Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer-implemented method for determining an objective security assessment for a network, the method comprising: determining computer assets in the network; determining an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network; determining, by a processor, an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures; determining at least one recommendation for improving the overall security score; and outputting the at least one recommendation and the overall security score, wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, and wherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets.
2. The computer-implemented method of claim 1 , the method further comprising: determining, at a later time, a change in the actual deployment of the counter measures; and determining a new overall security score for the network based at least in part on the change in the actual deployment and the effectiveness of the counter measures.
3. The computer-implemented method of claim 2 , the method further comprising: outputting the new overall security score; outputting a change in the new overall security score relative to the overall security score; and outputting at least one new recommendation for improving the overall security score.
4. The computer-implemented method of claim 2 , wherein the change in the actual deployment corresponds to at least one of a performance of the at least one recommendation and a change in the computer assets in the network.
5. The computer-implemented method of claim 1 , wherein determining the assets in the computer network comprises at least one of: scanning the network for one or more of the computer assets; and receiving, via an interface, an identification of one or more of the computer assets.
6. The computer-implemented method of claim 1 , wherein determining the actual deployment of counter measures comprises: determining security information of the computer assets, wherein the security information comprises at least one of identification of security software installed on the computer assets, vulnerabilities on the computer assets, system settings of the computer assets, security settings of the computer assets, configuration policies of the computer assets, security policies of the computer assets, access information for the computer assets, details of software installed on the computer assets, and a comparison of the access information and the security setting for the computer assets; determining, based at least in part on the security information, at least one of the counter measures associated with the network; and determining, based at least in part on the security information, a coverage of the at least one of the counter measures within the network.
7. The computer-implemented method of claim 6 , wherein determining the security information comprises at least one of: receiving, via an interface, a portion of the security information from a user; and automatically discovering a portion of the security information.
8. The computer-implemented method of claim 1 , wherein the actual effectiveness and the possible effectiveness of the counter measures is based on at least one of: empirical testing of counter measures versus actual security threats; survey of security experts including commonly understood best practices; and results of findings by security research organizations.
9. The computer-implemented method of claim 1 , wherein the at least one recommendation comprises at least one of deploying a new counter measure, changing a security setting of the computer assets, changing a system setting of the computer assets, changing a security policy of the computer assets, updating software of the computer assets, installing security software on the computer assets, and improving access information for the computer assets.
10. The computer-implemented method of claim 1 , the method further comprising: receiving, via an interface, a selection of the at least one recommendation; and outputting instructions for implementing the at least one recommendation.
11. The computer-implemented method of claim 1 , the method further comprising: determining an amount that each of the potential security threats contributes to the overall security score; ranking each of the potential security threats based at least in part on one of the frequency of the threat in empirical testing, the potential impact of the threat, or likelihood of the threat succeeding to determine the amount that each of the potential security threats contributes to the overall security score; and outputting the potential security threats ordered according to the ranking.
12. The computer-implemented method of claim 11 , the method further comprising: receiving, via an interface, at least one of the potential security threats that is a priority; re-ranking each of the potential security threats based at least in part on the at least one of the potential security threats being a priority; and outputting the potential security threats ordered according to the re-ranking.
13. The computer-implemented method of claim 1 , wherein the computer assets comprises at least one of a physical computer system, physical computer hardware, and a virtual computer system.
14. A system for determining an objective security assessment, the system comprising: a network interface to a network of computer assets; one or more memory device storing instructions; and one or more processors coupled to the network interface and the one or more memory devices, the one or more processors being configured to execute the instructions to perform a method comprising: determining computer assets in the network; determining an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network; determining an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures; determining at least one recommendation for improving the overall security score; and outputting the at least one recommendation and the overall security score, wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, and wherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets.
15. The system of claim 14 , wherein the one or more processors are configured to execute the instructions to perform the method further comprising: determining, at a later time, a change in the actual deployment of the counter measures; and determining a new overall security score for the network based at least in part on the change in the actual deployment and the effectiveness of the counter measures.
16. The system of claim 15 , wherein the one or more processors are configured to execute the instructions to perform the method further comprising: outputting the new overall security score; outputting a change in the new overall security score relative to the overall security score; and outputting at least one new recommendation for improving the overall security score.
17. The system of claim 15 , wherein the change in the actual deployment corresponds to at least one of a performance of the at least one recommendation and a change in the computer assets in the network.
18. The system of claim 14 , wherein determining the assets in the computer network comprises at least one of: scanning the network for one or more of the computer assets; and receiving, via an interface, an identification of one or more of the computer assets.
19. The system of claim 14 , wherein determining the actual deployment of counter measures comprises: determining security information of the computer assets, wherein the security information comprises at least one of identification of security software installed on the computer assets, vulnerabilities on the computer assets, system settings of the computer assets, security settings of the computer assets, configuration policies of the computer assets, security policies of the computer assets, access information for the computer assets, details of software installed on the computer assets, and a comparison of the access information and the security setting for the computer assets; determining, based at least in part on the security information, at least one of the counter measures associated with the network; and determining, based at least in part on the security information, a coverage of the at least one of the counter measures within the network.
20. The system of claim 19 , wherein determining the security information comprises at least one of: receiving, via an interface, a portion of the security information from a user; and automatically discovering a portion of the security information.
