SYSTEMS AND METHODS FOR PERFORMING RISK ANALYSIS
First Claim
Patent Images
1. A computer-implemented method, comprising:
- assigning values to each of a plurality of security-related vulnerabilities, each of the values being based on at least one of a function or location of a network element;
monitoring a first one of a plurality of network elements;
identifying at least one security-related vulnerability associated with the first network element; and
generating a risk indicator for the first network element based on an assigned value associated with the identified at least one security-related vulnerability.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for analyzing a network element may include assigning values to each of a plurality of vulnerabilities. The method may also include identifying a vulnerability associated with the network element and generating a risk indicator for the network element based on the assigned value associated with the identified vulnerability.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
assigning values to each of a plurality of security-related vulnerabilities, each of the values being based on at least one of a function or location of a network element; monitoring a first one of a plurality of network elements; identifying at least one security-related vulnerability associated with the first network element; and generating a risk indicator for the first network element based on an assigned value associated with the identified at least one security-related vulnerability. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system, comprising:
-
a memory configured to; store values associated with a plurality of security-related vulnerabilities, and store information representing exceptions to security rules; and a processing device configured to; receive information corresponding to at least one identified security-related vulnerability associated with a first network device, access the memory to determine a value associated with each of the at least one identified security-related vulnerability associated with the first network device, access the memory to determine whether an exception to a security rule exists with respect to any of the at least one identified security-related vulnerability associated with the first network device, and generate a risk indicator for the first network device based on the value associated with each of the at least one identified security-related vulnerability and whether an exception to a security rule exists with respect to any of the at least one identified security-related vulnerability. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification