US9270694B2 - Systems and methods for assessing security for a network of assets and providing recommendations - Google Patents
Systems and methods for assessing security for a network of assets and providing recommendations Download PDFInfo
- Publication number
- US9270694B2 US9270694B2 US13/899,117 US201313899117A US9270694B2 US 9270694 B2 US9270694 B2 US 9270694B2 US 201313899117 A US201313899117 A US 201313899117A US 9270694 B2 US9270694 B2 US 9270694B2
- Authority
- US
- United States
- Prior art keywords
- security
- computer
- assets
- computer assets
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/085—Retrieval of network configuration; Tracking network configuration history
- H04L41/0853—Retrieval of network configuration; Tracking network configuration history by actively collecting configuration information or by backing up configuration information
- H04L41/0856—Retrieval of network configuration; Tracking network configuration history by actively collecting configuration information or by backing up configuration information by backing up or archiving configuration information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/082—Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
Definitions
- malware In today's distributed computing environments, security is of the utmost importance. Due to the rise of wide-area public networks, users have unlimited access to content, e.g. data, files, applications, programs, etc., from a variety of sources. Additionally, the users' connection to the public networks provides a window for malicious entities to attack the users' computing systems. Malicious entities utilize this ease of accessibility and anonymity to attack the users. For example, the malicious entities can plant viruses, Trojans, or other malicious agents in publicly available content in order to attack the users' computing systems and steal sensitive information from the users and can attack the users' system remotely across the public networks.
- FIGS. 1A and 1B illustrate an example of a network environment in which an overall security assessment can be performed, according to various implementations
- FIG. 2 illustrates an example of a process for determining an overall security assessment of a network environment, according to various implementations
- FIG. 3 illustrates an example of a process for determining an overall security score for a network environment, according to various implementations
- FIGS. 4A-4V illustrates examples of interfaces that can be used to communicate with a security assessment tool, according to various implementations.
- FIG. 5 illustrates an example of a computer device, according to various implementations.
- systems and methods are directed to providing an overall security assessment of a network of computer assets.
- a security assessment tool can determine computer assets in a network and provide an overall security score for the network.
- the overall security score can represent an objective measure of the security of the network that considers potential security threats to the computer assets, counter measures deployed in the network to address the potential security threats, and the effectiveness of the counter measures.
- the security assessment tool can provide recommendations for improving the security of the network.
- FIGS. 1A and 1B illustrate an example of a network environment 100 , in which a security assessment can be performed, according to various implementations. While FIGS. 1A and 1B illustrate various components contained in the network environment 100 , FIGS. 1A and 1 B illustrate one example of a network environment and additional components can be added and existing components can be removed.
- the network environment 100 can represent the computer systems and network hardware of public or private entities, such as governmental agencies, individuals, businesses, partnerships, companies, corporations, etc., utilized to support the entities.
- the network environment 100 can include a number of computer assets 102 .
- the computer assets 102 can be connected by one or more local area networks 104 and one or more wide area network 106 .
- a security assessment tool 108 can be configured to assess the security of the network environment 100 and provide an overall security score for the network environment 100 .
- the computer assets 102 can include any type of conventional computer systems that are operating with the network environment 100 or supporting the network environment 100 .
- the network environment 100 can include various types of servers, such as file servers, web servers, application servers, database servers, email servers and the like, that provide services within the network environment 100 .
- the computer assets 102 can include laptop computers, desktop computers, tablet computers, mobile phones, and the like used by the personnel of the entities.
- the computer assets 102 can include other hardware and computer systems that support the network environment 100 .
- the computer assets 102 can include gateways, routers, wireless access points, firewalls, and the like that support any type of communications networks, such as the local area network 104 and the wide area networks 106 , to allow the computing systems in the network environment 100 to communicate.
- the computer systems in the network environment 100 can include hardware resources, such as processors, memory, network hardware, storage devices, and the like, and software resources, such as operating systems (OS), application programs, and the like.
- OS operating systems
- the computer assets 102 can include virtualized computer systems, such as virtual machines (VM).
- VM virtual machines
- a VM can be a virtualized computer system, or a software implementation of a computer system layered on top of any of physical computer system.
- the VM's access to the underlying computer system can be controlled through a hypervisor or virtual machine monitor.
- the VMs can provide for multiple and/or different operating system environments to run concurrently on a single computer system.
- the computer assets 102 can include any system, whether physical or virtual, that performs computing processes in the network environment 100 .
- the computer assets 102 in the network environment 100 can be located at any location, whether located at single geographic location or remotely located from each other.
- the network environment 100 can represent the computer assets 102 of a company that is located in multiple geographic locations.
- one or more of the computer assets 102 can be located at one location (e.g. one office of the company) and one or more of the computer assets 102 can be located at one or more different locations (e.g. satellite offices of the company).
- the security assessment tool 108 can be configured to assess the overall security of the network environment 100 .
- the security assessment tool 108 can be configured to identify the computer assets 102 of the network environment 100 . Once identified, the security assessment tool 108 can be configured to determine the security information of the network environment 100 and the computer assets 102 . Based on the security information, the security assessment tool 108 can be configured to determine potential security threats to the network environment 100 and the computer assets 102 . Likewise, based on the security information, the security assessment tool 108 can be configured to determine counter measures that are deployed in the network environment 100 and deployed on the computer assets 102 to address the potential security threats. Based on the effectiveness of the deployed counter measures, the security assessment tool 108 can be configured to provide an overall assessment of the security of the network environment 100 . Based on the overall security assessment, the security assessment tool 108 can be configured to provide recommendations for improving the security of the network environment 100 .
- a security threat can be any process, method, technique, algorithm, condition, software program, policy, and the like that can be utilized to compromise the security of the network environment 100 .
