Abstract: A particular scan set to be performed on at least a portion of a computing environment is identified. A particular scan engine, in a plurality of scan engines, is identified that is adapted to perform at least one scan in the particular scan set, each scan engine in the plurality of scan engines adapted to perform one or more scans on one or more host devices in the computing environment. A request is sent to the particular scan engine to perform the at least one scan in the particular scan set and scan result data is received from the particular scan engine corresponding to the at least one scan in the particular scan set.

Abstract: A scan engine receives a request to perform a particular scan on at least a portion of a computing environment. The scan engine identifies a particular language interpreter in a set of available language interpreters for use in performing the particular scan and performs the particular scan using the particular language interpreter. The scan engine returns results of the particular scan. In some implementations, the scan engine is implemented on an agent enabling communication between the scan engine and an asset management system.

Abstract: A scan engine receives a request to perform a particular scan on at least a portion of a computing environment. The scan engine identifies a particular language interpreter in a set of available language interpreters for use in performing the particular scan and performs the particular scan using the particular language interpreter. The scan engine returns results of the particular scan. In some implementations, the scan engine is implemented on an agent enabling communication between the scan engine and an asset management system.

Abstract: A particular scan set to be performed on at least a portion of a computing environment is identified. A particular scan engine, in a plurality of scan engines, is identified that is adapted to perform at least one scan in the particular scan set, each scan engine in the plurality of scan engines adapted to perform one or more scans on one or more host devices in the computing environment. A request is sent to the particular scan engine to perform the at least one scan in the particular scan set and scan result data is received from the particular scan engine corresponding to the at least one scan in the particular scan set.

Abstract: A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.

Abstract: A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.