Compliance violation detection
US-2018025011-A1 · Jan 25, 2018 · US
Testing and remediating compliance controls
US2019075081A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2019075081-A1 |
| Application number | US-201715694355-A |
| Country | US |
| Kind code | A1 |
| Filing date | Sep 1, 2017 |
| Priority date | Sep 1, 2017 |
| Publication date | Mar 7, 2019 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
First claim
Opening claim text (preview).
What is claimed is: 1 . A system, comprising: a memory that stores computer executable components; and a processor that executes the computer executable components stored in the memory, wherein the computer executable components comprise: an execution component that: based on compliance data, received from an entity, associated with a compliance rule of an endpoint device, scans the endpoint device for an indication of a violation of the compliance rule; and in response to the indication of the violation, facilitates execution of a script associated with the violation at the endpoint device, resulting in a remediation associated with the violation at the endpoint device. 2 . The system of claim 1 , wherein the computer executable components further comprise: a compliance component that transmits report data associated with a remediation compliance database in response to the remediation, wherein the report data is formatted according to a defined format. 3 . The system of claim 2 , wherein the report data comprises a value associated with the violation of the compliance rule. 4 . The system of claim 2 , wherein the computer executable components further comprise: a process manager component that receives, from the endpoint device, exception data associated with an exception to the compliance rule. 5 . The system of claim 4 , wherein the process manager component approves the exception in accordance with the compliance rule based on the exception data. 6 . The system of claim 1 , wherein indication is a first indication, and wherein the execution component receives a second indication associated with a current state of the endpoint device. 7 . The system of claim 6 , wherein the second indication comprises non-compliance data representative of the endpoint device being determined to be non-compliant with the compliance rule. 8 . The system of claim 1 , wherein the compliance data is first compliance data, and wherein the execution component transmits second compliance data comprising a command for prompting the endpoint device to be compliant with the compliance rule of an entity device. 9 . A computer program product that facilitates compliance control remediation, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to: based on compliance data, received from an entity and associated with a compliance rule of an endpoint device, scan, by the processor, the endpoint device for an indication of a violation of the compliance rule; and in response to the indication of the violation, execute, by the processor, a script associated with the violation at the endpoint device, resulting in a remediation associated with the violation at the endpoint device. 10 . The computer program product of claim 9 , wherein the program instructions are further executable by the processor to cause the processor to: in response to the remediation, transmit, by the processor, report data associated with a remediation compliance database, wherein the report data is formatted according to a defined format. 11 . The computer program product of claim 10 , wherein the report data comprises a value associated with the violation of the compliance rule. 12 . The computer program product of claim 9 , wherein the program instructions are further executable by the processor to cause the processor to: receive from the endpoint device, by the processor, exception data associated with an exception to the compliance rule. 13 . The computer program product of claim 12 , wherein the program instructions are further executable by the processor to cause the processor to: based on the exception data, approve, by the processor, the exception in accordance with the compliance rule. 14 . The computer program product of claim 9 , wherein the indication is a first indication, and wherein the program instructions are further executable by the processor to cause the processor to: receive, by the processor, a second indication associated with a current state of the endpoint device. 15 . The computer program product of claim 14 , wherein the second indication comprises non-compliance data representative of the endpoint device being determined to be non-compliant with the compliance rule. 16 . The computer program product of claim 9 , wherein the compliance data is first compliance data, and wherein the program instructions are further executable by the processor to cause the processor to: in response to the remediation, transmit to an entity device, by the processor, second compliance data comprising a command for prompting the endpoint device to be compliant with the compliance rule. 17 - 20 . (canceled) 21 . A computer program product that facilitates compliance control remediation, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to: based on compliance data, received from an entity, associated with a compliance rule of an endpoint device, scan, by the processor, the endpoint device for an indication of a violation of the compliance rule; in response to the indication of the violation, facilitate, by the processor, execution of a script associated with the violation at the endpoint device, resulting in a remediation associated with the violation at the endpoint device; and receive, by the processor, an exception request from the endpoint device, wherein the exception request is related to an exception to the compliance rule. 22 . The computer program product of claim 21 , wherein the program instructions are further executable by the processor to cause the processor to: in response to receiving the exception request from the endpoint device, approve, by the processor, the exception to the compliance rule for the endpoint device. 23 . A system, comprising: a memory that stores computer executable components; and a processor that executes the computer executable components stored in the memory, wherein the computer executable components comprise: an endpoint configuration component that: in response to a determination that an application is being executed on an endpoint device, configures a script associated with a dynamic wrapper, resulting in a configured script; and based on an indication that the application is associated with the configured script, invokes the dynamic wrapper to apply a rule against the configured script. 24 . The system of claim 23 , wherein the computer executable components further comprise: a display component that displays an attribute associated with the dynamic wrapper to prompt a customization of the endpoint device. 25 . The system of claim 23 , wherein the endpoint configuration component associates a value with an attribute of the dynamic wrapper to determine a configuration for the endpoint device.
Assignees
Inventors
Classifications
- H04L63/0263Primary
Rule management · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
- G06F9/30003Primary
Arrangements for executing specific machine instructions · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2019075081A1 cover?
- Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide …
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0263. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Mar 07 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).