are determined by analyzing assets of the communication network and vulnerabilities affecting the assets. Assets may include physical assets such as equipment or logical assets such as software or data. Risk analysis may be ... 11/16/06 - 20060259974 - System and method of opportunistically protecting a computer from malware The present invention provides a system, method, and computer-readable medium that opportunistically install a software update on a computer that closes a vulnerability that existed on the computer. In accordance with one aspect of the present invention, when antivirus software on a computer identifies malware, a method causes a software ... 11/16/06 - 20060259973 - Secure web application development environment Various embodiments of systems, methods, software tools, etc. for providing secure web application development are provided. One embodiment comprises a method for developing a secure web application. One such method comprises: analyzing code associated with a web application to identify at least one vulnerable input; and validating the at least ... 11/16/06 - 20060259972 - Vulnerability and remediation database A security information management system is described, wherein client-side devices preferably collect and monitor information describing the operating system, software, and patches installed on the device(s), as well as configuration thereof. A database of this information is maintained, along with data describing vulnerabilities of available software and associated remediation ... 11/02/06 - 20060248591 - Information security auditing and incident investigation system An information security auditing and incident investigation method can include applying a correlation template to query different audit targets in an enterprise system to provide a complete result set for the query across different audit targets, receiving audit data provided in response to the query and rendering the audit data ... 10/26/06 - 20060242711 - Tool, method, and program for supporting system security design/evaluation A design/evaluation support tool 100 is constructed from a table link use unit 110 identifying linkages between a threat-to-component correspondence table 125, a risk-value table 126, a component contribution rate table 127, and a risk-to-assurance level correspondence table 128, based on their respective duplicate items; and a component assurance level ... 10/19/06 - 20060236402 - Methods, systems, and computer program products for detecting and mitigating denial of service attacks in a telecommunications signaling network Methods, systems, and computer program products for detecting and mitigating a denial of service attack in a telecommunications signaling network are provided. According to one method, traffic rate information is monitored on at least two of a plurality of signaling links. If the traffic rate on one of the signaling ... 10/19/06 - 20060236401 - System, method and program product to identify a distributed denial of service attack System, method and computer program product for detecting a denial of service attack on a plurality of computers. Records are made of source IP addresses of requests sent to each of the computers. The records of requests sent to the plurality of computers are totalled per source IP address and/or ... 10/19/06 - 20060236400 - Secure and auditable on-line system The present invention provides a method a system and a device for obtaining security and auditability in an on-line system. The system is a closed system and only auditors and/or authorities have access to the system. By means of a random number generator and a processing means a random number—sequence ... 10/12/06 - 20060230456 - Methods and apparatus to maintain telecommunication system integrity A heuristic agent in a tamper resistant partition monitors network traffic flow for undesirable worm scanning activity. If the undesired scanning activity is detected, the output of an associated network controller may be throttled or ultimately disabled from the network. ... 09/28/06 - 20060218640 - System, method and computer readable medium for evaluating a security characteristic A method, system and computer program product for evaluating an IDP entity, the method includes evaluating an effect of at least one IDP rule applied by the IDP entity on legitimate traffic, based upon a network model; evaluating an effect of at least one IDP rule applied by the IDP ... 09/28/06 - 20060218639 - Security control verification and monitoring subsystem for use in a computer information database system A security control verification and monitoring subsystem of a managed computer system performs security control verification operations regularly and for each security control verification operation determines the applicable security benchmark level for use by a given computer. The subsystem assigns security risk categories to groups of computers based, for example, ... 09/14/06 - 20060206941 - Communications system with distributed risk management A risk control system that is used to control communications systems, such as mobile radio telephone, fixed digital communications, internet peer-to-peer communications and other systems, features and services. The system is aimed at improved risk management, for example for detection of fraud, protection of revenue, control of credit, minimisation of ... 08/31/06 - 20060195905 - Systems and methods for performing risk analysis A method for analyzing a network element may include assigning values to each of a plurality of vulnerabilities. The method may also include identifying a vulnerability associated with the network element and generating a risk indicator for the network element based on the assigned value associated with the identified vulnerability. ... 08/24/06 - 20060191012 - Security risk analysis system and method A system and method for assessing risks to computer network is provided. The system includes a first module assesses a human factor related to a risk to the computer network. A second module assesses a remediation to the computer network, and a third module is operable to assess a life ... 08/17/06 - 20060185018 - Systems and methods for shielding an identified vulnerability Systems and methods are described for shielding a vulnerability in an application through disablement of one or more features. In an implementation, a method includes identifying a vulnerability in at least one of a plurality of features for an application module. A communication is formed for receipt by a plurality ... 