公开(公告)号：US20050257267A1

公开(公告)日：2005-11-17

申请号：US10779190

申请日：2004-02-13

申请人： John Williams ,  Brian Costello ,  John Ravenel ,  John Payne ,  Ryan Nakawatase ,  Thomas Walpole ,  Stephen Ritter ,  John Pelly ,  M. Rutherford

发明人： John Williams ,  Brian Costello ,  John Ravenel ,  John Payne ,  Ryan Nakawatase ,  Thomas Walpole ,  Stephen Ritter ,  John Pelly ,  M. Rutherford

IPC分类号： H04L9/00 ,  H04L29/06

CPC分类号： H04L63/0227 ,  H04L63/1408

摘要： A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

摘要翻译： 基于预防的网络审计系统包括中央合规服务器，生成网络策略并配置数据通信网络的审核。 合规服务器提供图形用户界面（GUI）来描述特定数据收集参数，要分析的策略和分析时间表。 在网络上策略部署的一个或多个审计服务器采用异构数据收集工具来收集有关网络的信息以响应配置的审核，并将收集的信息发送到合规服务器。 审计储存库存储收集的信息，供合规服务器用于安全和监管政策评估，网络漏洞分析，报告生成和安全改进建议。

公开(公告)号：US20050010819A1

公开(公告)日：2005-01-13

申请号：US10778836

申请日：2004-02-13

申请人： John Williams ,  Brian Costello ,  John Ravenel ,  John Payne ,  Stephen Ritter ,  Ryan Nakawatase ,  John Pelly ,  M. Rutherford

发明人： John Williams ,  Brian Costello ,  John Ravenel ,  John Payne ,  Stephen Ritter ,  Ryan Nakawatase ,  John Pelly ,  M. Rutherford

IPC分类号： G06F20060101 ,  G06F11/30 ,  G06F12/14 ,  G06F15/16 ,  G06F15/173 ,  H04L9/00 ,  H04L12/24 ,  H04L12/26 ,  H04L12/66 ,  H04L29/06

CPC分类号： H04L63/14 ,  H04L41/0853 ,  H04L41/0856 ,  H04L41/0859 ,  H04L43/00 ,  H04L43/045 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/20

摘要： A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.

摘要翻译： 基于预防的网络审计系统包括中央合规服务器，将自然语言策略文档和机器可处理的策略规则存储在审计存储库中。 合规性服务器提供客户端用户界面，允许用户通过选择/生成自然语言策略源文档以及将可应用的机器可处理策略规则链接到源文档的适用部分来轻松地生成机器可审核策略。 然后，所选择的机器可处理策略规则被应用于在计划的网络审计会话期间收集的关于网络的信息，以有效和系统地确定是否存在策略违规和/或漏洞。

公开(公告)号：US20050015623A1

公开(公告)日：2005-01-20

申请号：US10778837

申请日：2004-02-13

申请人： John Williams ,  Brian Costello ,  John Ravenel ,  John Pelly ,  Ryan Nakawatase ,  Thomas Walpole

发明人： John Williams ,  Brian Costello ,  John Ravenel ,  John Pelly ,  Ryan Nakawatase ,  Thomas Walpole

IPC分类号： G06F20060101 ,  G06F11/30 ,  G06F12/14 ,  G06F15/16 ,  G06F15/173 ,  H04L9/00 ,  H04L12/24 ,  H04L12/26 ,  H04L12/66 ,  H04L29/06

CPC分类号： H04L63/14 ,  H04L41/0853 ,  H04L41/0856 ,  H04L41/0859 ,  H04L43/00 ,  H04L43/045 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/20

摘要： A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.