- a security threat can include known threat vectors for computer assets 102 and the network environment 100 , such as known malware, known exploits, known viruses, and the like.
- a counter measure can include processes, techniques, methods, algorithms, conditions, policies, software programs and the like that can be implemented in the network environment 100 to address potential security threats.
- Security information can include any information about the structure of the network environment 100 and any information about the computer assets 102 .
- the security information can include security details of the network environment 100 , such as security polices of the network environment 100 , details of computer assets 102 (e.g. firewalls) providing security in the network environment 100 , and the like.
- the security information can include security details of the computer assets 102 , such as the configuration of the computer assets 102 , system setting of the computer assets 102 , software programs including security software programs installed on the computer assets 102 , security settings of the computer assets 102 , configuration policies of the computer assets 102 , security policies of the computer assets 102 , access information for the computer assets 102 , and details of software programs installed on the computer assets.
- the security assessment tool 108 can be configured as a software program that is capable of being stored on and executed by a computer system, whether part of the network environment 100 or external to the network environment 100 .
- the security assessment tool 108 can be written in a variety of programming languages, such as JAVA, C++, Python code, Visual Basic, hypertext markup language (HTML), extensible markup language (XML), and the like to accommodate a variety of operating systems, computing system architectures, etc.
- FIG. 1B illustrates a more detailed view of the security assessment tool 108 .
- the security assessment tool 108 can be configured as a stand-alone software program and can include a scanner 110 , a threat model 112 , a score module 114 , and one or more interfaces 116 . While FIG. 1B illustrates the components as being part of the security assessment tool 108 , the components can be separate software programs that communicate with the security assessment tool 108 . Likewise, the security assessment tool 108 , itself, can be a component of another software program.
- the scanner 110 can include one or more software modules or tools that can scan the network environment 100 and the computer assets 102 .
- the scanner 110 can be configured to determine the structure of the network environment 100 and identify the computer assets 102 .
- the scanner 110 can be configured to determine the security information for the network environment 100 .
- the scanner 110 can be configured to include the necessary logic, commands, algorithms, and code to scan the network environment 100 and to communicate computer assets 102 .
- the scanner 110 can include various types of network scanners and vulnerability scanners, such as NeXposeTM or MetasploitTM from Rapid7, LLC.
- the threat model 112 can be a listing of known security threats to network environments.
- the threat model 112 can include the identification of the known security threats and details of the security threats.
- the details can include the types of the computer assets 102 that are vulnerable to the known security threats, the affect of the known security threats, one or more counter measures that address the known security threats, and the like.
- the score model 114 can include the necessary logic, commands, algorithms, and code utilized by the security assessment tool 108 to determine the overall security assessments and provide recommendations as described herein.
- the score model 114 can include a listing of the counter measures to security threats and a weighting value associated with each of the counter measures. The weighting value can represent the effectiveness of a particular counter measure.
- the security assessment tool 108 can also include an interface 116 .
- the interface 116 can be configured to allow one or more users to interact with the security assessment tool 108 .
- the interface 116 can be configured to provide one or more graphical user interfaces (GUIs) and/or command-line interfaces to allow a user to interact with the security assessment tool 108 .
- GUIs graphical user interfaces
- APIs application programming interfaces
- the security assessment tool 108 will be described with reference to a user interacting with the security assessment tool 108 .
- a user can include a one or more persons and/or one or more software programs that can interact with the security assessment tool 108 .
- a user can utilize the interface 116 interact with the security assessment tool 108 to perform the overall security assessment.
- the user can utilize the interface 116 to initiate a security assessment of the network environment 100 .
- the user can utilize the interface 116 to enter information about the network environment 100 and the computer assets 102 .
- the user can enter information about the structure of the network environment 100 such as network addresses of the network environment 100 .
- the user can enter information about the computer assets 102 , such as identification of the computer assets 102 , access information for the computer assets 102 , and the like.
- the security assessment tool 108 for example, the scanner 110 , can utilize the information provided by the user when identifying the computer assets 102 and when determining the security information for the network environment 100 .
- the security assessment tool 108 can utilize the interface 116 to output the results of the overall security assessment.
- the results can include the security score relative to the potential security threats and the overall security score determined by the security assessment tool 108 .
- the results can also include one or more recommendations for improving the security score relative to the potential security threats and the overall security score.
- the one or more recommendations can include deploying a new counter measure, changing a security setting of the computer assets 102 , changing a system setting of the computer assets 102 , changing a security policy of the computer systems 102 , updating software of the computer assets 102 , installing security software on the computer assets 102 , and improving access information for the computer assets 102 .
- the security assessment tool 108 can be configured to access one or more security resources 118 .
- the security resources 118 can be a source, whether internal or external to the network environment 100 , that provides information about security threats and counter measures.
- the security resources 118 can include security experts, security forums, security literature, empirical security testing platforms, and the like.
- the security resource 118 can include the user of the security assessment tool 108 .
- the security assessment tool 108 can utilize the security resources 118 to generate and update the threat model 112 .
- the security assessment tool 108 can also utilize the security resources 118 to generate and update the score model 114 .
- the security assessment tool 108 can utilize the security resources 118 to determine effectiveness metrics for the counter measures. The effectiveness metrics can be utilized to determine and update the weighting values for the counter measures.
- FIG. 2 illustrates an example of a process 200 for assessing the security of the network environment 100 , according to various implementations.
- the illustrated stages of the process 200 are examples and that any of the illustrated stages can be removed, additional stages can be added, and the order of the illustrated stages can be changed.
- the process can begin.
- the security assessment tool 108 can determine the computer assets 102 in the network environment 100 .
- the security assessment tool 108 can scan the network environment 100 to identify the computer assets 102 in the network environment 100 .
- the security assessment tool 108 can receive an identification of computer assets 102 from a user of the security assessment tool 108 .
