| 主权项 |
1. A vulnerability countermeasure device for taking countermeasures against the vulnerability of a system configured of a plurality of computers connected via a network, the vulnerability countermeasure device comprising:
a storage unit which stores configuration information associating each of the computers with a piece of software possessed thereby, vulnerability information associating the software with information related to the vulnerability of the software, and countermeasure policy information associating the software with a countermeasure policy to be executed if there is a vulnerability in the software; an assessment unit which receives data transmitted by a used terminal on the system, calculates the computer that the data will reach on the basis of information related to a route of the data included in the received data, acquires the software residing in the computer based on the calculated computer and on the configuration information, and assesses whether there is a vulnerability in the acquired software, and a countermeasure unit which, if the assessment unit assesses that there is a vulnerability in the software, executes countermeasures on the software assessed to be vulnerable against the vulnerability in accordance with the countermeasure policy stored in the countermeasure policy information. |
