Methods and systems for ranking, filtering and patching detected vulnerabilities in a networked system

US 10,257,217 B2
Filed: 01/05/2018
Issued: 04/09/2019
Est. Priority Date: 10/31/2016
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a processor; and

a memory storing computer-executable instructions that implement a polarizing filter engine and a visual engine;

the polarizing filter engine configured to;

receive, from a backend system including one or more computer servers and monitoring a computer network system, a data block including parameters indicative of cyber security states or operation states of a plurality of assets of the computer network system for display on a display device associated with the system; and

compute, for each visual mode of a plurality of visual modes, using the received data block, corresponding graphical parameters of a graphical representation, associated with that visual mode, of cyber security or operation parameters of the plurality of assets of the computer network system; and

a visualization engine configured to;

display a visual representation of cyber security or operation parameters of the plurality of assets of the computer network system, associated with a visual mode of the plurality of visual modes, using the corresponding graphical parameters;

provide a first set of visual filters, common to the plurality of visual modes, for filtering data of the received data block associated with the displayed visual representation; and

provide a second set of visual filters specific to the visual mode, for filtering the data of the received data block associated with the displayed visual.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for determining priority levels to process vulnerabilities associated with a networked computer system can include a data collection engine receiving a plurality of specification profiles, each defining one or more specification variables of the networked computer system or a respective asset. The data collection engine can receive, from a vulnerability scanner, vulnerability data indicative of a vulnerability associated with the networked computer system. A profiling engine can interrogate a computing device of the networked computer system, and receive one or more respective profiling parameters from that computing device. A ranking engine can compute a priority ranking value of the computing device based on the profile specification variables, the vulnerability data and the profiling parameters. The priority ranking value associated with the computing device can be indicative of a priority level, compared to other computing devices of the computer network, for patching a vulnerability affecting that computing device.

Citations

23 Claims

1. A system comprising:
- a processor; and
  
  a memory storing computer-executable instructions that implement a polarizing filter engine and a visual engine;
  
  the polarizing filter engine configured to;
  
  receive, from a backend system including one or more computer servers and monitoring a computer network system, a data block including parameters indicative of cyber security states or operation states of a plurality of assets of the computer network system for display on a display device associated with the system; and
  
  compute, for each visual mode of a plurality of visual modes, using the received data block, corresponding graphical parameters of a graphical representation, associated with that visual mode, of cyber security or operation parameters of the plurality of assets of the computer network system; and
  
  a visualization engine configured to;
  
  display a visual representation of cyber security or operation parameters of the plurality of assets of the computer network system, associated with a visual mode of the plurality of visual modes, using the corresponding graphical parameters;
  
  provide a first set of visual filters, common to the plurality of visual modes, for filtering data of the received data block associated with the displayed visual representation; and
  
  provide a second set of visual filters specific to the visual mode, for filtering the data of the received data block associated with the displayed visual.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein the data of the received data block associated with the displayed visual representation includes vulnerability data for the plurality of assets.
  - 3. The system of claim 1, wherein each graphical representation associated with a corresponding visual mode includes a graphical object including a respective plurality of graphical elements, each graphical element associated with a corresponding asset of the plurality of assets of the computer network system.
  - 4. The system of claim 3, wherein for each graphical element of a graphical object associated with a corresponding visual mode, a color of the graphical element represents:
    - a severity level of a vulnerability affecting the asset associated with the graphical element;
      
      a number of vulnerabilities affecting the asset associated with the graphical element;
      
      a vulnerability classification of a vulnerability affecting the asset associated with the graphical element;
      
      an asset category of the asset associated with the graphical element;
      
      oran asset ranking value of the asset associated with the graphical element.
  - 5. The system of claim 3, wherein the visual engine is further configured to:
    - display additional cyber security or operation information specific to an asset of the plurality of assets upon user interaction with a graphical element, associated with the asset, of a displayed graphical object.
  - 6. The system of claim 1, wherein the polarizing filter engine is further configured to:
    - transmit indications of user interactions with the displayed graphical representation to the backend system, the backend system determining additional data for sending to the system based on the indications of the user interactions.
  - 7. The system of claim 1, wherein the plurality of visual modes include a grid visual mode, and the graphical representation of cyber security or operation parameters of the plurality of assets associated with the grid visual mode includes an array of graphical cells, each graphical cell associated with a corresponding asset of the plurality of assets.
  - 8. The system of claim 1, wherein the plurality of visual modes include a spherical visual mode, and the graphical representation of cyber security or operation parameters of the plurality of assets associated with the spherical visual mode includes a hollow disc graphical object including a plurality of segments, each segment associated with a corresponding asset of the plurality of assets.
  - 9. The system of claim 8, wherein the visual engine is further configured to:
    - display, upon selection of a segment of the plurality of segments, curved lines connecting the selected segment to one or more other segments of the hollow disc graphical object, the curved lines representing inter dependencies or communication links between the asset associated with the selected segment and one or more assets associated with the one or more other segments.
  - 10. The system of claim 1, wherein the plurality of visual modes include a nodes visual mode, and the graphical representation of cyber security or operation parameters of the plurality of assets associated with the nodes visual mode includes a plurality of nodes arranged into a plurality of dynamic clusters, each node associated with a respective asset of the plurality of assets.
  - 11. The system of claim 10, wherein the visual engine is further configured to display edges connecting pairs of nodes, each edge representing interdependency or a communication link between a pair of assets associated with a corresponding pair of nodes.

