主权项 |
1. A computer program product embodied on a non-transitory computer readable medium, comprising:
code for identifying a plurality of aspects of at least one of a plurality of devices that are the bases for a plurality of weaknesses and applying a plurality of mitigation techniques that mitigate the weaknesses based on at least one data structure identifying the mitigation techniques that mitigate the weaknesses, where: each of at least a portion of the mitigation techniques has a mitigation type including at least one of an installation of software, a policy setting, or a configuration; said at least one data structure identifies:
a first mitigation technique that mitigates a first particular weakness by automatically installing software for at least mitigating the first particular weakness,a second mitigation technique that mitigates a second particular weakness by automatically affecting a service for at least mitigating the second particular weakness, anda third mitigation technique that mitigates a third particular weakness by automatically changing a configuration or policy setting for at least mitigating the third particular weakness; code for identifying at least one of a first aspect, a second aspect, or a third aspect of the at least one device that is a basis for at least one of the first particular weakness, the second particular weakness, or the third particular weakness; code for determining whether the at least one device is subject to at least one of the first particular weakness, the second particular weakness, or the third particular weakness, based on the at least one data structure and at least one of the first aspect, the second aspect, or the third aspect of the at least one device; code for conditionally applying at least one of the first mitigation technique, the second mitigation technique, or the third mitigation technique to the at least one device, based on the determination whether the at least one device is subject to the at least one of the first particular weakness, the second particular weakness, or the third particular weakness; and code for reporting to at least one server at least one of first information relating to the application of the first mitigation technique, second information relating to the application of the second mitigation technique, or third information relating to the application of the third mitigation technique; wherein the computer program product is operable such that the at least one first aspect of the at least one device includes at least one first operating system-related aspect associated with a framework that dictates how data is communicated, and the first mitigation technique is conditionally applied to the at least one device for at least mitigating the first particular weakness, based on the at least one first operating system-related aspect associated with the framework that dictates how data is communicated, and the computer program product is further operable such that the at least one second aspect of the at least one device includes at least one second operating system-related aspect associated with the framework that dictates how data is communicated, and the second mitigation technique is conditionally applied to the at least one device for at least mitigating the second particular weakness, based on the at least one second operating system-related aspect associated with the framework that dictates how data is communicated, and the computer program product is even further operable such that the at least one third aspect of the at least one device includes at least one third operating system-related aspect associated with the framework that dictates how data is communicated, and the third mitigation technique is conditionally applied to the at least one device for at least mitigating the third particular weakness, based on the at least one third operating system-related aspect associated with the framework that dictates how data is communicated. |