- the security assessment tool 108 can receive, from a user, information about the network environment 100 and the computer assets 102 to assist in scanning the network environment 100 .
- the security assessment tool 108 can determine an actual deployment of counter measures on the computer assets. To determine the actual deployment of the counter measurers, the security assessment tool 108 can determine security information of the network environment 100 . The security assessment tool 108 can scan the network environment 100 and the computer assets 102 to identify security information. Likewise, the security assessment tool 108 can receive the security information from a user of the security assessment tool 108 . Additionally, the security assessment tool 108 can receive, from a user, information about the network environment 100 and the computer assets 102 to assist in scanning the network environment 100 .
- the security information can include any information about the structure of the network environment 100 and any information about the computer assets 102 .
- the security information can include security details of the network environment 100 , such as security polices of the network environment 100 , details of computer assets 102 (e.g. firewalls) providing security in the network environment 100 , and the like.
- the security information can include security details of the computer assets 102 , such as the configuration of the computer assets 102 , system setting of the computer assets 102 , software programs including security software programs installed on the computer assets 102 , security settings of the computer assets 102 , configuration policies of the computer assets 102 , security policies of the computer assets 102 , access information for the computer assets 102 , and details of software programs installed on the computer assets.
- the security assessment tool 108 can determine potential security threats to the network and determine counter measures to address the potential security threats. Based on the security information, the security assessment tool 108 can examine the threat model 112 to identify the potential security threats to the network environment 100 . Additionally, from the threat model 112 , the security assessment tool 108 can identify counter measure that can address the potential security threats to the network environment 100 .
- the security assessment tool 108 can determine potential security threats. For instance, if one or more of the computer assets 102 are running a particular OS or a particular software program, the security assessment tool 108 can determine any potential security threats and any counter measures that are applicable to the particular OS or software program. Likewise, for instance, if one or more of the computer assets 102 are connected to a public network (e.g. the internet), the security assessment tool 108 can determine any potential security threats and any counter measures that are associated with public networks.
- a public network e.g. the internet
- the security assessment tool 108 can determine an actual deployment of the counter measures in the network. Based on the security information and potential security threats, the security assessment tool 108 can determine which counter measures are actually deployed in the network environment 100 and on the computer assets 102 . The security assessment tool 108 can determine which of counter measures are deployed and the coverage of the counter measures (e.g. on which computer assets 102 are the counter measures deployed).
- the security assessment tool 108 can determine an overall security score for the network based on the actual deployment of the counter measures, potential security threats, and an effectiveness of the counter measures.
- the security assessment tool 108 can determine the overall security score based on potential security threats to the network environment 100 , the actual deployment of the counter measures in the network environment 100 , and effectiveness on the deployed counter measures.
- the overall security score can include security scores for different security threats.
- the security score for each security threat can reflect the actual deployment of counter measures for each counter measure and the effectiveness of the deployed counter measures.
- the overall security score can be the combination of the security scores for each potential security threat.
- the security score for each potential security threat and the overall security score can be a numerical value that represents the overall security score for the network environment 100 , where a higher numerical value represents better security relative to lower numerical values.
- the security score for each potential security threat and overall security score can be a numerical value between “0” and “10,” where “0” represents no security for potential security threats and “10” represents complete coverage for the potential security threats.
- the security assessment tool 108 can determine that the overall security score is 5.
- the security assessment tool 108 can determine recommendations for improving the overall security score.
- the recommendations can include any actions, procedures, processes, and the like for improving the security score relative to the potential security threats and the overall security score.
- the one or more recommendations can include deploying a new counter measure, changing a security setting of the computer assets 102 , changing a system setting of the computer assets 102 , changing a security policy of the computer systems 102 , updating software of the computer assets 102 , installing security software on the computer assets 102 , and improving access information for the computer assets 102 .
- the security assessment tool 108 can output the overall security score and the recommendations for the network environment 100 .
- the security assessment tool 108 can output the security score for each potential security threat and overall security score via the interface 116 .
- the security assessment tool 108 can output the value of the security score for each potential security threat and overall security score in addition to recommendations to improve the overall security score.
- the security assessment tool 108 can repeat the process above, over time, to determine new overall security scores. As new security threats arise, computer assets are added and removed from the network, new counter measures are determined, and as new counter measured are deployed, the security assessment tool 108 can determine new security score for each potential security threat and a new overall security score. Likewise, the security assessment tool 108 can determine impact of the changes on the new scores.
- the security assessment tool 108 can perform trending analysis over time.
- the trending analysis can be any procedure or process that determines how the security assessment changes over time.
- the security assessment tool 108 can track the change in the overall security (or security scores for potential threats), over time, and output a graph or other indication of the changes over time.
- the security assessment tool 108 can track the change in deployment of counter measures, over time, and output a graph or other indication of the changes over time.
- the process can end, repeat, or return to any point.
- FIG. 3 illustrates an example of a process 300 for determining an overall security score and implementing recommendations, according to various implementations.
- the illustrated stages of the process 300 are examples and that any of the illustrated stages can be removed, additional stages can be added, and the order of the illustrated stages can be changed.
- the process can begin.
- the security assessment tool 108 can initially determine computer assets in a computer network and counter measures deployed on the computer assets. For example, when the security assessment tool 108 first examines the network environment 100 , the security assessment tool 108 can determine the computer assets and security information for the network environment 100 . The security assessment tool 108 can determine the computer assets and security information according to the procedures as discussed above in FIG. 2 .
- the security assessment tool 108 can determine the overall security score and the recommendations based on the initial determination.
- the overall security scores can represent the initial overall security scores before performing any of the recommendations.
- the security assessment tool 108 can determine the overall security score based on the actual deployment of the counter measures, the potential security threats to the network environment, and an effectiveness of the counter measures according to the procedures as discussed above in FIG. 2 .
