Abstract: A system for detecting suboptimal performance of security check operations. The system may include a sensor operable to output sensor data indicative of physical characteristics of a security check environment, an output device, and a processing device comprising a processor and a memory. The security check environment may include at least one of a prohibited object detector, a human patron, an object carried by the human patron, and a human security officer. The processing device may be operable to: determine, based on the sensor data, that security check operations at the security check environment are being performed in a suboptimal manner; and in response to determining that the security check operations are being performed in a suboptimal manner, output alarm data to the output device to cause the output device to output an alarm signal indicative of the suboptimal manner in which the security check operations are being performed.

Abstract: A method and appertaining system for implementing the method are provided that utilize predefined Best Practice Templates that are rules/criteria for assessing the security of a particular network and devices on the network. A value is determined for each object and connection within a network as to whether it passes or fails one of the Best Practice criteria, and a pass ratio is determined for a particular Best Practice. Numerous Best Practice tests may be run, and an overall total value based on the collective sum of the Best Practice measurements is determined. This value can be utilized to provide a user with information that relates to the overall security of a network and can be used in compliance determinations and network architecture design.

Abstract: Described herein are a method and system for analyzing the security of a computer network. According to various implementations, there is a device adapter associated with each device that has a significant impact on the security of the network (e.g., routers, switches, gateways, or “significant hosts”). The device adapter, which may be implemented as a piece of software executing remotely from the device, queries the device to determine what its security settings are (e.g., its firewall rules). The device adapter conducts the query using whichever form of communication the device requires (e.g., telnet, HTTP) and using whichever command set the device requires. Each type of device on the network has a software model associated with it. For example, there may be a router model, a switch model, a firewall model, and a gateway model. The model is made up of a series of rule sets. Each rule set includes rules that are derived from the configuration of the device (obtained by the device adapter).