摘要翻译： 基于预防的网络审计系统包括存储由多个异构信息源收集的网络信息的审计存储库。 语义规范化模块识别所收集的信息中的语义等价物，并且生成由信息源收集的每个事实的映射列表，由每个其他信息源收集的等效事实或一组事实。 然后将网络策略统一应用于被识别为语义等同的信息。

公开(公告)号：US20140172495A1

公开(公告)日：2014-06-19

申请号：US13716166

申请日：2012-12-16

申请人： Phyllis Schneck ,  Stephen Ritter ,  Sven Schrecker ,  Ryan Nakawatase

发明人： Phyllis Schneck ,  Stephen Ritter ,  Sven Schrecker ,  Ryan Nakawatase

IPC分类号： G06Q10/06

CPC分类号： G06Q10/0635

摘要： Brand threat information is identified relating to potential threats to one or more brands of one or more organizations. A characteristic of one or more operating environments is identified and a relation is determined between a particular one of the potential threats and the characteristic. The determined relation is used to determine risk associated with a particular brand of an organization.

摘要翻译： 确定品牌威胁信息涉及一个或多个品牌的一个或多个组织的潜在威胁。 识别一个或多个操作环境的特征，并且确定潜在威胁中的特定一个与特征之间的关系。 确定的关系用于确定与组织的特定品牌相关联的风险。

公开(公告)号：US20130340084A1

公开(公告)日：2013-12-19

申请号：US13949129

申请日：2013-07-23

申请人： Sven Schrecker ,  Stephen Ritter ,  Ryan Nakawatase

发明人： Sven Schrecker ,  Stephen Ritter ,  Ryan Nakawatase

IPC分类号： G06F21/57 ,  H04L29/06

CPC分类号： G06F21/577 ,  G06F2221/034 ,  H04L63/00 ,  H04L63/1433

摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for asset risk analysis. One method includes receiving threat definition data for threats, vulnerability detection data for assets, and countermeasure detection data for assets. The method further includes determining a respective risk metric for each of the assets for each of the threats. This includes analyzing the vulnerability detection data for an asset to determine whether the asset is vulnerable to a threat, determining from the threat definition data and the countermeasure detection data whether the asset is protected by one of the countermeasures identified for the threat, and determining the risk metric for the asset for the threat according to whether the asset is vulnerable to the threat and whether the asset is protected by one of the countermeasures identified for the threat.

摘要翻译： 方法，系统和装置，包括在计算机存储介质上编码的计算机程序，用于资产风险分析。 一种方法包括接收威胁的威胁定义数据，资产的漏洞检测数据和资产的对策检测数据。 该方法还包括为每个威胁确定每个资产的相应风险度量。 这包括分析资产的漏洞检测数据以确定资产是否容易受到威胁，从威胁定义数据和对策检测数据确定资产是否受到针对威胁识别的对策之一的保护，并且确定 根据资产是否容易受到威胁以及该资产是否受到针对威胁识别的对策之一的保护，威胁资产的风险度量标准。

公开(公告)号：US08806645B2

公开(公告)日：2014-08-12

申请号：US13078440

申请日：2011-04-01

申请人： Ryan Nakawatase ,  Stephen Ritter ,  Sven Schrecker

发明人： Ryan Nakawatase ,  Stephen Ritter ,  Sven Schrecker

IPC分类号： G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00 ,  H04L29/06 ,  G06F21/57

CPC分类号： H04L63/14 ,  G06F21/577 ,  G06F2221/2101

摘要： A security metrics system receives security information data for a network system of computers and metric definitions from metric sources. Each metric definition defines a heuristic for calculating a score for the network system from one or more security signal values at a time in the plurality of times, wherein the score quantifies a security metric for the network system. The system calculates each metric definition for a plurality of times and selecting metric definitions that are related to the performance of and are indicative of one or more other metric definitions as candidates to be key performance indicators.

摘要翻译： 安全度量系统接收来自计量源的计算机网络系统和度量定义的安全信息数据。 每个度量定义定义了用于从多个时间中的一个时间的一个或多个安全信号值计算网络系统的分数的启发式，其中分数量化网络系统的安全度量。 系统计算多个时间的每个度量定义，并且选择与执行相关的度量定义并将其指示为作为关键性能指标的候选的一个或多个其他度量定义。

公开(公告)号：US08495747B1

公开(公告)日：2013-07-23

申请号：US12751995

申请日：2010-03-31

申请人： Ryan Nakawatase ,  Sven Schrecker ,  Stephen Ritter

发明人： Ryan Nakawatase ,  Sven Schrecker ,  Stephen Ritter

IPC分类号： H04L29/06

CPC分类号： G06F21/577 ,  H04L63/1433 ,  H04L63/20

摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for prioritizing asset remediations. One method includes generating a risk metric for an asset and a threat, generating a remediation availability metric for the asset and the threat, and determining a remediation prioritization metric for the asset and the threat according to the risk metric and the remediation availability metric. The remediation prioritization metric specifies a priority of applying the remediation to the asset.

