| CPC G06F 21/552 (2013.01) [G06F 21/6245 (2013.01); G06F 2221/034 (2013.01)] | 13 Claims |
|
1. A system for automatically monitoring efficacy of security controls relating to access control in a computer network, comprising:
a probe engine configurable with at least one set of rules relating to access permissions to data in said computer network;
at least one security probe forming part of said probe engine and operative to automatically:
place, at at least one storage location within said computer network, simulated data corresponding to said data in said computer network, said simulated data having associated therewith access permissions defining allowed access to said simulated data, said access permissions associated with said simulated data being non-compliant with said at least one set of rules; and
attempt to access said simulated data following the placement thereof, using access privileges satisfying said non-compliant access permissions associated with said simulated data, but not satisfying said at least one set of rules, and
a security monitoring and reporting module operative to provide a user sensible output indicating at least whether said attempt to access said simulated data was successful and, responsive to said attempt to access said simulated data being successful, reporting mitigating activities by said security controls in response to said successful attempt.
|