公开(公告)号：US11861015B1

公开(公告)日：2024-01-02

申请号：US17209050

申请日：2021-03-22

申请人： Tripwire, Inc.

发明人： Tyler Reguly ,  Lamar Bailey ,  Lane Thames ,  Craig Young

IPC分类号： G06F21/57 ,  G06F17/11

CPC分类号： G06F21/577 ,  G06F17/11 ,  G06F2221/034

摘要： Apparatus, methods, and articles of manufacture or disclosed for implementing risk scoring systems used for vulnerability mitigation in a distributed computing environment. In one disclosed example, a computer-implemented method of mitigating vulnerabilities within a computing environment includes producing a risk score indicating at least one of: a vulnerability component, a security configuration component, or a file integrity component for an object within the computing environment, producing a signal score indicating a factor that contributes to risk for the object, and combining the risk score and the signal score to produce a combined risk score indicating a risk level associated with at least one vulnerability of the computing system object. In some examples, the method further includes mitigating the at least one vulnerability by changing a state of a computing object using the combined risk score.

公开(公告)号：US20230229788A1

公开(公告)日：2023-07-20

申请号：US18186688

申请日：2023-03-20

申请人： TRIPWIRE, INC.

发明人： Mark Pieno ,  Tyler Reguly ,  Darlene Hibbs ,  Craig Young ,  Lane Thames ,  Jamaal Scarlett ,  Lamar Bailey ,  Miles Budnek ,  Bob Terhune ,  Jon Loucks

IPC分类号： G06F21/57 ,  G06F16/2455 ,  G06F9/445

CPC分类号： G06F21/577 ,  G06F16/24552 ,  G06F9/44505 ,  G06F2221/034

摘要： Apparatus and methods for analyzing vulnerabilities with an agent executing on a computer host using a vulnerability scanner and vulnerability server are disclosed. In one example a method comprises, with a vulnerability scanner, searching for data associated with a vulnerability test (for example, the command that initiates the test) to determine whether the data associated with the vulnerability is available or not available. When the data associated with the vulnerability test is available in a vulnerability scanner database, the vulnerability scanner provides prior scan results generated using one or more commands specified by the data to a vulnerability aggregation server. When the data associated with the vulnerability test is not available in the vulnerability scanner database, the vulnerability scanner performs a scan of the host to obtain results associated with the vulnerability test.

公开(公告)号：US11277446B2

公开(公告)日：2022-03-15

申请号：US16538542

申请日：2019-08-12

申请人： Tripwire, Inc.

发明人： Stephen Rivers

IPC分类号： H04L29/06 ,  G06F21/55 ,  G06F21/60

摘要： Disclosed herein are representative embodiments of methods, apparatus, and systems for processing and managing information from a compliance and configuration control (“CCC”) tool and generating information for a security information and event management (“SIEM”) tool based on the information from the CCC tool. For example, in one exemplary embodiment, information from a CCC tool is transferred to a SIEM tool or logging tool by receiving the information from the CCC tool in a format that is not recognized by the SIEM tool or logging tool, and generating an output message in a message format that is recognized by the SIEM tool or logging tool. In particular embodiments, the message format is a customizable message format that is adaptable to multiple different SIEM tools or logging tools. In further embodiments, the data transferred to the SIEM tool comprises data indicative of compliance policy changes.

公开(公告)号：US20190332572A1

公开(公告)日：2019-10-31

申请号：US16405765

申请日：2019-05-07

申请人： Tripwire, Inc.

发明人： Aaron Lerner ,  Adam Montville

IPC分类号： G06F16/11 ,  G06F16/27 ,  G06F16/2455

摘要： Disclosed below are representative embodiments of methods, apparatus, and systems for managing, monitoring, controlling, and/or classifying assets in an information technology (“IT”) environment. Certain embodiments leverage bath services oriented architecture concepts and event mechanisms to create a platform with which additional controls can easily integrate.

公开(公告)号：US10291471B1

公开(公告)日：2019-05-14

申请号：US15362566

申请日：2016-11-28

申请人： Tripwire, Inc.

发明人： David Whitlock ,  Guy Gascoigne-Piggford ,  Geoff Granum ,  Mark Petrie

IPC分类号： H04L12/24

摘要： Disclosed herein are methods, systems, and articles associated with remediation execution. In embodiments, a set of policy test failures may be selected for remediation. The set of policy test failures may be associated with a computer network with a number of nodes. For each failure within the set of policy test failures, a remediation script may be obtained to remediate a corresponding policy test failure. The remediation scripts may be selectively provided to nodes that are affected by policy test failures, for execution by the nodes. A remediation script result for each remediation script executed may be received. Based upon the remediation script results, it may be determined whether or not execution of the remediation scripts was successful.

公开(公告)号：US20180276254A1

公开(公告)日：2018-09-27

申请号：US15925436

申请日：2018-03-19

申请人： Tripwire, Inc.

发明人： David M. Whitlock ,  Mark A. Little ,  Julie Booth ,  Chyna Trople

IPC分类号： G06F17/30 ,  H04L12/24

CPC分类号： G06F16/21 ,  G06F16/11 ,  G06F16/2291 ,  H04L41/085

摘要： Disclosed below are representative embodiments of methods, apparatus, and systems for managing and classifying assets in an information technology (“IF”) environment using a tag-based approach. The disclosed tag-based classification techniques can be implemented through a graphical user interface. Embodiments of the disclosed tag-based classification techniques can be used to allow a user to easily and quickly select, and perform actions on groups of one or more assets (e.g., monitor policies, perform upgrades, etc.). For example, the tag-based classification techniques can automatically classify assets into “tag sets” (or “tagged sets”) based on node properties or user-selected criteria or conditions (e.g., criteria or conditions that are established in a user-created tagging profile or rule). The tagged assets can then be further filtered to identify even deeper relationships between the assets.

公开(公告)号：US09922055B2

公开(公告)日：2018-03-20

申请号：US13597242

申请日：2012-08-28

申请人： David M. Whitlock ,  Mark A. Little ,  Julie Booth ,  Chyna Trople

发明人： David M. Whitlock ,  Mark A. Little ,  Julie Booth ,  Chyna Trople

IPC分类号： G06F17/30 ,  H04L12/24

CPC分类号： G06F17/30289 ,  G06F17/3007 ,  G06F17/30342 ,  H04L41/085

摘要： Disclosed below are representative embodiments of methods, apparatus, and systems for managing and classifying assets in an information technology (“IT”) environment using a tag-based approach. The disclosed tag-based classification techniques can be implemented through a graphical user interface. Embodiments of the disclosed tag-based classification techniques can be used to allow a user to easily and quickly select and perform actions on groups of one or more assets (e.g., monitor policies, perform upgrades, etc.). For example, the tag-based classification techniques can automatically classify assets into “tag sets” (or “tagged sets”) based on node properties or user-selected criteria or conditions (e.g., criteria or conditions that are established in a user-created tagging profile or rule). The tagged assets can then be further filtered to identify even deeper relationships between the assets.

公开(公告)号：US09741017B2

公开(公告)日：2017-08-22

申请号：US12633734

申请日：2009-12-08

申请人： Tom Good ,  Gene Kim ,  David Whitlock

发明人： Tom Good ,  Gene Kim ,  David Whitlock

IPC分类号： G06F15/173 ,  G06Q10/10 ,  G06F17/30

CPC分类号： G06Q10/10 ,  G06F15/173 ,  G06F17/30 ,  G06F17/30368 ,  G06F17/30525

摘要： Methods, systems, and articles for receiving, by a monitor server, change data associated with a change captured on a target host, are described herein. In various embodiments, the target host may have provided the change data in response to detecting the change, and the change data may include one or more rules, settings, and/or parameters. Further, in some embodiments, the monitor server may then group the change data into clusters and may correlate the clusters with a change catalog in order to provide a possible reason or cause for the cluster of changes. Once the change data have been classified as clusters, a report may be generated providing classification or categorization and cluster information for the various changes. In various embodiments, the generating may comprise generating a report to the target host and/or to an administrative user. In various embodiments, a reason may be determined for causing a cluster of changes and the change catalog may updated with the reason.

公开(公告)号：US09256841B2

公开(公告)日：2016-02-09

申请号：US13465935

申请日：2012-05-07

申请人： Robert A. DiFalco ,  Kenneth L. Keeler ,  Robert L. Warmack

发明人： Robert A. DiFalco ,  Kenneth L. Keeler ,  Robert L. Warmack

IPC分类号： G06F15/16 ,  G06Q10/00 ,  G06Q10/06

CPC分类号： H04L63/20 ,  G06F17/30088 ,  G06Q10/00 ,  G06Q10/0637 ,  H04L63/102

摘要： Embodiments of the present invention provide methods and systems for automated change audit of an enterprise's IT infrastructure, including independent detection of changes, reconciliation of detected changes and independent reporting, to effectuate a triad of controls on managing changes within the IT infrastructure, preventive controls, detective controls and corrective controls.

摘要翻译： 本发明的实施例提供了用于企业IT基础设施的自动变更审计的方法和系统，包括对变更的独立检测，检测到的变更的调节和独立报告，以实现管理IT基础架构内的变更的三合一控制，预防性控制， 侦缉控制和纠正控制。

公开(公告)号：US08712815B1

公开(公告)日：2014-04-29

申请号：US12942959

申请日：2010-11-09

申请人： Elizabeth A. Nichols ,  Patrick James McNerthney ,  Biao Ren

发明人： Elizabeth A. Nichols ,  Patrick James McNerthney ,  Biao Ren

IPC分类号： G06Q10/00

CPC分类号： G06Q10/00 ,  G06F11/3409 ,  G06F11/3452 ,  G06F11/3476 ,  G06Q10/06393

摘要： Techniques for dynamically representing distributed information are disclosed. According to one embodiment, metrics for deployed resources in a predefined environment (e.g., an enterprise) is designed. The metrics includes at least various logic and data sources and is deployed as one or more Metrics Definition Packages (MDP), wherein data sources are used for calculating such metrics. The metrics is defined in terms of the data sources and their associated meta-data, but has no dependency upon specific external systems that are eventually used to populate the data sources when the Metrics Definition Package is executed. The metrics results from the execution of the Metrics Definition Package in accordance with the deployed resources (e.g., storage space, and security means) are represented in what is referred to as a Scorecard Definition Package (SDP) that is designed to represent the metrics results in a dynamic and comprehensible manner.

摘要翻译： 公开了用于动态表示分布式信息的技术。 根据一个实施例，设计了在预定环境（例如，企业）中部署资源的度量。 度量包括至少各种逻辑和数据源，并且被部署为一个或多个度量定义包（MDP），其中数据源用于计算这些度量。 度量是根据数据源及其关联的元数据进行定义的，但不依赖于在执行度量标准定义包时最终用于填充数据源的特定外部系统。 根据所部署的资源（例如，存储空间和安全手段），Metrics Definition Package的执行所产生的指标是以被称为记分卡定义软件包（SDP）的形式表示的，该记分卡定义软件包旨在表示指标结果 以动态和可理解的方式。