Mcafee, Inc.

Marshall A Beddoe

Robin Malcolm Keir

Stuart McClure

George Robert Kurtz

David Michael Cole

Michael J Morton

Christopher M Prosise

Christopher Abad

Robin Keir

Stuart C Mcclure

David M Cole

A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.

System and method for network vulnerability detection and reporting

A system and a method enhance endpoint security of a computer network. The system and method generate security assessments of hosts on quarantined and non-quarantined networks. Based on the generated security assessments, secure hosts are connected to the non-quarantined network and non-secure or vulnerable hosts are connected to the quarantined network. A remediation engine assists with fixing vulnerabilities of the hosts on the quarantined network. Endpoint security agents, security scanners, and remediation engines that carry out the foregoing functions reside on each of the quarantined and non-quarantined networks on hosts that are different from the target hosts. Under such an architecture, the endpoint security system can advantageously be operating system agnostic and can provide complete and powerful endpoint security for targeted hosts without being installed on each individual targeted host. Alternatively, endpoint security agents, security scanners, and remediation agents can reside partially or wholly on one or more target hosts.

System and method of network endpoint security

A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.

An automated system performs multiple tests for identifying an operating system executed by a network node. A combination of multiple tests may be calibrated to generate an acceptably accurate operating system identification. An identification module makes an overall identification based on identifications of the tests. A plurality of identification rules may determine which of the individual tests is likely to be most accurate. The system also may include a conflict resolution module that resolves conflicts among the multiple tests. The conflict resolution module may employ a plurality of conflict resolution definitions that define special cases in which the general identification rules may be overridden to make an identification without regard to the general identification rules. Alternatively, the conflict resolution module may be configured to work in combination with the general identification rules to make an operating system identification.

Growing community of inventors

San Clemente, CA, United States of America

Marshall A Beddoe