- the recommendations can include any actions, procedures, processes, and the like for improving the security score relative to the potential security threats and the overall security score.
- the one or more recommendations can include deploying a new counter measure, changing a security setting of the computer assets 102 , changing a system setting of the computer assets 102 , changing a security policy of the computer systems 102 , updating software of the computer assets 102 , installing security software on the computer assets 102 , and improving access information for the computer assets 102 .
- one or more of the recommendations can be implemented in the network environment 100 .
- the recommendations can be implemented by the security assessment tool 108 .
- the security assessment tool 108 can access the computer assets and perform the recommended action, such as deploying a new counter measure, changing a security setting of the computer assets 102 , changing a system setting of the computer assets 102 , changing a security policy of the computer systems 102 , updating software of the computer assets 102 , installing security software on the computer assets 102 , and improving access information for the computer assets 102 .
- a user or other computer system in the network environment 100 can implement the one or more recommendations.
- the security assessment tool 108 can output an identification of the one or more recommendations and instructions for performing the one or more recommendations. For example, if the recommendation is changing a security setting of a particular computer asset 102 , the security assessment tool 108 can output an identification of the particular computer asset 102 , an identification of the security setting to be changed, and instructions for changing the security setting. Based on the output identification and instructions, the user can implement the one or more recommendations.
- the security assessment tool 108 can perform the security assessment over time to determine have the overall security score changes relative to changes in the network environment 100 .
- the security assessment tool 108 can determine a change in computer assets in a network, change in counter measures deployed, or change in potential security threats.
- the security assessment tool 108 can rescan the computer assets 102 and determine new security information and changes in the security information.
- the security assessment tool 108 can determine if computer assets 102 have been removed and added.
- the user of the security assessment tool 108 can enter new security information, changes in the security information, and changes in the computer assets 102 .
- the security assessment tool 108 can determine, by examining the threat model 112 , new security threats, changes to existing security threats, new counter measures, and changes to existing counter measures.
- the security assessment tool 108 can determine a new overall security score and the new recommendations for improving the security score.
- the overall security scores can represent the initial overall security scores before performing any of the recommendations.
- the security assessment tool 108 can determine the overall security score based on the actual deployment of the counter measures, the potential security threats to the network environment, and an effectiveness of the counter measures according to the procedures as discussed above in FIG. 2 .
- the recommendations can include any actions, procedures, processes, and the like for improving the security score relative to the potential security threats and the overall security score.
- the one or more recommendations can include deploying a new counter measure, changing a security setting of the computer assets 102 , changing a system setting of the computer assets 102 , changing a security policy of the computer systems 102 , updating software of the computer assets 102 , installing security software on the computer assets 102 , and improving access information for the computer assets 102 .
- one or more of the new recommendation can be implemented.
- the new recommendations can be implemented by the security assessment tool 108 .
- the security assessment tool 108 can access the computer assets and perform the recommended action, such as deploying a new counter measure, changing a security setting of the computer assets 102 , changing a system setting of the computer assets 102 , changing a security policy of the computer systems 102 , updating software of the computer assets 102 , installing security software on the computer assets 102 , and improving access information for the computer assets 102 .
- a user or other computer system in the network environment 100 can implement the one or more new recommendations.
- the security assessment tool 108 can output an identification of the one or more recommendations and instructions for performing the one or more recommendations. For example, if the recommendation is adding a new counter measure, the security assessment tool 108 can output an identification of the counter measure, an identification of the computer assets affected by the new counter measure, and instructions for adding the new counter measure. Based on the output identification and instructions, the user can implement the one or more recommendations.
- the security assessment tool 108 can repeat the process over time as conditions in the network environment 100 change.
- the security assessment tool 108 can automatically repeat the process at predefined times or at the predetermined internals.
- the security assessment tool 108 can repeat the process at the request of a user or other computer system.
- the security assessment tool 108 can perform trending analysis over time.
- the trending analysis can be any procedure or process that determines how the security assessment changes over time.
- the security assessment tool 108 can track the change in the overall security (or security scores for potential threats), over time, and output a graph or other indication of the changes over time.
- the security assessment tool 108 can track the change in deployment of counter measures, over time, and output a graph or other indication of the changes over time.
- the process can end, repeat, or return to any point.
- FIGS. 4A-4V illustrate examples GUIs provided by the interface 116 that can be used to communicate with the security assessment tool 108 .
- the examples of the GUI can be provided locally at a computer system executing the security assessment tool 108 , such as displayed on a display. Additionally, the examples of the GUI, as described below, can be provided remotely to computer system, for example, in the form of web pages. Likewise, the examples of the GUIs can be provided via one or more application programming interfaces (APIs) to allow other software programs to interact with the security assessment tool 108 .
- APIs application programming interfaces
- the security assessment tool 108 can provide a GUI 400 .
- the GUI 400 can allow a user to enter information about themselves that allows the security assessment tool 108 to create an account with the security assessment tool 108 .
- the GUI 400 can include a window 401 that allows a user to provide their name, a user name, a password, and an email address.
- the security assessment tool 108 can utilize the account to grant access to the user, store preferences of the user, and the like. Once the account is created, the user can utilize fields and widgets 402 to access the security assessment tool 108 using the username and password.
- the security assessment tool 108 can provide a GUI 405 as illustrated in FIG. 4B .
- the GUI 405 can allow the user to initiate a scan of the network environment 400 , for example the initial scan of the network environment 400 .
- the GUI 405 can include fields 406 that allow the user to enter information about the network environment 100 , such as the domain credentials of the network environment 100 that allow the security assessment tool 108 to access the network environment 100 .
- the GUI 405 can also include a widget 407 that causes the security assessment tool 108 to initiate the scan.