07/20/06 - 20060161988 - Privacy friendly malware quarantines The present invention provides a system, method, and computer-readable medium for quarantining a file. Embodiments of the present invention are included in antivirus software that maintains a user interface. From the user interface, a user may issue a command to quarantine a file or the quarantine process may be initiated ... 07/13/06 - 20060156408 - Method of assuring enterprise security standards compliance A method, apparatus, and computer instructions for providing a current and complete security compliance view of an enterprise system. The present invention provides the ability to gain a real-time security posture and security compliance view of an enterprise and to assess the risk impact of known threats and attacks to ... 07/13/06 - 20060156407 - Computer model of security risks The security risk associated with a computer system may be quantified by identifying a computer system, identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system, determining a likelihood that the event associated with the ... 06/22/06 - 20060137014 - Webcrawl internet security analysis and process An automated Web security analysis system and process identifies security vulnerabilities in a target Internet Web site by parsing through the target Web sit to search for a predetermined list of common security vulnerabilities. The process is recursive, exploiting information gathered throughout the process to search for additional security vulnerabilities. ... 06/15/06 - 20060130147 - Method and system for detecting and stopping illegitimate communication attempts on the internet The method and system of identifying and stopping illegitimate communication attempts on the internet includes collecting statistics of a sending IP address from a plurality of subscribers and storing said statistics in a central database. A risk assessment factor is calculated from the statistics to determine the risk that the ... 06/15/06 - 20060130146 - Network packet generation apparatus and method having attack test packet generation function for information security system test A network packet generation apparatus and method with an attack test packet generation function for testing a performance of an information security system is provided. The network packet generation method includes the steps of: setting attack test packets according to setting data inputted by a user and a pre-stored attack ... 06/08/06 - 20060123482 - Methods of providing security for data distributions in a data network and related devices, networks, and computer program products Methods of operating a data network including a first network device and a second network device may be provided. In particular, data for distribution from the first network device to the second network device, a first risk factor associated with the data, and a second risk factor associated with the ... 06/01/06 - 20060117388 - System and method for modeling information security risk A system and method for modeling information security risk to an enterprise are disclosed. The method includes providing multiple input media, each of which forms a vector of risk severity in a dimension characterizing the information security risk. Each vector is of a dimension distinct from that of each other ... 05/11/06 - 20060101520 - Method to manage network security over a distributed network The present invention provides a system with a first controller device that exercises control over one or more secondary controller devices and one or more remote testing devices. The remote testing devices accomplish all scanning of the distributed networks but remain under the control and management of the controller device. ... 05/11/06 - 20060101519 - Method to provide customized vulnerability information to a plurality of organizations The present invention provides a means of providing computer security vulnerability information to a plurality of organizations such that the vulnerability information provided to each organization is customized to its network environment. Each organization has an Enterprise Server. An asset management module in each organization's Enterprise Servers sends device configuration ... 05/11/06 - 20060101518 - Method to generate a quantitative measurement of computer security vulnerabilities The present invention provides a system and method to provide a measurement of the risk that a computer network may have to computer security threats. The system includes a collocation facility that is coupled to a plurality of computer security management systems. Some or all of the vulnerability information is ... 05/11/06 - 20060101517 - Inventory management-based computer vulnerability resolution system A remediation server, downloadable software and an associated method for protecting a computer network from vulnerabilities. Software in the form of at least one network protection module is downloaded to the remediation server for the computer network and executed to protect the computer network from vulnerabilities. Upon execution thereof, the ... 05/04/06 - 20060095970 - Defending against worm or virus attacks on networks A combination of more frequent and less frequent security monitoring may be used to defeat worm or virus attacks. At periodic intervals, a risk assessment scan may be implemented to determine whether or not a worm attack has occurred. Prior thereto, an intermediate detection by an anomaly detection agent may ... 04/27/06 - 20060090206 - Method, system and apparatus for assessing vulnerability in web services Disclosed is a computer implemented method for testing a Web service to determine whether the Web service is vulnerable to at least one known vulnerability. A test case is created and executed for the Web service to determine whether the Web service is vulnerable to the vulnerability. The test case ... 04/27/06 - 20060090205 - System and method to emulate mobile logic in a communication system A system includes hosts that may be infected with mobile logic. One type of mobile logic is a worm, which can be a process that is capable of causing a (possibly evolved) copy of itself to execute on one or more hosts of the system. An infected host ... 