12. A method comprising:
- receiving, by a computing device, from a backend system including one or more computer servers and monitoring a computer network system, a data block including parameters indicative of cyber security states or operation states of a plurality of assets of the computer network system for display on a display device associated with the computing device;
  
  computing, by the computing device, for each visual mode of a plurality of visual modes, using the received data block, corresponding graphical parameters of a graphical representation, associated with that visual mode, of cyber security or operation parameters of the plurality of assets of the computer network system;
  
  displaying, by the computing device, a visual representation of cyber security or operation parameters of the plurality of assets of the computer network system, associated with a visual mode of the plurality of visual modes, using the corresponding graphical parameters;
  
  providing, by the computing device, a first set of visual filters, common to the plurality of visual modes, for filtering data of the received data block associated with the displayed visual representation; and
  
  providing, by the computing device, a second set of visual filters specific to the visual mode, for filtering the data of the received data block associated with the displayed visual.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12, wherein the data of the received data block associated with the displayed visual representation includes vulnerability data for the plurality of assets.
  - 14. The method of claim 12, wherein each graphical representation associated with a corresponding visual mode includes a graphical object including a respective plurality of graphical elements, each graphical element associated with a corresponding asset of the plurality of assets of the computer network system.
  - 15. The method of claim 14, wherein for each graphical element of a graphical object associated with a corresponding visual mode, a color of the graphical element represents:
    - a severity level of a vulnerability affecting the asset associated with the graphical element;
      
      a number of vulnerabilities affecting the asset associated with the graphical element;
      
      a vulnerability classification of a vulnerability affecting the asset associated with the graphical element;
      
      an asset category of the asset associated with the graphical element;
      
      oran asset ranking value of the asset associated with the graphical element.
  - 16. The method of claim 14 further comprising:
    - displaying additional cyber security or operation information specific to an asset of the plurality of assets upon user interaction with a graphical element, associated with the asset, of a displayed graphical object.
  - 17. The method of claim 12 further comprising:
    - transmitting indications of user interactions with the displayed graphical representation to the backend system, the backend system determining additional data for sending to the computing device based on the indications of the user interactions.
  - 18. The method of claim 12, wherein the plurality of visual modes include a grid visual mode, and the graphical representation of cyber security or operation parameters of the plurality of assets associated with the grid visual mode includes an array of graphical cells, each graphical cell associated with a corresponding asset of the plurality of assets.
  - 19. The method of claim 12, wherein the plurality of visual modes include a spherical visual mode, and the graphical representation of cyber security or operation parameters of the plurality of assets associated with the spherical visual mode includes a hollow disc graphical object including a plurality of segments, each segment associated with a corresponding asset of the plurality of assets.
  - 20. The method of claim 19 further comprising:
    - displaying, upon selection of a segment of the plurality of segments, curved lines connecting the selected segment to one or more other segments of the hollow disc graphical object, the curved lines representing inter dependencies or communication links between the asset associated with the selected segment and one or more assets associated with the one or more other segments.
  - 21. The method of claim 12, wherein the plurality of visual modes include a nodes visual mode, and the graphical representation of cyber security or operation parameters of the plurality of assets associated with the nodes visual mode includes a plurality of nodes arranged into a plurality of dynamic clusters, each node associated with a respective asset of the plurality of assets.
  - 22. The method of claim 21 further comprising displaying edges connecting pairs of nodes, each edge representing interdependency or a communication link between a pair of assets associated with a corresponding pair of nodes.

23. A non-transitory computer-readable medium comprising computer executable instructions stored thereon, the computer executable instructions when executed by a processor cause the processor to:
- receive, from a backend system including one or more computer servers and monitoring a computer network system, a data block including parameters indicative of cyber security states or operation states of a plurality of assets of the computer network system for display on a display device associated with the processor;
  
  compute, for each visual mode of a plurality of visual modes, using the received data block, corresponding graphical parameters of a graphical representation, associated with that visual mode, of cyber security or operation parameters of the plurality of assets of the computer network system;
  
  display a visual representation of cyber security or operation parameters of the plurality of assets of the computer network system, associated with a visual mode of the plurality of visual modes, using the corresponding graphical parameters;
  
  provide a first set of visual filters, common to the plurality of visual modes, for filtering data of the received data block associated with the displayed visual representation; and
  
  provide a second set of visual filters specific to the visual mode, for filtering the data of the received data block associated with the displayed visual.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Acentium Inc.
Original Assignee
Acentium Inc.
Inventors
Hamdi, Amine
Primary Examiner(s)
Paliwal, Yogesh

Application Number

US15/863,100
Publication Number

US 20180131715A1
Time in Patent Office

459 Days
Field of Search

726 25
US Class Current
CPC Class Codes

G06F 12/0868   Data transfer between cache...

G06F 12/0897   with two or more cache hier...

G06F 21/552   involving long-term monitor...

G06F 2212/263   Network storage, e.g. SAN o...

G06F 2212/264   Remote server

G06F 7/24   Sorting, i.e. extracting da...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

Methods and systems for ranking, filtering and patching detected vulnerabilities in a networked system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for ranking, filtering and patching detected vulnerabilities in a networked system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links