- the security assessment tool 108 can determine the computer assets 102 in the network environment 100 and the security information of the computer assets 102 .
- the security assessment tool 108 can provide, during the scan, a GUI 408 that shows the progress of the scan.
- the security assessment tool 108 can determine the overall security assessment for the network environment 100 and display the results in a GUI 410 , as illustrate din FIG. 4D-4L .
- the GUI 410 can include fields 411 that display the overall security score and the security scores for each potential security threat.
- the GUI 410 can also include fields 412 that display the number of computer assets 102 in the network environment 100 scanned and the change in the number of computer assets 102 scanned since the last scan.
- the GUI 410 also includes a window 413 that displays the potential security threats and the actual coverage of the counter measures.
- the window 413 can include a description of the counter measures and a graphic (bar meter) that shows the potential security threats and the actual coverage actual deployment of the counter measures addressing the security threat.
- the graphic can include slider bars that allow a user to set a goal for the actual coverage actual deployment of the counter measures.
- the window 413 can also include a graphic that shows the change in the actual deployment of the counter measures since the last scan.
- the GUI 410 can also include a window 414 that shows the recommendations for improving the security scores.
- the GUI 410 can also include a window 415 that shows details of the computer assets 102 , such as network address, user, type of system, and the risk of the computer asset 102 relative to the potential security threats.
- the window 413 can be interact to allow the user to view additional details on more or more of the potential security threats. As illustrated, a user can expand a particular potential security threat to view each counter measure deployed. As illustrated in FIG. 4F , the window 413 , 414 , and 415 can also be linked. If a user selects a potential threat in window 413 , the recommendations displayed in the window 414 can be sorted for the selected potential security threat, and the computer assets 102 displayed in the window 415 can be the computer assets affected by the selected potential security threat. As illustrated in FIG. 4G and FIG. 4I , the window 415 can also be interactive.
- a user can select a computer asset 102 to view additional details of the computer asset 102 (windows 417 and 418 ).
- the window 414 can also be interactive.
- the user can select a particular recommendation in the window 414 , and the security assessment tool 108 can display a window 416 .
- the window 416 can show detailed instructions for implementing the recommendation.
- the GUI 410 can also include widgets 419 , 420 , and 421 that also the user to view setup tips, progress of an ongoing scan, and specify computer assets 102 to scan, respectively.
- the security assessment tool 108 can also allow a user to search for computer assets 102 .
- FIG. 4M illustrates a window 422 of a search performed on a network address range “202.160.183.x”.
- the security assessment tool 108 can perform trending analysis.
- FIG. 4N illustrates an example of a trending analysis performed by the security assessment tool 108 .
- the security assessment tool 108 can provide a GUI 425 .
- the GUI 425 can include a graph that shows the trends of the security assessment, for example, change in deployment of a counter measure.
- the user can use the interface to manage the security assessment tool 108 .
- FIGS. 40-4Q illustrate a GUI 430 that can be utilized to schedule scans by the security assessment tool 108 .
- the GUI 430 can include a window 432 that allows a user to specify the details of automatic scan to be performed by the security assessment tool 108 .
- the GUI 430 can also include fields that display the progress of scan in progress.
- FIGS. 4R-4V illustrate other GUI that can be used to management to process of the security assessment tool 108 .
- FIGS. 4R and 4S illustrate GUIs 440 and 445 that can be utilized to enter information about the computer assets 102 .
- FIG. 4T illustrates a GUI 450 that can be utilized to manage the account information of the user's of the security assessment tool 108 .
- FIGS. 4U and 4V illustrate GUIs 455 and 460 that can be utilized to assign task to users and set goals.
- FIG. 5 illustrates an example of a hardware configuration for a computing device 500 implementing the security assessment tool 108 that can be used to perform one or more of the processes described above. While FIG. 5 illustrates various components contained in the computing device 500 , FIG. 5 illustrates one example of a computing device and additional components can be added and existing components can be removed.
- the computing device 500 can include one or more processors 502 of varying core configurations and clock frequencies.
- the computing device 500 can also include one or more memory devices 504 that serve as a main memory during the operation of the computing device 500 .
- a copy of the security assessment tool 108 can be stored in the one or more memory devices 504 .
- the computing device 500 can also include one or more peripheral interfaces 506 , such as keyboards, mice, touchpads, computer screens, touchscreens, etc., for enabling human interaction with and manipulation of the computing device 500 .
- the computing device 500 can also include one or more network interfaces 508 for communicating via one or more networks, such as Ethernet adapters, wireless transceivers, or serial network components, for communicating over wired or wireless media using protocols.
- the computing device 500 can also include one or more storage device 510 of varying physical dimensions and storage capacities, such as flash drives, hard drives, random access memory, etc., for storing data, such as images, files, and program instructions for execution by the one or more processors 502 .
- the computing device 500 can include one or more software programs 512 , such as the security assessment tool 108 .
- the one or more software programs 512 can include instructions that cause the one or more processors 502 to perform the processes described herein. Copies of the one or more software programs 512 can be stored in the one or more memory devices 504 and/or on in the one or more storage devices 510 .
- the data, for example, utilized by one or more software programs 512 can be stored in the one or more memory devices 504 and/or on in the one or more storage devices 510 .
- the computing device 500 can communicate with one or more remote user devices 514 and a network environment 518 , such as the network environment 100 , via a network 516 .
- the one or more remote user devices 514 can be any types of conventional computing devices.
- the one or more user devices 514 can be desktops, laptops, servers, etc., or mobile devices, such as smart telephones, tablet computers, cellular telephones, personal digital assistants, etc.
- the network 516 can be any type of network, such as a local area network, a wide-area network, a virtual private network, the Internet, an intranet, an extranet, a public switched telephone network, an infrared network, a wireless network, and any combination thereof.
