CA3150264A1 - Systemes et procedes permettant de surveiller et de corriger des pratiques de securite de systeme informatique - Google Patents
Systemes et procedes permettant de surveiller et de corriger des pratiques de securite de systeme informatique Download PDFInfo
- Publication number
- CA3150264A1 CA3150264A1 CA3150264A CA3150264A CA3150264A1 CA 3150264 A1 CA3150264 A1 CA 3150264A1 CA 3150264 A CA3150264 A CA 3150264A CA 3150264 A CA3150264 A CA 3150264A CA 3150264 A1 CA3150264 A1 CA 3150264A1
- Authority
- CA
- Canada
- Prior art keywords
- security policy
- procedures
- risk management
- computing
- changes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 238000012544 monitoring process Methods 0.000 title claims abstract description 10
- 238000007726 management method Methods 0.000 claims description 60
- 230000008520 organization Effects 0.000 claims description 36
- 230000004044 response Effects 0.000 claims description 15
- 230000008859 change Effects 0.000 claims description 12
- 238000012913 prioritisation Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 description 23
- 238000012545 processing Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 10
- 230000006872 improvement Effects 0.000 description 7
- 238000013070 change management Methods 0.000 description 6
- 230000009885 systemic effect Effects 0.000 description 5
- 210000003813 thumb Anatomy 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 230000002155 anti-virotic effect Effects 0.000 description 4
- 206010003549 asthenia Diseases 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 208000016258 weakness Diseases 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000000875 corresponding effect Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 230000036528 appetite Effects 0.000 description 2
- 235000019789 appetite Nutrition 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 2
- 230000002950 deficient Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 241000283923 Marmota monax Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000001627 detrimental effect Effects 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000005067 remediation Methods 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 239000004576 sand Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 230000003442 weekly effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3466—Performance evaluation by tracing or monitoring
- G06F11/3495—Performance evaluation by tracing or monitoring for systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/84—Using snapshots, i.e. a logical point-in-time copy of the data
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Quality & Reliability (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Software Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Debugging And Monitoring (AREA)
Abstract
L'invention concerne des systèmes et procédés permettant de surveiller et de corriger des mesures de sécurité prises pour un système informatique. Des modes de réalisation représentatifs peuvent: déterminer un ensemble de paramètres de risque du système informatique; recueillir des ensembles de valeurs des paramètres de sécurité à divers moments et déterminer les réglages d'efficacité sur la base d'une comparaison des ensembles de valeurs et un temps écoulé entre la collecte des ensembles de valeurs.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/573,175 | 2019-09-17 | ||
US16/573,175 US11258828B2 (en) | 2018-05-28 | 2019-09-17 | Systems and methods for monitoring and correcting computer system security practices |
PCT/US2020/044948 WO2021055112A1 (fr) | 2019-09-17 | 2020-08-05 | Systèmes et procédés permettant de surveiller et de corriger des pratiques de sécurité de système informatique |
Publications (1)
Publication Number | Publication Date |
---|---|
CA3150264A1 true CA3150264A1 (fr) | 2021-03-25 |
Family
ID=74884515
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA3150264A Pending CA3150264A1 (fr) | 2019-09-17 | 2020-08-05 | Systemes et procedes permettant de surveiller et de corriger des pratiques de securite de systeme informatique |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP4032246A4 (fr) |
AU (1) | AU2020348194A1 (fr) |
CA (1) | CA3150264A1 (fr) |
WO (1) | WO2021055112A1 (fr) |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6735701B1 (en) * | 1998-06-25 | 2004-05-11 | Macarthur Investments, Llc | Network policy management and effectiveness system |
US20150033323A1 (en) | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Virtual patching system, method, and computer program product |
US20130179936A1 (en) | 2012-01-09 | 2013-07-11 | International Business Machines Corporation | Security policy management using incident analysis |
DE102012209829A1 (de) | 2012-04-20 | 2013-10-24 | Robert Bosch Gmbh | Kraftfahrzeugbordnetz mit Teilnetzen und Generatoranordnung, Generatoranordnung und Verfahren zum Betreiben eines Bordnetzes |
US10135874B1 (en) * | 2016-11-16 | 2018-11-20 | VCE IP Holding Company LLC | Compliance management system and method for an integrated computing system |
-
2020
- 2020-08-05 WO PCT/US2020/044948 patent/WO2021055112A1/fr unknown
- 2020-08-05 CA CA3150264A patent/CA3150264A1/fr active Pending
- 2020-08-05 AU AU2020348194A patent/AU2020348194A1/en active Pending
- 2020-08-05 EP EP20865458.2A patent/EP4032246A4/fr active Pending
Also Published As
Publication number | Publication date |
---|---|
AU2020348194A1 (en) | 2022-03-31 |
EP4032246A1 (fr) | 2022-07-27 |
EP4032246A4 (fr) | 2023-10-18 |
WO2021055112A1 (fr) | 2021-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11693964B2 (en) | Cyber security using one or more models trained on a normal behavior | |
Mughal | The Art of Cybersecurity: Defense in Depth Strategy for Robust Protection | |
US10574685B2 (en) | Synthetic cyber-risk model for vulnerability determination | |
Onwubiko | Cyber security operations centre: Security monitoring for protecting business and supporting cyber defense strategy | |
US20190364073A1 (en) | Systems and methods for determining the efficacy of computer system security policies | |
Mu et al. | An intrusion response decision-making model based on hierarchical task network planning | |
CA2950987A1 (fr) | Systeme de securite connecte | |
Beigh et al. | Intrusion Detection and Prevention System: Classification and Quick | |
Dressler et al. | Operational data classes for establishing situational awareness in cyberspace | |
Judijanto et al. | Edge of Enterprise Architecture in Addressing Cyber Security Threats and Business Risks | |
US11979426B2 (en) | Predictive vulnerability management analytics, orchestration, automation and remediation platform for computer systems. networks and devices | |
Bristow | A sans 2021 survey: Ot/ics cybersecurity | |
US11258828B2 (en) | Systems and methods for monitoring and correcting computer system security practices | |
Szabó | Cybersecurity issues in industrial control systems | |
Crowley et al. | The Definition of SOC-cess | |
Panguluri et al. | Cyber security: protecting water and wastewater infrastructure | |
AU2020348194A1 (en) | Systems and methods for monitoring and correcting computer system security practices | |
Mitsarakis | Contemporary Cyber Threats to Critical Infrastructures: Management and Countermeasures | |
Metzger | Cyber safety in the era of cyber warfare | |
Kapiton et al. | Automated setup system security configuration of network equipment. | |
Akheel | Vulnerability Assessment and Analysis of SCADA and Foundation Fieldbus on Industrial Control System (ICS) Networks: A Literature Revie. | |
Fortunato | Risk Management in ICS/SCADA Systems to Enhance Security within the Energy Sector | |
Irfan et al. | Information Security Framework Targeting DDOS attacks in Financial Institutes | |
Christopher | Protecting the Industrial Control System Environment: Implementing Active Cyber Defense to Aid Mitigation of Threat Intrusions | |
Malik | Cybersecurity: Security Automation and Continous Monitoring |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request |
Effective date: 20230706 |
|
EEER | Examination request |
Effective date: 20230706 |