Enterprise Information Security Management Software Used to Prove Return on Investment of Security Projects and Activities Using Interactive Graphs
    4.
    发明申请
    Enterprise Information Security Management Software Used to Prove Return on Investment of Security Projects and Activities Using Interactive Graphs 审中-公开
    企业信息安全管理软件,用于通过互动图来证明安全项目和活动的投资回报

    公开(公告)号:US20100095235A1

    公开(公告)日:2010-04-15

    申请号:US12420818

    申请日:2009-04-08

    IPC分类号: G06F3/048 G06F3/033

    CPC分类号: G06Q99/00

    摘要: Asset security is tracked and managed by the system. In a specific implementation, assets are entered into the system. The system automates gathering security information about the asset by, for example, sending out surveys and aggregating the responses. The system performs a security gap analysis by comparing the responses against a security maturity model. Tasks can be assigned to various users and then tracked so that vulnerabilities can be addressed. The system generates interactive summary reports (e.g., charts, graphs, animation) to help users make security decisions. Graphs may be temporally animated so that users can see and analyze changes over time.

    摘要翻译: 资产安全由系统跟踪和管理。 在具体实施中,资产被输入系统。 系统通过例如发送调查和汇总响应来自动收集关于资产的安全信息。 系统通过将响应与安全成熟度模型进行比较来执行安全差距分析。 任务可以分配给各种用户,然后进行跟踪,以便可以解决漏洞。 系统生成交互式摘要报告(例如,图表,图表,动画),以帮助用户做出安全决策。 图形可能在时间上是动画的,以便用户可以随时间查看和分析更改。