04/20/06 - 20060085858 - Minimum-cost network hardening Disclosed is a network hardening mechanism. The mechanism: generates a dependency graph from a multitude of exploits; constructs a goal conditions expression which may then be used to determine set(s) of safe network configurations. A subset of these safe network configuration sets may then be selected for implementation using hardening ... 04/13/06 - 20060080738 - Automatic criticality assessment A method, of ranking a computerized-device within a taxonomy of components included as parts of a computer network, may include: providing a survey of services loaded on the computerized-device, the survey including identifications (IDs) of a plurality of service classes that can be loaded on the computerized-device, indications of whether ... 04/06/06 - 20060075504 - Threat protection network Threat protection networks are described. Embodiments of threat protection network in accordance with the invention use expert systems to determine the nature of potential threats to a remote computer. In several embodiments, a secure peer-to-peer network is used to rapidly distribute information concerning the nature of the potential threat through ... 04/06/06 - 20060075503 - Method and system for applying security vulnerability management process to an organization The present invention comprises a graphical user interface for managing vulnerability life cycle of a computer network of an organizational entity. The graphical user interface includes a multilevel tree structure including a plurality of nodes. Each node of the plurality of nodes is uniquely associated with a designated unit within ... 03/02/06 - 20060048229 - Protecting a service provider from abuse Techniques for protecting a service provider from abuse include methods for protecting an object that is intended to be rendered to an authentic human client of the service provider from capture as well as methods for protecting against using low-paid laborers to abuse a service provider. ... 02/09/06 - 20060031938 - Integrated emergency response system in information infrastructure and operating method therefor The present invention relates to an emergency response system for use in a whole-national or whole-enterprise information infrastructure including computer systems, networks, application programs, the internet and an operation method thereof. The emergency response system automatically collects/classifies various infringements (hacking, computer virus, worm virus, cyber-terror, network spy etc), processes/analyzes information ... 02/02/06 - 20060026688 - Methods, systems and computer program products for evaluating security of a network environment Methods, systems and computer program products are provided for evaluating security of a network environment. Security data associated with an asset in the network environment collected over a first period of time is analyzed to detect security events occurring at a rate above a reference rate. Security data associated with ... 01/26/06 - 20060021055 - Systems and methods for adaptive message interrogation through multiple queues The present invention is directed to systems and methods for enhancing electronic communication security. An electronic communication is received and stored. A plurality of risk assessments are made with respect to the received communication thereby generating a risk profile associated with the communication. The assessments are made in a sequential ... 01/26/06 - 20060021054 - Containment of worms One aspect of the invention is a vulnerability detection mechanism that can detect a large class of attacks through dynamic dataflow analysis. Another aspect of the invention includes self-certifying alerts as the basis for safely sharing knowledge about worms. Another aspect of the invention is a resilient and self-organizing protocol ... 01/26/06 - 20060021053 - Data structure for vulnerability-based remediation selection A machine-actionable memory comprises one or more machine-actionable records arranged according to a data structure. Such a data structure may include links that respectively map between a remediation, at least one action, and at least two vulnerabilities. A method of selecting a remediation, that is appropriate to a vulnerability which ... 01/26/06 - 20060021052 - Mapping remediation to plurality of vulnerabilities A method of mapping a remediation to a plurality of vulnerabilities may include: assessing susceptibility of an non-remediated machine to a first vulnerability, which results in a first set of two or more vulnerabilities to which the machine is susceptible; implementing the remediation upon the machine; assessing susceptibility of the ... 01/26/06 - 20060021051 - Determining technology-appropriate remediation for vulnerability A machine-actionable memory comprises one or more machine-actionable records arranged according to a data structure. Such a data structure may include links that respectively map between: a RID field, the contents of which denote an identification (ID) of a remediation (RID); at least one TID field, the contents of which ... 01/26/06 - 20060021050 - Evaluation of network security based on security syndromes The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/26/06 - 20060021049 - Techniques for identifying vulnerabilities in a network The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/26/06 - 20060021048 - Techniques for determining network security using an attack tree The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/26/06 - 20060021047 - Techniques for determining network security using time based indications The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/26/06 - 20060021046 - Techniques for determining network security The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/26/06 - 20060021045 - Input translation for network security analysis The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/26/06 - 20060021044 - Determination of time-to-defeat values for network security analysis The invention features a method and related computer program product and apparatus for assessing the security of a computer network. ... 01/19/06 - 20060015943 - Method and device for analyzing an information sytem security There is proposed a method for analyzing the security of an information system comprising a modeling phase, including modeling of the information system, and a simulating phase, including specification and simulation of potential attack against the information system. ... 