AUTOMATED SAFETY ASSESSMENT OF BUSINESS-CRITICAL COMPUTER SYSTEMS AND RESOURCES

摘要

FIELD: physics, computer engineering.;SUBSTANCE: invention relates to security of computer systems. Method of assessment of target computing environment security configuration include: a) scanning of identified IP-addresses and ports; b) dactyloscopic recording from detected open ports to detect services that were through; c) "fingerprinting" - determination of activity of said target environment; d) appealing to modules base and performing at least one of these modules which are designed to find vulnerabilities in the security system, available through IP-address and ports; in this case, at least one said module is executed based on its configuration; said target computer environment is used for business-critical applications execution, wherein at least one of said modules performs a method comprising: cc-1) recipients table search for remote function calls and other interfaces for application services associated with said targeted environment; cc-2) search of journal files with applications for said targeted environment; cc-3) determining of connections between different systems related to said targeted environment based on found recipients tables and journal files; cc-4) graphic display of determined connections; cc-5) provision of formed grafic display of determined connections to a user.;EFFECT: invention provides effective computer systems security.;9 cl, 4 dwg