- the network 516 can support communications using any of a variety of commercially-available protocols, such as TCP/IP, OSI, FTP, UPnP, NFS, CIFS, and AppleTalk.
- the network 516 can be, for example, a local area network, a wide-area network, a virtual private network, the Internet, an intranet, an extranet, a public switched telephone network, an infrared network, a wireless network, and any combination thereof.
- the computing device 500 can exchange data with the one or more user devices 514 and the network environment 518 over the network 516 .
- the computing device 500 can receive requests to perform security assessments and receive data regarding the security assessment requests.
- the computing device 500 and the security assessment tool 108 can be implemented as part of at least one service or Web service, such as may be part of a service-oriented architecture.
- the computing device 500 can exchange data with the one or more user devices 514 during operation of the at least one service or Web service.
- Services such as Web services can communicate using any appropriate type of messaging, such as by using messages in extensible markup language (XML) format and exchanged using an appropriate protocol such as SOAP (derived from the “Simple Object Access Protocol”).
- SOAP Simple Object Access Protocol
- Processes provided or executed by such services can be written in any appropriate language, such as the Web Services Description Language (WSDL).
- WSDL Web Services Description Language
- Using a language such as WSDL allows for functionality such as the automated generation of client-side code in various SOAP frameworks.
- the computing device 500 can be utilized as part of a Web server architecture.
- the computing device 500 can run any of a variety of server or mid-tier applications, including HTTP servers, FTP servers, CGI servers, data servers, Java servers, and business application servers.
- the computing device 500 also can be capable of executing programs or scripts in response requests from the one or more remote user devices 514 , such as by executing one or more Web applications that may be implemented as one or more scripts or programs written in any programming language, such as Java®, C, C# or C++, or any scripting language, such as Perl, Python, or TCL, as well as combinations thereof.
- the computing device 500 can also include database servers, including without limitation those commercially available from Oracle®, Microsoft®, Sybase®, and IBM®.
- the computing device 500 can include a variety of data stores and other memory and storage media as discussed above. These can reside in a variety of locations, such as on a storage medium local to (and/or resident in) one or more of the computers or remote from any or all of the computers across the network. In some implementations, information can reside in a storage-area network (“SAN”) familiar to those skilled in the art. Similarly, any necessary files for performing the functions attributed to the computers, servers, or other network devices may be stored locally and/or remotely, as appropriate.
- SAN storage-area network
- the components of the computing device 500 as described above need not be enclosed within a single enclosure or even located in close proximity to one another.
- the above-described componentry are examples only, as the computing device 500 can include any type of hardware componentry, including any necessary accompanying firmware or software, for performing the disclosed implementations.
- the computing device 500 can also be implemented in part or in whole by electronic circuit components or processors, such as application-specific integrated circuits (ASICs) or field-programmable gate arrays (FPGAs).
- ASICs application-specific integrated circuits
- FPGAs field-programmable gate arrays
- the computer program can exist in a variety of forms both active and inactive.
- the computer program can exist as one or more software programs, software modules, or both that can be comprised of program instructions in source code, object code, executable code or other formats; firmware program(s); or hardware description language (HDL) files.
- Any of the above can be embodied on a computer readable medium, which include computer readable storage devices and media, and signals, in compressed or uncompressed form.
- Examples of computer readable storage devices and media include conventional computer system RAM (random access memory), ROM (read-only memory), EPROM (erasable, programmable ROM), EEPROM (electrically erasable, programmable ROM), and magnetic or optical disks or tapes.
- Examples of computer readable signals are signals that a computer system hosting or running the present teachings can be configured to access, including signals downloaded through the Internet or other networks. Concrete examples of the foregoing include distribution of executable software program(s) of the computer program on a CD-ROM or via Internet download. In a sense, the Internet itself, as an abstract entity, is a computer readable medium. The same is true of computer networks in general.
- the terms “including”, “includes”, “having”, “has”, “with”, or variants thereof are used in either the detailed description and the claims, such terms are intended to be inclusive in a manner similar to the term “comprising.”
- the terms “one or more of” and “at least one of” with respect to a listing of items such as, for example, A and B means A alone, B alone, or A and B.
- the term “set” should be interpreted as “one or more.”