01/12/06 - 20060010496 - Active and contextual risk management using risk software objects A risk management system may include a memory system that may contain a plurality of risk software objects, each of which represents a risk associated with an enterprise and which is configured to contain attributes and methods. The memory system may include a plurality of non-risk software objects, each of ... 01/05/06 - 20060005246 - System for providing security vulnerability identification, certification, and accreditation A system for providing security vulnerability identification, certification and accreditation is given whereby a computer program product having a computer useable medium and having a computer program logic stored thereon for enabling a processor on a computer system to provide security vulnerability identification, certification and accreditation of a system is ... 01/05/06 - 20060005245 - Techniques for self-isolation of networked devices A technique for self-isolation of a network device that has been identified as potentially harmful. The network device may be isolated from the network except for an out-of-band communication channel that can be used for management purposes to restore or repair the device prior to the network connection being re-established. ... 12/15/05 - 20050278786 - System and method for assessing risk to a collection of information resources A system and method for assessing the risk to information resources that may include the generation and/or use of a security risk index. The security risk index may represent the security of information resources. The security risk index may be based on at least one factor. The at least one ... 12/08/05 - 20050273861 - Apparatus and method for monitoring secure software A computer readable medium includes executable instructions to analyze program instructions for security vulnerabilities. The executable instructions perform a security audit of program instructions. Based upon the security audit, sensors are inserted into the program instructions. The program instructions are executable and the sensors generate a stream of security events. ... 12/08/05 - 20050273860 - Apparatus and method for developing, testing and monitoring secure software A method of analyzing program instructions for security vulnerabilities includes applying a static analysis to program instructions during a development phase of the program instructions to identify security vulnerabilities. The security vulnerabilities are used to apply a security test to the program instructions during a testing phase of the program ... 12/08/05 - 20050273859 - Apparatus and method for testing secure software A computer readable medium includes executable instructions to analyze program instructions for security vulnerabilities. Executable instructions identify potential security vulnerabilities within program instructions based upon input from an attack database and information derived during a static analysis of the program instructions. Vulnerability tests are applied to the program instructions in ... 11/17/05 - 20050257269 - Cost effective incident response A response system which produces strategies to contain hosts compromised by a worm. One minimizes the damage so caused and the loss of business values induced by actions taken to protect a network. The approach uses logical representation of the target network. By abstracting low level information such as switches, ... 11/17/05 - 20050257268 - Security center A method and system for verifying whether basic security is installed, up-to-date, and functioning on a computer. A user interface is provided that provides prescription items that are associated with status indicators that readily indicate the status of the prescription items. An overall status indicator readily indicates whether the security ... 11/17/05 - 20050257267 - Network audit and policy assurance system A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit ... 11/10/05 - 20050251863 - System and method for testing web applications with recursive discovery and analysis A recursive web crawling and analysis tool that includes conducting an initial crawl of a target to identify testable or analyzable objects. The objects are then parsed to identify vulnerabilities, as well as additional objects that can be analyzed. An attack is then launched against the analyzable objects in an ... 10/27/05 - 20050241000 - Security hole diagnostic system Scripts describing procedures usually used by attackers in a programming language are pre-accumulated. A script selected by the user out of the accumulated scripts is executed, which calls a plugin with logic implemented for attacking each security hole. This plugin is executed on a test target computer, which allows removing ... 10/13/05 - 20050229256 - Automated computer vulnerability resolution system A system and process for addressing computer security vulnerabilities. The system and process generally comprise aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address the computer vulnerabilities; and deploying said remediation signature to ... 09/29/05 - 20050216957 - Method and apparatus for protecting a remediated computer network from entry of a vulnerable computer system thereinto Method and apparatus for protecting a remediated computer network during reconnection of a previously disconnected computer system. Upon initiation of reconnection to the computer network, the previously disconnected computer system raises a firewall to temporarily limit exchanges between the computer system and the remediated computer network until after a client ... 09/01/05 - 20050193430 - System and method for risk detection and analysis in a computer network The present invention provides systems and methods for risk detection and analysis in a computer network. Computerized, automated systems and methods can be provided. Raw vulnerability information and network information can be utilized in determining actual vulnerability information associated with network nodes. Methods are provided in which computer networks are ... 07/21/05 - 20050160480 - Method, apparatus and program storage device for providing automated tracking of security vulnerabilities A method, apparatus and program storage device for providing automated tracking of security vulnerabilities is disclosed. Security problems are reported, aged and tracked. A time to fix the vulnerability identified by the vulnerability assessment of the system is based on the determined vulnerability score. The vulnerability factor is based upon ... ### FreshPatents.com Support |