摘要翻译： 方法，系统和装置，包括在计算机存储介质上编码的计算机程序，用于优先考虑资产补救。 一种方法包括生成资产和威胁的风险度量，为资产和威胁生成修复可用性度量，以及根据风险度量和修复可用性度量确定资产和威胁的修复优先级度量。 修复优先级指标指定将修复应用于资产的优先级。

公开(公告)号：US08495745B1

公开(公告)日：2013-07-23

申请号：US12627706

申请日：2009-11-30

申请人： Sven Schrecker ,  Stephen Ritter ,  Ryan Nakawatase

发明人： Sven Schrecker ,  Stephen Ritter ,  Ryan Nakawatase

IPC分类号： H04L29/06

CPC分类号： G06F21/577 ,  G06F2221/034 ,  H04L63/00 ,  H04L63/1433

摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for asset risk analysis. One method includes receiving threat definition data for threats, vulnerability detection data for assets, and countermeasure detection data for assets. The method further includes determining a respective risk metric for each of the assets for each of the threats. This includes analyzing the vulnerability detection data for an asset to determine whether the asset is vulnerable to a threat, determining from the threat definition data and the countermeasure detection data whether the asset is protected by one of the countermeasures identified for the threat, and determining the risk metric for the asset for the threat according to whether the asset is vulnerable to the threat and whether the asset is protected by one of the countermeasures identified for the threat.

公开(公告)号：US20130247205A1

公开(公告)日：2013-09-19

申请号：US13183259

申请日：2011-07-14

申请人： Sven Schrecker ,  Stephen Ritter ,  Ryan Nakawatase

发明人： Sven Schrecker ,  Stephen Ritter ,  Ryan Nakawatase

IPC分类号： G06F21/00

CPC分类号： G06F21/577 ,  G06F2221/2101 ,  G06F2221/2151 ,  H04L63/1416 ,  H04L63/1433

摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating quantitative risk metrics for assets and threats. Risk metrics are generated for individual assets and individual threats. These individual metrics can then be analyzed to generate aggregate risk metrics for assets, groups of assets, and threats. Assets and threats can be ordered according to their aggregate risk metrics.

摘要翻译： 方法，系统和装置，包括在计算机存储介质上编码的计算机程序，用于产生资产和威胁的定量风险度量。 为单个资产和个别威胁生成风险度量。 然后可以分析这些个体指标，以生成资产，资产组和威胁的总体风险度量。 资产和威胁可以根据其总风险指标进行排序。

公开(公告)号：US20130247203A1

公开(公告)日：2013-09-19

申请号：US13078440

申请日：2011-04-01

申请人： Ryan Nakawatase ,  Sven Schrecker

发明人： Ryan Nakawatase ,  Sven Schrecker

IPC分类号： G06F21/00

CPC分类号： H04L63/14 ,  G06F21/577 ,  G06F2221/2101

摘要： A security metrics system receives security information data for a network system of computers and metric definitions from metric sources. Each metric definition defines a heuristic for calculating a score for the network system from one or more security signal values at a time in the plurality of times, wherein the score quantifies a security metric for the network system. The system calculates each metric definition for a plurality of times and selecting metric definitions that are related to the performance of and are indicative of one or more other metric definitions as candidates to be key performance indicators.

摘要翻译： 安全度量系统接收来自计量源的计算机网络系统和度量定义的安全信息数据。 每个度量定义定义了用于从多个时间中的一个时间的一个或多个安全信号值计算网络系统的分数的启发式，其中分数量化网络系统的安全度量。 系统计算多个时间的每个度量定义，并且选择与执行相关的度量定义并将其指示为作为关键性能指标的候选的一个或多个其他度量定义。