Security vulnerability information aggregation
First Claim
1. An apparatus comprising:
- an interface for receiving from a plurality of sources vulnerability information associated with a particular security vulnerbility; and
an aggregator, operatively coupled to the interface, for receiving the vulnerability information through the interface, and for aggregating the vulnerability information received from the plurality of sources into a unified vulnerability definition associated with the security vulnerability.
6 Assignments
0 Petitions
Accused Products
Abstract
Security vulnerability information aggregation techniques are disclosed. Vulnerability information associated with one or more security vulnerabilities is obtained from multiple sources and aggregated into respective unified vulnerability definitions for the one or more security vulnerabilities. Aggregation may involve format conversion, content aggregation, or both in some embodiments. Unified vulnerability definitions may be distributed to vulnerability information consumers in accordance with consumer-specific policies. Storage of vulnerability information received from the sources may allow the aggregation process to be performed on existing vulnerability information “retro-actively”. Related data structures and Graphical User Interfaces (GUIs) are also disclosed.
-
Citations
23 Claims
-
1. An apparatus comprising:
-
an interface for receiving from a plurality of sources vulnerability information associated with a particular security vulnerbility; and
an aggregator, operatively coupled to the interface, for receiving the vulnerability information through the interface, and for aggregating the vulnerability information received from the plurality of sources into a unified vulnerability definition associated with the security vulnerability. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
obtained from a plurality of sources vulnerability information associated with a particular security vulnerability; and
aggregating the vulnerability information obtained from the plurality of sources into a unified vulnerability definition associated with the security vulnerability. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
- 21. A Graphical User Interface (GUI) comprising a representation of a unified vulnerability definition associated with a particular security vulnerability, the unified vulnerability definition comprising aggregated vulnerability information determined on the basis of vulnerability information obtained from a plurality of sources.
-
23. A machine-readable medium storing a data structure, the data structure comprising:
a unified vulnerability definition associated with a particular security vulnerability, the unified vulnerability definition comprising aggregated vulnerability information determined on the basis of vulnerability information obtained from a plurality of sources.
Specification