Abstract: A system for security self-assessment for a computer platform. The system comprises a memory, a processor, and an application stored in the memory. When executed by the processor, the application in association with a call to action transmits security self-assessment logic and at least one security self-assessment policy to a computer platform, wherein the security self-assessment policy defines at least one scan tool to be used by the security self-assessment logic when executed on the computer platform to perform a security self-assessment of the computer platform. The system further comprises a plurality of scan tools stored in the memory and accessible for downloading by the computer platform. The security self-assessment logic is configured to cause a processor of the computer platform to download at least one scan tool defined by the security self-assessment policy and to perform a security self-assessment.

Abstract: A system for security self-assessment for a computer platform. The system comprises a memory, a processor, and an application stored in the memory. When executed by the processor, the application in association with a call to action transmits security self-assessment logic and at least one security self-assessment policy to a computer platform, wherein the security self-assessment policy defines at least one scan tool to be used by the security self-assessment logic when executed on the computer platform to perform a security self-assessment of the computer platform. The system further comprises a plurality of scan tools stored in the memory and accessible for downloading by the computer platform. The security self-assessment logic is configured to cause a processor of the computer platform to download at least one scan tool defined by the security self-assessment policy and to perform a security self-assessment.

Abstract: A system is provided for use-based charging of security software. The system includes a security software, a monitor component, and a billing component. The security software provides security for a computer system, and the monitor component is operable to monitor use of at least a portion of the security software. The billing component is operable to charge based on the use of the security software monitored by the monitor component.

Abstract: A system and method for assessing risks to computer network is provided. The system includes a first module assesses a human factor related to a risk to the computer network. A second module assesses a remediation to the computer network, and a third module is operable to assess a life cycle of an asset on the computer network. A fourth module assesses a type of the asset used by the computer network.

Abstract: A remediation server, downloadable software and an associated method for protecting a computer network from vulnerabilities. Software in the form of at least one network protection module is downloaded to the remediation server for the computer network and executed to protect the computer network from vulnerabilities. Upon execution thereof, the network protection module queries a device inventory for the computer network which is maintained at the remediation server to determine if any devices of a specified device type reside on the computer network. For each such device determined to reside on the computer network, the network protection module subsequently resolves vulnerabilities for the device using a remediation signature associated with the device query.

Abstract: Abstract of the Disclosure A system and process for addressing computer security vulnerabilities. The system and process generally comprise aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address the computer vulnerabilities; and deploying said remediation signature to a client computer. The remediation signature essentially comprises a sequence of actions to address a corresponding vulnerability. A managed automated approach to the process is contemplated in which the system is capable of selective deployment of remediation signatures; selective resolution of vulnerabilities; scheduled deployment of remediation signatures; and scheduled scanning of client computers for vulnerabilities.

Abstract: Method and apparatus for protecting a remediated computer network during reconnection of a previously disconnected computer system. Upon initiation of reconnection to the computer network, the previously disconnected computer system raises a firewall to temporarily limit exchanges between the computer system and the remediated computer network until after a client remediation server residing on the computer network has resolved vulnerabilities of the computer system. The limitations on exchanges between the computer system and the remediated computer network are then removed by lowering the firewall.

Abstract: A system and process for addressing computer security vulnerabilities. The system and process generally comprise aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address the computer vulnerabilities; and deploying said remediation signature to a client computer. The remediation signature essentially comprises a sequence of actions to address a corresponding vulnerability. A managed automated approach to the process is contemplated in which the system is capable of selective deployment of remediation signatures; selective resolution of vulnerabilities; scheduled deployment of remediation signatures; and scheduled scanning of client computers for vulnerabilities.