21. The system of claim 14 , wherein the actual effectiveness and the possible effectiveness of the counter measures is based on at least one of: empirical testing of counter measures versus actual security threats; survey of security experts including commonly understood best practices; and results of findings by security research organizations.
22. The system of claim 14 , wherein the at least one recommendation comprises at least one of deploying a new counter measure, changing a security setting of the computer assets, changing a system setting of the computer assets, changing a security policy of the computer assets, updating software of the computer assets, installing security software on the computer assets, and improving access information for the computer assets.
23. The system of claim 14 , wherein the one or more processors are configured to execute the instructions to perform the method further comprising: receiving, via an interface, a selection of the at least one recommendation; and outputting instructions for implementing the at least one recommendation.
24. The system of claim 14 , wherein the one or more processors are configured to execute the instructions to perform the method further comprising: determining an amount that each of the potential security threats contributes to the overall security score; ranking each of the potential security threats based at least in part on one of the frequency of the threat in empirical testing, the potential impact of the threat, or likelihood of the threat succeeding to determine the amount that each of the potential security threats contributes to the overall security score; and outputting the potential security threats ordered according to the ranking.
25. The system of claim 24 , wherein the one or more processors are configured to execute the instructions to perform the method further comprising: receiving, via an interface, at least one of the potential security threats that is a priority; re-ranking each of the potential security threats based at least in part on the at least one of the potential security threats being a priority; and outputting the potential security threats ordered according to the re-ranking.
26. The system of claim 14 , wherein the computer assets comprises at least one of a physical computer system, physical computer hardware, and a virtual computer system.
27. A non-transitory computer readable storage medium comprising instructions for causing one or more processors to perform a method for determining an objective security assessment for a network, the method comprising: determining computer assets in the network; determining, by a security assessment tool, an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network; determining, by a processor, an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures; determining at least one recommendation for improving the overall security score; and outputting the at least one recommendation and the overall security score, wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, and wherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets.
28. The non-transitory computer readable storage medium of claim 27 , the method further comprising: determining, at a later time, a change in the actual deployment of the counter measures; and determining a new overall security score for the network based at least in part on the change in the actual deployment and the effectiveness of the counter measures.
29. The non-transitory computer readable storage medium of claim 28 , the method further comprising: outputting the new overall security score; outputting a change in the new overall security score relative to the overall security score; and outputting at least one new recommendation for improving the overall security score.
30. The non-transitory computer readable storage medium of claim 28 , wherein the change in the actual deployment corresponds to at least one of a performance of the at least one recommendation and a change in the computer assets in the network.
31. The non-transitory computer readable storage medium of claim 27 , wherein determining the assets in the computer network comprises at least one of: scanning the network for one or more of the computer assets; and receiving, via an interface, an identification of one or more of the computer assets.
32. The non-transitory computer readable storage medium of claim 27 , wherein determining the actual deployment of counter measures comprises: determining security information of the computer assets, wherein the security information comprises at least one of identification of security software installed on the computer assets, vulnerabilities on the computer assets, system settings of the computer assets, security settings of the computer assets, configuration policies of the computer assets, security policies of the computer assets, access information for the computer assets, details of software installed on the computer assets, and a comparison of the access information and the security setting for the computer assets; determining, based at least in part on the security information, at least one of the counter measures associated with the network; and determining, based at least in part on the security information, a coverage of the at least one of the counter measures within the network.
33. The non-transitory computer readable storage medium of claim 32 , wherein determining the security information comprises at least one of: receiving, via an interface, a portion of the security information from a user; and automatically discovering a portion of the security information.
34. The non-transitory computer readable storage medium of claim 27 , wherein the actual effectiveness and the possible effectiveness of the counter measures is based on at least one of: empirical testing of counter measures versus actual security threats; survey of security experts including commonly understood best practices; and results of findings by security research organizations.
35. The non-transitory computer readable storage medium of claim 27 , wherein the at least one recommendation comprises at least one of deploying a new counter measure, changing a security setting of the computer assets, changing a system setting of the computer assets, changing a security policy of the computer assets, updating software of the computer assets, installing security software on the computer assets, and improving access information for the computer assets.
36. The non-transitory computer readable storage medium of claim 27 , the method further comprising: receiving, via an interface, a selection of the at least one recommendation; and outputting instructions for implementing the at least one recommendation.
37. The non-transitory computer readable storage medium of claim 27 , the method further comprising: determining an amount that each of the potential security threats contributes to the overall security score; ranking each of the potential security threats based at least in part on one of the frequency of the threat in empirical testing, the potential impact of the threat, or likelihood of the threat succeeding to determine the amount that each of the potential security threats contributes to the overall security score; and outputting the potential security threats ordered according to the ranking.
38. The non-transitory computer readable storage medium of claim 37 , the method further comprising: receiving, via an interface, at least one of the potential security threats that is a priority; re-ranking each of the potential security threats based at least in part on the at least one of the potential security threats being a priority; and outputting the potential security threats ordered according to the re-ranking.
39. The non-transitory computer readable storage medium of claim 27 , wherein the computer assets comprises at least one of a physical computer system, physical computer hardware, and a virtual computer system.
Unknown
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.