SYSTEMS AND METHODS FOR PERFORMING RISK ANALYSIS

US 20110214183A1
Filed: 05/09/2011
Published: 09/01/2011
Est. Priority Date: 02/25/2005
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method, comprising:

assigning values to each of a plurality of security-related vulnerabilities, each of the values being based on at least one of a function or location of a network element;

monitoring a first one of a plurality of network elements;

identifying at least one security-related vulnerability associated with the first network element; and

generating a risk indicator for the first network element based on an assigned value associated with the identified at least one security-related vulnerability.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for analyzing a network element may include assigning values to each of a plurality of vulnerabilities. The method may also include identifying a vulnerability associated with the network element and generating a risk indicator for the network element based on the assigned value associated with the identified vulnerability.

Citations

20 Claims

1. A computer-implemented method, comprising:
- assigning values to each of a plurality of security-related vulnerabilities, each of the values being based on at least one of a function or location of a network element;
  
  monitoring a first one of a plurality of network elements;
  
  identifying at least one security-related vulnerability associated with the first network element; and
  
  generating a risk indicator for the first network element based on an assigned value associated with the identified at least one security-related vulnerability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The computer-implemented method of claim 1, wherein the monitoring comprises:
    - scanning the first network element to identify security-related vulnerabilities, the security-related vulnerabilities representing potential points of attack.
  - 3. The computer-implemented method of claim 2, wherein the identifying at least one security-related vulnerability comprises:
    - identifying a plurality of security-related vulnerabilities, and wherein generating a risk indicator for the first network element comprises;
      
      performing a mathematical operation on values associated with each of the plurality of identified security-related vulnerabilities associated with the first network element.
  - 4. The computer-implemented method of claim 1, further comprising:
    - displaying the risk indicator at a user device.
  - 5. The computer-implemented method of claim 1, wherein the identifying at least one security-related vulnerability comprises at least one of:
    - identifying at least one open port associated with the first network element,determining that the first network element does not include a firewall or an intrusion detection system,determining that the first network element interfaces with a non-secured device, oridentifying that the first network element is under an attack.
  - 6. The computer-implemented method of claim 1, further comprising:
    - identifying a plurality of open ports on the plurality of network elements, wherein the assigning values comprises;
      
      assigning values to each identified open port based on a level of vulnerability associated with the corresponding network element on which the open port exists.
  - 7. The computer-implemented method of claim 1, further comprising:
    - monitoring the plurality of network elements;
      
      generating a risk indicator for each of the network elements, the risk indicator representing a relative risk level associated with the corresponding network element; and
      
      providing the risk indicator for each of the network elements to a user device for display.
  - 8. The computer-implemented method of claim 7, further comprising:
    - prioritizing risk associated with the plurality of network elements based on the risk indicators.
  - 9. The computer-implemented method of claim 1, further comprising:
    - determining whether action is required with respect to the first network element based on the risk indicator; and
      
      automatically performing a remedial action with respect to the first network element, in response to determining that action is required.
  - 10. The computer-implemented method of claim 9, further comprising:
    - generating, after performing the remedial action, a second risk indicator for the first network element; and
      
      determining, based on the second risk indicator, whether a security-related compliance has been achieved with respect to the first network element.
  - 11. The computer-implemented method of claim 9, wherein the automatically performing a remedial action comprises:
    - quarantining or preventing access to the first network element.
  - 12. The computer-implemented method of claim 1, wherein the risk indicator comprises a numerical score.
  - 13. The computer-implemented method of claim 1, wherein the generating a risk indicator comprises:
    - determining whether an exception to a security rule exists with respect to the identified at least one security-related vulnerability; and
      
      adjusting the risk indicator for the first network element in response to determining that an exception to a security rule exists with respect to the identified at least one security-related vulnerability.

14. A system, comprising:
- a memory configured to;
  
  store values associated with a plurality of security-related vulnerabilities, andstore information representing exceptions to security rules; and
  
  a processing device configured to;
  
  receive information corresponding to at least one identified security-related vulnerability associated with a first network device,access the memory to determine a value associated with each of the at least one identified security-related vulnerability associated with the first network device,access the memory to determine whether an exception to a security rule exists with respect to any of the at least one identified security-related vulnerability associated with the first network device, andgenerate a risk indicator for the first network device based on the value associated with each of the at least one identified security-related vulnerability and whether an exception to a security rule exists with respect to any of the at least one identified security-related vulnerability.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The system of claim 14, wherein the processing device is further configured to:
    - forward the risk indicator to a user device for display.
  - 16. The system of claim 14, wherein the processing device is further configured to:
    - provide an interface to a user device, the interface including options associated with monitoring a plurality of network devices,receive an input from the user device,identify a second network device in response to the input,generate a risk indicator associated with the second network device, andprovide the risk indicator for the second network device to the user device.
  - 17. The system of claim 14, wherein the values stored in the memory are based on at least one of a function or location associated with a network device.
  - 18. The system of claim 14, wherein the processing device is further configured to:
    - scan the first network device to identify whether any open ports exist on the first network device.
  - 19. The system of claim 14, wherein the processing logic is further configured to:
    - determine whether action is required with respect to the first network device based on the risk indicator; and
      
      automatically perform a remedial action with respect to the first network device, in response to determining that action is required.
  - 20. The system of claim 14, wherein the processing logic is further configured to at least one of:
    - transmit a message to a party responsible for monitoring the first network device, in response to determining that action is required, orstore information associated with the remedial action.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Business Global LLC (Verizon Communications Inc.)
Inventors
Fudge, Robert T.

Application Number

US13/103,307
Publication Number

US 20110214183A1
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 11/008   Reliability or availability...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

SYSTEMS AND METHODS FOR PERFORMING RISK ANALYSIS

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR PERFORMING RISK ANALYSIS

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links