- the term “couple” or “couples” is intended to mean either an indirect or direct connection. Thus, if a first device couples to a second device, that connection may be through a direct connection, or through an indirect connection via other devices, components, and connections.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (39)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/899,117 US9270694B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for assessing security for a network of assets and providing recommendations |
US13/899,093 US9264444B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for determining an objective security assessment for a network of assets |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/899,117 US9270694B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for assessing security for a network of assets and providing recommendations |
US13/899,093 US9264444B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for determining an objective security assessment for a network of assets |
Publications (2)
Publication Number | Publication Date |
---|---|
US20140351940A1 US20140351940A1 (en) | 2014-11-27 |
US9270694B2 true US9270694B2 (en) | 2016-02-23 |
Family
ID=51936337
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/899,117 Active US9270694B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for assessing security for a network of assets and providing recommendations |
US13/899,093 Active US9264444B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for determining an objective security assessment for a network of assets |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/899,093 Active US9264444B2 (en) | 2013-05-21 | 2013-05-21 | Systems and methods for determining an objective security assessment for a network of assets |
Country Status (1)
Country | Link |
---|---|
US (2) | US9270694B2 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9930062B1 (en) | 2017-06-26 | 2018-03-27 | Factory Mutual Insurance Company | Systems and methods for cyber security risk assessment |
US10318903B2 (en) | 2016-05-06 | 2019-06-11 | General Electric Company | Constrained cash computing system to optimally schedule aircraft repair capacity with closed loop dynamic physical state and asset utilization attainment control |
US10915638B2 (en) | 2018-05-16 | 2021-02-09 | Target Brands Inc. | Electronic security evaluator |
US11290475B2 (en) | 2019-11-12 | 2022-03-29 | Bank Of America Corporation | System for technology resource centric rapid resiliency modeling |
US11394733B2 (en) | 2019-11-12 | 2022-07-19 | Bank Of America Corporation | System for generation and implementation of resiliency controls for securing technology resources |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9754392B2 (en) | 2013-03-04 | 2017-09-05 | Microsoft Technology Licensing, Llc | Generating data-mapped visualization of data |
US20140359780A1 (en) * | 2013-05-29 | 2014-12-04 | Cytegic Ltd. | Anti-cyber attacks control vectors |
US9137237B2 (en) | 2013-09-03 | 2015-09-15 | Microsoft Technology Licensing, Llc | Automatically generating certification documents |
US20150089300A1 (en) * | 2013-09-26 | 2015-03-26 | Microsoft Corporation | Automated risk tracking through compliance testing |
US9992230B1 (en) * | 2013-09-27 | 2018-06-05 | Tripwire, Inc. | Assessing security control quality and state in an information technology infrastructure |
US9118714B1 (en) * | 2014-07-23 | 2015-08-25 | Lookingglass Cyber Solutions, Inc. | Apparatuses, methods and systems for a cyber threat visualization and editing user interface |
US11165812B2 (en) | 2014-12-03 | 2021-11-02 | Splunk Inc. | Containment of security threats within a computing environment |
US10216938B2 (en) * | 2014-12-05 | 2019-02-26 | T-Mobile Usa, Inc. | Recombinant threat modeling |
US10574675B2 (en) | 2014-12-05 | 2020-02-25 | T-Mobile Usa, Inc. | Similarity search for discovering multiple vector attacks |
JP2018508067A (en) | 2015-01-06 | 2018-03-22 | アンブラ テクノロジーズ リミテッドUmbra Technologies Ltd. | System and method for neutral application programming interface |
CN115834534A (en) * | 2015-01-28 | 2023-03-21 | 安博科技有限公司 | System for global virtual network |
US20160234242A1 (en) * | 2015-02-11 | 2016-08-11 | Honeywell International Inc. | Apparatus and method for providing possible causes, recommended actions, and potential impacts related to identified cyber-security risk items |
ES2959674T3 (en) | 2015-04-07 | 2024-02-27 | Umbra Tech Ltd | Cloud Multi-Perimeter Firewall |
US9699205B2 (en) * | 2015-08-31 | 2017-07-04 | Splunk Inc. | Network security system |
US9767291B2 (en) * | 2015-10-06 | 2017-09-19 | Netflix, Inc. | Systems and methods for security and risk assessment and testing of applications |
US10021115B2 (en) * | 2015-11-03 | 2018-07-10 | Juniper Networks, Inc. | Integrated security system having rule optimization |
ES2931177T3 (en) | 2015-12-11 | 2022-12-27 | Umbra Tech Ltd | System and method for launching information through a network tapestry and granularity of a brand |
US9998487B2 (en) * | 2016-04-25 | 2018-06-12 | General Electric Company | Domain level threat detection for industrial asset control system |
CN116112539A (en) | 2016-04-26 | 2023-05-12 | 安博科技有限公司 | Sling routing logic and load balancing |
RU2638710C1 (en) * | 2016-10-10 | 2017-12-15 | Акционерное общество "Лаборатория Касперского" | Methods of detecting malicious elements of web pages |
US10212184B2 (en) | 2016-10-27 | 2019-02-19 | Opaq Networks, Inc. | Method for the continuous calculation of a cyber security risk index |
US10609045B2 (en) * | 2017-06-29 | 2020-03-31 | Certis Cisco Security Pte Ltd | Autonomic incident triage prioritization by performance modifier and temporal decay parameters |
KR102199054B1 (en) * | 2017-08-10 | 2021-01-07 | 한국전자통신연구원 | Apparatus for serial port based cyber security vulnerability assessment and method for the same |
US11546365B2 (en) * | 2018-01-28 | 2023-01-03 | AVAST Software s.r.o. | Computer network security assessment engine |
US11418528B2 (en) * | 2018-11-02 | 2022-08-16 | Rapid7, Inc. | Dynamic best path determination for penetration testing |
US11128670B2 (en) | 2019-02-26 | 2021-09-21 | Oracle International Corporation | Methods, systems, and computer readable media for dynamically remediating a security system entity |
US11252178B1 (en) | 2019-10-16 | 2022-02-15 | Metis Technology Solutions, Inc. | System and method for automating security configuration standards assessments and mitigations |
US11706248B2 (en) * | 2020-01-31 | 2023-07-18 | Fidelis Cybersecurity, Inc. | Aggregation and flow propagation of elements of cyber-risk in an enterprise |
