System and Method for Management of Vulnerability Assessment

US 20120174230A1
Filed: 01/04/2011
Published: 07/05/2012
Est. Priority Date: 01/04/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a network interface operable to;

receive application data;

receive assessment information from an assessor related to an assessment of the application, the assessment indentifying at least one vulnerability;

receive one or more remediation tasks associated with the assessment, the one or more remediation tasks designed to remedy the at least one vulnerability;

receive an indication of performance of a remediation task of the one or more remediation tasks;

receive an indication of whether the remediation task remedied the at least one vulnerability;

communicate the information regarding the assessment to a remediator; and

communicate an indication that a remediation task has been completed based at least in part on the indication of performance of the remediation task; and

a processor coupled to the network interface, the processor operable to determine that an application is in scope for vulnerability assessment based at least in part on the application data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for an optimization of fulfillment workflow is disclosed. In accordance with embodiments of the present disclosure, a method may include: (i) receiving application data; (ii) determining that an application in scope for vulnerability assessment based at least in part on the application data; (iii) receiving assessment information from an assessor related to an assessment of the application, the assessment indentifying at least one vulnerability; (iv) communicating the information regarding the assessment to a remediator; (v) receiving one or more remediation tasks associated with the assessment, the one or more remediation tasks designed to remedy the at least one vulnerability; (vi) receiving an indication of performance of a remediation task of the one or more remediation tasks; (vii) communicating an indication that a remediation task has been completed based at least in part on the indication of performance of the remediation task; and (viii) receiving an indication of whether the remediation task remedied the at least one vulnerability.

29 Citations

View as Search Results

15 Claims

1. An apparatus, comprising:
- a network interface operable to;
  
  receive application data;
  
  receive assessment information from an assessor related to an assessment of the application, the assessment indentifying at least one vulnerability;
  
  receive one or more remediation tasks associated with the assessment, the one or more remediation tasks designed to remedy the at least one vulnerability;
  
  receive an indication of performance of a remediation task of the one or more remediation tasks;
  
  receive an indication of whether the remediation task remedied the at least one vulnerability;
  
  communicate the information regarding the assessment to a remediator; and
  
  communicate an indication that a remediation task has been completed based at least in part on the indication of performance of the remediation task; and
  
  a processor coupled to the network interface, the processor operable to determine that an application is in scope for vulnerability assessment based at least in part on the application data.
- View Dependent Claims (2, 3, 4, 5)
- - 2. An apparatus according to claim 1, the network interface further operable to:
    - communicate the information regarding the assessment to a reviewer;
      
      receive review information from the reviewer related to a review of the assessment; and
      
      communicate the information regarding the assessment to a remediator.
  - 3. An apparatus according to claim 1, further comprising the processor operable to generate a display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks.
  - 4. An apparatus according to claim 3, wherein generating the display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks includes indicating, as part of the display, whether each of the one or more remediation tasks is complete.
  - 5. An apparatus according to claim 3, wherein generating a display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks includes indicating, as part of the display, whether the remediation task remedied the at least one vulnerability.

6. A tangible computer readable medium comprising logic, the logic operable, when executed on a processor, to:
- receive application data;
  
  determine that an application in scope for vulnerability assessment based at least in part on the application data;
  
  receive assessment information from an assessor related to an assessment of the application, the assessment indentifying at least one vulnerability;
  
  communicate the information regarding the assessment to a remediator;
  
  receive one or more remediation tasks associated with the assessment, the one or more remediation tasks designed to remedy the at least one vulnerability;
  
  receive an indication of performance of a remediation task of the one or more remediation tasks;
  
  communicate an indication that a remediation task has been completed based at least in part on the indication of performance of the remediation task; and
  
  receive an indication of whether the remediation task remedied the at least one vulnerability.
- View Dependent Claims (7, 8, 9, 10)
- - 7. A tangible computer-readable medium according to claim 6, further comprising the logic further operable to:
    - communicate the information regarding the assessment to a reviewer;
      
      receive review information from the reviewer related to a review of the assessment; and
      
      communicate the information regarding the assessment to a remediator.
  - 8. A tangible computer-readable medium according to claim 6, further comprising the logic further operable to generate a display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks.
  - 9. A tangible computer-readable medium according to claim 8, wherein generating the display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks includes indicating, as part of the display, whether each of the one or more remediation tasks is complete.
  - 10. A tangible computer-readable medium according to claim 8, wherein generating a display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks includes indicating, as part of the display, whether the remediation task remedied the at least one vulnerability.

11. A method, comprising:
- receiving application data;
  
  determining that an application in scope for vulnerability assessment based at least in part on the application data;
  
  receiving assessment information from an assessor related to an assessment of the application, the assessment indentifying at least one vulnerability;
  
  communicating the information regarding the assessment to a remediator;
  
  receiving one or more remediation tasks associated with the assessment, the one or more remediation tasks designed to remedy the at least one vulnerability;
  
  receiving an indication of performance of a remediation task of the one or more remediation tasks;
  
  communicating an indication that a remediation task has been completed based at least in part on the indication of performance of the remediation task; and
  
  receiving an indication of whether the remediation task remedied the at least one vulnerability.
- View Dependent Claims (12, 13, 14, 15)
- - 12. A method according to claim 11, further comprising:
    - communicating the information regarding the assessment to a reviewer;
      
      receiving review information from the reviewer related to a review of the assessment; and
      
      communicating the information regarding the assessment to a remediator.
  - 13. A method according to claim 11, further comprising generating a display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks.
  - 14. A method according to claim 13, wherein generating the display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks includes indicating, as part of the display, whether each of the one or more remediation tasks is complete.
  - 15. A method according to claim 13, wherein generating a display including a listing of the one or more remediation tasks and a status associated with each of the one or more remediation tasks includes indicating, as part of the display, whether the remediation task remedied the at least one vulnerability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Hoyt, Travis E.

Granted Patent

US 8,590,047 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06Q 10/06 Resources, workflows, human...

System and Method for Management of Vulnerability Assessment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Management of Vulnerability Assessment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links