1
Christopher W Klaus: Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system. Internet Security Systems, Morris Manning & Martin L, April 6, 1999: US05892903 (438 worldwide citation)

A system and method is disclosed for detecting security vulnerabilities in a computer network. The system includes an IP spoofing attack detector, a stealth port service map generator, a source port verifier, source routing verifier, an RPC service detector and a Socks configuration verifier. Each o ...


2
Peter A J van der Made: Computer immune system and method for detecting unwanted code in a computer system. Internet Security Systems, King & Spalding, August 15, 2006: US07093239 (301 worldwide citation)

An automated analysis system detects malicious code within a computer system by generating and subsequently analyzing a behavior pattern for each computer program introduced to the computer system. Generation of the behavior pattern is accomplished by a virtual machine invoked within the computer sy ...


3
Patrick Taylor, Scott Mewett, Philip C Brass, Theodore R Doty: Vulnerability assessment and authentication of a computer by a local scanner. Internet Security Systems, King & Spalding, February 13, 2007: US07178166 (261 worldwide citation)

Providing a user with assurance that a computer is secure based on a vulnerability assessment completed by a browser-compatible scanner operating on the computer. If the scanner finds a vulnerability, the scanner can inform the user that the machine is or may be compromised, or repair the vulnerabil ...


4
Robert David Graham, Peter Kavaler: System and method for preventing network misuse. Internet Security Systems, King & Spalding, June 26, 2007: US07237264 (131 worldwide citation)

A system and method for preventing misuse conditions on a data network are described. Embodiments of the system and method evaluate potential network misuse signatures by analyzing variables such as the state of the network and/or target, the context in which the potential misuse signatures are dete ...


5
Timothy P Farley, John M Hammer, Bryan Douglas Williams, Philip Charles Brass, George C Young, Derek John Mezack: Method and system for managing computer security information. Internet Security Systems, King & Spalding, August 8, 2006: US07089428 (119 worldwide citation)

A security management system includes a fusion engine which “fuses” or assembles information from multiple data sources and analyzes this information in order to detect relationships between raw events that may indicate malicious behavior and to provide an organized presentation of information to co ...


6
Curtis E Ide, Philip C Brass, Theodore R Doty: Method and apparatus for network assessment and authentication. Internet Security Systems, King & Spalding, January 9, 2007: US07162649 (62 worldwide citation)

Providing a user with assurance that a networked computer is secure, typically before completion of the log-in operation. This can be accomplished by extending the local log-in process to perform a host assessment of the workstation prior to requesting the user's credentials. If the assessment finds ...


7
Timothy D Dodd, Scott Mewett, Curtis E Ide, Kevin A Overcash, David A Dennerline, Bobby J Williams, Martin D Sells: Method and system for identifying, fixing, and updating security vulnerabilities. Internet Security Systems, King & Spalding, June 14, 2005: US06907531 (41 worldwide citation)

A method and system identifies, fixes, and updates security vulnerabilities in a host computer or host computers. The present invention can communicate between a scanner with plug-in capability, an operating system, and an express update package. The architectural set-up can allow exploits within th ...


8
Timothy P Farley, John M Hammer, Bryan Douglas Williams, Philip Charles Brass, George C Young, Derek John Mezack: Method and System for Managing Computer Security Information. Internet Security Systems, Steven, Wigmore, June 20, 2002: US20020078381-A1 (1 worldwide citation)

Abstract of Disclosure A security management system includes a fusion engine which "fuses" or assembles information from multiple data sources and analyzes this information in order to detect relationships between raw events that may indicate malicious behavior and to provide an organized presentati ...


9
Farley Timothy P, Hammer John M, Williams Bryan Douglas, Brass Philip Charles, Young George C, Mezack Derek John: Method and system for managing computer security information. Internet Security Systems, January 22, 2003: EP1277326-A2

A security management system includes a fusion engine which "fuses" or assembles information from multiple data sources and analyzes this information in order to detect relationships between raw events that may indicate malicious behavior and to provide an organized presentation of information to co ...


10
Ide Curtis E, Brass Philip C, Doty Theodore R: Method and apparatus for network assessment and authentication. Internet Security Systems, May 21, 2003: EP1311921-A2

Providing a user with assurance that a networked computer is secure, typically before completion of the log-in operation. This can be accomplished by extending the local log-in process to perform a host assessment of the workstation prior to requesting the user's credentials. If the assessment finds ...