US20220038507A1 (en) * | 2020-07-29 | 2022-02-03 | Guard Dog Solutions Inc. | Methods, apparatuses and systems for negotiating digital standards and compliance |
US12111933B2 (en) | 2022-02-07 | 2024-10-08 | Bank Of America Corporation | System and method for dynamically updating existing threat models based on newly identified active threats |
CN115134258B (en) * | 2022-06-29 | 2024-01-30 | 北京计算机技术及应用研究所 | Network security effectiveness measurement method based on network attack surface |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020026591A1 (en) * | 1998-06-15 | 2002-02-28 | Hartley Bruce V. | Method and apparatus for assessing the security of a computer system |
US20040006704A1 (en) * | 2002-07-02 | 2004-01-08 | Dahlstrom Dale A. | System and method for determining security vulnerabilities |
US7584508B1 (en) * | 2008-12-31 | 2009-09-01 | Kaspersky Lab Zao | Adaptive security for information devices |
US20110138471A1 (en) * | 2009-12-08 | 2011-06-09 | Verizon Patent And Licensing, Inc. | Security handling based on risk management |
US20140173738A1 (en) * | 2012-12-18 | 2014-06-19 | Michael Condry | User device security profile |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070180525A1 (en) * | 2006-01-30 | 2007-08-02 | Bagnall Robert J | Security system and method |
US8990947B2 (en) * | 2008-02-04 | 2015-03-24 | Microsoft Technology Licensing, Llc | Analytics engine |
GB0909079D0 (en) * | 2009-05-27 | 2009-07-01 | Quantar Llp | Assessing threat to at least one computer network |
US9058486B2 (en) * | 2011-10-18 | 2015-06-16 | Mcafee, Inc. | User behavioral risk assessment |
-
2013
- 2013-05-21 US US13/899,117 patent/US9270694B2/en active Active
- 2013-05-21 US US13/899,093 patent/US9264444B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020026591A1 (en) * | 1998-06-15 | 2002-02-28 | Hartley Bruce V. | Method and apparatus for assessing the security of a computer system |
US20040006704A1 (en) * | 2002-07-02 | 2004-01-08 | Dahlstrom Dale A. | System and method for determining security vulnerabilities |
US7584508B1 (en) * | 2008-12-31 | 2009-09-01 | Kaspersky Lab Zao | Adaptive security for information devices |
US20110138471A1 (en) * | 2009-12-08 | 2011-06-09 | Verizon Patent And Licensing, Inc. | Security handling based on risk management |
US20140173738A1 (en) * | 2012-12-18 | 2014-06-19 | Michael Condry | User device security profile |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10318903B2 (en) | 2016-05-06 | 2019-06-11 | General Electric Company | Constrained cash computing system to optimally schedule aircraft repair capacity with closed loop dynamic physical state and asset utilization attainment control |
US10318904B2 (en) | 2016-05-06 | 2019-06-11 | General Electric Company | Computing system to control the use of physical state attainment of assets to meet temporal performance criteria |
US9930062B1 (en) | 2017-06-26 | 2018-03-27 | Factory Mutual Insurance Company | Systems and methods for cyber security risk assessment |
US10915638B2 (en) | 2018-05-16 | 2021-02-09 | Target Brands Inc. | Electronic security evaluator |
US11290475B2 (en) | 2019-11-12 | 2022-03-29 | Bank Of America Corporation | System for technology resource centric rapid resiliency modeling |
US11394733B2 (en) | 2019-11-12 | 2022-07-19 | Bank Of America Corporation | System for generation and implementation of resiliency controls for securing technology resources |
Also Published As
Publication number | Publication date |
---|---|
US20140351940A1 (en) | 2014-11-27 |
US20140351939A1 (en) | 2014-11-27 |
US9264444B2 (en) | 2016-02-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9270694B2 (en) | Systems and methods for assessing security for a network of assets and providing recommendations | |
US11196773B2 (en) | Framework for coordination between endpoint security and network security services | |
US10623418B2 (en) | Internet of Things security appliance | |
US10924347B1 (en) | Networking device configuration value persistence | |
US12088620B2 (en) | Interactive web application scanning | |
US10142290B1 (en) | Host-based firewall for distributed computer systems | |
US9262624B2 (en) | Device-tailored whitelists | |
US11665052B2 (en) | Internet of things gateway onboarding | |
US20140137190A1 (en) | Methods and systems for passively detecting security levels in client devices | |
US11328056B2 (en) | Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram | |
US20210294896A1 (en) | Endpoint detection and response attack process tree auto-play | |
US10623433B1 (en) | Configurable event-based compute instance security assessments | |
US11503070B2 (en) | Techniques for classifying a web page based upon functions used to render the web page | |
US20210306375A1 (en) | Live forensic browsing of urls | |
US20180316711A1 (en) | Personalized threat protection | |
US11416613B2 (en) | Attack detection through exposure of command abuse | |
US20210084054A1 (en) | Simulating user interactions for malware analysis | |
JP2019192265A (en) | Information processing apparatus, information processing method, and program | |
US11989294B2 (en) | Detecting and preventing installation and execution of malicious browser extensions | |
US11743263B2 (en) | System and method to control application access | |
US10230744B1 (en) | Detecting periodic behavior in a communication session using clustering | |
JP2010237836A (en) | Security audit period derivation device, security audit period derivation program, and recording medium | |
US11374959B2 (en) | Identifying and circumventing security scanners |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SILICON VALLEY BANK, MASSACHUSETTS Free format text: SECURITY AGREEMENT;ASSIGNOR:RAPID7 LLC;REEL/FRAME:031870/0367 Effective date: 20131227 |
|
AS | Assignment |
Owner name: SILICON VALLEY BANK, MASSACHUSETTS Free format text: SECURITY AGREEMENT;ASSIGNOR:RAPID7 LLC;REEL/FRAME:031872/0199 Effective date: 20131227 |
|
AS | Assignment |
Owner name: RAPID7 LLC, MASSACHUSETTS Free format text: FULL RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:SILICON VALLEY BANK;REEL/FRAME:037233/0889 Effective date: 20151207 |
|
AS | Assignment |
Owner name: RAPID7, LLC, MASSACHUSETTS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LODER, CHAD;WOLF, DANA ELIZABETH;HATHAWAY, MATTHEW ROBERT;SIGNING DATES FROM 20151222 TO 20160113;REEL/FRAME:037477/0211 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY Year of fee payment: 4 |
|
AS | Assignment |
Owner name: KEYBANK NATIONAL ASSOCIATION, OHIO Free format text: INTELLECTUAL PROPERTY SECURITY AGREEMENT;ASSIGNOR:RAPID7 LLC;REEL/FRAME:052487/0013 Effective date: 20200423 |
|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |