Hierarchical risk assessment and remediation of threats in mobile networking environment
First Claim
Patent Images
1. A method, comprising:
- collecting or detecting vulnerability data from distributed sources, the vulnerability data including;
a first vulnerability data set from aspects of a mobile device, the mobile device being a first source of the distributed sources,a second vulnerability data set from communication between the mobile device and a server in a secure network, the server being a second source of the distributed sources, anda third set vulnerability data set from communication between the mobile device and a network service, the network service being a third source of the distributed sources, the collecting or detecting performed by a facility having a processor, a non-transitory computer-readable medium, and stored instructions translatable by the processor, the facility configured for enhancing security of mobile devices in a mobile networking environment;
centrally processing the vulnerability data in order of threat priority associated therewith, the processing performed by the facility, the processing comprising;
for each vulnerability event in the vulnerability data;
determining, from a plurality of vulnerability policies, a matching vulnerability policy that matches a respective vulnerability event in the vulnerability data and that contains a risk score;
extracting the risk score from the matching vulnerability policy;
based at least on the risk score extracted from the matching vulnerability policy, determining a best matching risk remediation policy for the respective vulnerability event in the vulnerability data; and
performing a remediation for the mobile device per the best matching risk remediation policy to remediate the respective vulnerability event in the vulnerability data; and
reporting, through a user interface of the facility, vulnerability events in the vulnerability data and associated remediations for the mobile device in the order of the threat priority.
10 Assignments
0 Petitions
Accused Products
Abstract
Mobile device security techniques are described. For a specific computing device, for each of a plurality of distinct security categories, a risk score is determined. The determined risk scores are aggregated to obtain an overall risk score.
-
Citations
27 Claims
-
1. A method, comprising:
-
collecting or detecting vulnerability data from distributed sources, the vulnerability data including; a first vulnerability data set from aspects of a mobile device, the mobile device being a first source of the distributed sources, a second vulnerability data set from communication between the mobile device and a server in a secure network, the server being a second source of the distributed sources, and a third set vulnerability data set from communication between the mobile device and a network service, the network service being a third source of the distributed sources, the collecting or detecting performed by a facility having a processor, a non-transitory computer-readable medium, and stored instructions translatable by the processor, the facility configured for enhancing security of mobile devices in a mobile networking environment; centrally processing the vulnerability data in order of threat priority associated therewith, the processing performed by the facility, the processing comprising; for each vulnerability event in the vulnerability data; determining, from a plurality of vulnerability policies, a matching vulnerability policy that matches a respective vulnerability event in the vulnerability data and that contains a risk score; extracting the risk score from the matching vulnerability policy; based at least on the risk score extracted from the matching vulnerability policy, determining a best matching risk remediation policy for the respective vulnerability event in the vulnerability data; and performing a remediation for the mobile device per the best matching risk remediation policy to remediate the respective vulnerability event in the vulnerability data; and reporting, through a user interface of the facility, vulnerability events in the vulnerability data and associated remediations for the mobile device in the order of the threat priority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a processor; a non-transitory computer-readable medium; and stored instructions translatable by the processor for; collecting or detecting vulnerability data from distributed sources, the vulnerability data including; a first vulnerability data set from aspects of a mobile device, the mobile device being a first source of the distributed sources, a second vulnerability data set from communication between the mobile device and a server in a secure network, the server being a second source of the distributed sources, and a third set vulnerability data set from communication between the mobile device and a network service, the network service being a third source of the distributed sources; centrally processing the vulnerability data in order of threat priority associated therewith, the processing comprising; for each vulnerability event in the vulnerability data; determining, from a plurality of vulnerability policies, a matching vulnerability policy that matches a respective vulnerability event in the vulnerability data and that contains a risk score; extracting the risk score from the matching vulnerability policy; based at least on the risk score extracted from the matching vulnerability policy, determining a best matching risk remediation policy for the respective vulnerability event in the vulnerability data; and performing a remediation for the mobile device per the best matching risk remediation policy to remediate the respective vulnerability event in the vulnerability data; and reporting, through a user interface, vulnerability events in the vulnerability data and associated remediations for the mobile device in the order of the threat priority. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product comprising a non-transitory computer-readable medium storing instructions translatable by a processor to perform:
-
collecting or detecting vulnerability data from distributed sources, the vulnerability data including; a first vulnerability data set from aspects of a mobile device, the mobile device being a first source of the distributed sources, a second vulnerability data set from communication between the mobile device and a server in a secure network, the server being a second source of the distributed sources, and a third set vulnerability data set from communication between the mobile device and a network service, the network service being a third source of the distributed sources; centrally processing the vulnerability data in order of threat priority associated therewith, the processing comprising; for each vulnerability event in the vulnerability data; determining, from a plurality of vulnerability policies, a matching vulnerability policy that matches a respective vulnerability event in the vulnerability data and that contains a risk score; extracting the risk score from the matching vulnerability policy; based at least on the risk score extracted from the matching vulnerability policy, determining a best matching risk remediation policy for the respective vulnerability event in the vulnerability data; and performing a remediation for the mobile device per the best matching risk remediation policy to remediate the respective vulnerability event in the vulnerability data; and reporting, through a user interface, vulnerability events in the vulnerability data and associated remediations for the mobile device in the order of the threat priority. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification