Security risk response impact analysis
First Claim
Patent Images
1. A computer-implemented method, comprising:
- accessing security data describing a security risk present in a software module that is executable on one or more host devices, the security risk including at least one of;
an unauthorized use of the software module;
ora vulnerability that enables the unauthorized use of the software module;
accessing deployment data indicating the one or more host devices to which the software module is deployed;
accessing value data describing revenue that is at least partly generated through execution of the software module on the one or more host devices;
accessing risk data describing a loss that is at least partly generated by a presence of the security risk in the software module deployed on the one or more host devices;
accessing rule data describing response profiles associated with the security risk, individual ones of the response profiles include multiple actions arranged into a tree structure with branching dependencies to respond to the security risk;
for the individual ones of the response profiles, determining a financial impact of performing the one or more actions, the financial impact including;
a change in the revenue due to performing the one or more actions included in the response profiles; and
a change in the loss due to performing the one or more actions included in the response profiles; and
causing, via a user interface, response recommendation information to be presented, wherein the response recommendation information describes, for the individual ones of the response profiles;
the one or more actions to respond to the security risk;
the change in the revenue due to performing the one or more actions; and
the change in the loss due to performing the one or more actions.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are described for generating response recommendation information that describes one or more response profiles, each including one or more actions that may be performed to respond to a security risk present in a deployed software module. The response recommendation information may quantify, for each response profile, a cost and a benefit due to the performance of the action(s) included in the response profile. The cost may include lost revenues or other value lost due to the action(s). The benefit may include a mitigation of the security risk.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
accessing security data describing a security risk present in a software module that is executable on one or more host devices, the security risk including at least one of; an unauthorized use of the software module;
ora vulnerability that enables the unauthorized use of the software module; accessing deployment data indicating the one or more host devices to which the software module is deployed; accessing value data describing revenue that is at least partly generated through execution of the software module on the one or more host devices; accessing risk data describing a loss that is at least partly generated by a presence of the security risk in the software module deployed on the one or more host devices; accessing rule data describing response profiles associated with the security risk, individual ones of the response profiles include multiple actions arranged into a tree structure with branching dependencies to respond to the security risk; for the individual ones of the response profiles, determining a financial impact of performing the one or more actions, the financial impact including; a change in the revenue due to performing the one or more actions included in the response profiles; and a change in the loss due to performing the one or more actions included in the response profiles; and causing, via a user interface, response recommendation information to be presented, wherein the response recommendation information describes, for the individual ones of the response profiles; the one or more actions to respond to the security risk; the change in the revenue due to performing the one or more actions; and the change in the loss due to performing the one or more actions. - View Dependent Claims (2, 3, 4)
-
-
5. A system, comprising:
at least one computing device configured to implement one or more services, wherein the one or more services are configured to; based on an indication of a security risk present in a software module, access deployment data indicating one or more host devices to which the software module is deployed; access value data describing a first monetary value that is at least partly generated through execution of the software module on the one or more host devices; access risk data describing a second monetary value that is at least partly generated by a presence of the security risk in the software module deployed on the one or more host devices; determine response profiles including a time order in which one or more actions to respond to the security risk are to be performed; for individual ones of the response profiles, determine; a change in the first monetary value due to performing the one or more actions included in the response profiles; and a change in the second monetary value due to performing the one or more actions included in the response profiles; and cause response recommendation information to be presented, wherein the response recommendation information describes, for the individual ones of the response profiles; the change in the first monetary value; and the change in the second monetary value. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
15. One or more non-transitory computer-readable media storing instructions which, when executed by at least one processor, instruct the at least one processor to perform actions comprising:
-
accessing deployment data indicating one or more host devices to which a software module is deployed, the software module including a security risk; accessing value data describing a first monetary value that is at least partly generated through execution of the software module on the one or more host devices; accessing risk data describing a second monetary value that is at least partly generated by a presence of the security risk in the software module deployed on the one or more host devices; determining response profiles including one or more actions in a time order to respond to the security risk; for individual ones of the response profiles, determining; a change in the first monetary value due to performing the one or more actions included in the response profiles; and a change in the second monetary value due to performing the one or more actions included in the response profiles; and causing response recommendation information to be presented, wherein the response recommendation information describes, for the individual ones of the response profiles; the change in the first monetary value; and the change in the second monetary value. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification