The present invention relates to network communication methods, systems and computer program products and, more particularly, to methods, systems and computer program products for evaluating security of computer network environments.
With an increased reliance on Internet and extranet communications, companies may be forced to allow public or semi-public access to their internal systems and networks, rendering these systems and networks susceptible to security breaches and policy violations. Accordingly, companies may increase investments in both their information technology (IT) and information security infrastructures in an attempt to balance security with connectivity. However, this balance may generate high volumes of data, making it difficult to identify all of the system attacks and exploits that occur on a regular basis. As a result of increased security data and limited resources, security breach detection may become a challenge for companies of all sizes.
Many IT companies have developed security management solutions to address the current need for security breach detection. For example, ArcSight of Sunnyvale, Calif., netForensics of Edison, N.J., Computer Associates International, Inc. of Islandia, N.Y., Symantec, of Cupertino, Calif., BindView of Houston, Tex. and Nessus all provide Security Management Solutions. ArcSight, netForesensics and Computer Associates may provide security management solutions that depict ongoing threats, i.e. intrusion activities, in realtime with respect to an asset, i.e. a router, switch and the like. Symantec, BindView and Nessus provide solutions that may provide an indicator of vulnerabilities for a given asset, for example, misconfigurations of the asset, and policy compliance of the asset. NetIQ Corporation of San Jose, Calif. provides a security management suite that uses both the threats to a particular asset and the vulnerabilities of the asset to provide security breach protection to the asset.