ENTERPRISE VULNERABILITY MANAGEMENT
First Claim
1. A computer-implemented method for managing vulnerability of information technology assets of an enterprise, said method comprising:
- executing computer software code on at least one computer hardware platform, the software code enabling the at least one hardware platform to perform the steps of;
receiving login information from a user;
inventorying current information technology assets of the enterprise;
conducting vulnerability scanning of the inventoried information technology assets;
analyzing vulnerability correlation and prioritization of the information technology assets, wherein said analyzing includes generating one or more vulnerability scores;
remediating one or more vulnerabilities of the information technology assets; and
reporting to the user about the vulnerabilities and remediation undertaken.
7 Assignments
0 Petitions
Accused Products
Abstract
An enterprise vulnerability management application (EVMA), enterprise vulnerability management process (EVMP) and system. In one embodiment, the EVMP may include executing computer software code on at least one computer hardware platform to receive login information from a user, inventory current information technology assets of the enterprise, conduct vulnerability scanning of the inventoried information technology assets, analyze vulnerability correlation and prioritization of the information technology assets, remediate one or more vulnerabilities of the information technology assets, and report to the user about the vulnerabilities and remediation undertaken. As part of the analysis, one or more vulnerability scores such as, for example, Common Vulnerability Scoring System (CVSS) scores, may be generated from base score metrics, temporal score metrics and environment score metrics.
-
Citations
21 Claims
-
1. A computer-implemented method for managing vulnerability of information technology assets of an enterprise, said method comprising:
executing computer software code on at least one computer hardware platform, the software code enabling the at least one hardware platform to perform the steps of; receiving login information from a user; inventorying current information technology assets of the enterprise; conducting vulnerability scanning of the inventoried information technology assets; analyzing vulnerability correlation and prioritization of the information technology assets, wherein said analyzing includes generating one or more vulnerability scores; remediating one or more vulnerabilities of the information technology assets; and reporting to the user about the vulnerabilities and remediation undertaken. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. An enterprise vulnerability management system comprising:
-
a processing module; and a memory module logically connected to the processing module and comprising a set of computer readable instructions executable by the processing module to; receive login information from a user; inventory current information technology assets of the enterprise; conduct vulnerability scanning of the inventoried information technology assets; analyze vulnerability correlation and prioritization of the information technology assets, wherein one or more vulnerability scores are generated; remediate one or more vulnerabilities of the information technology assets; and report to the user about the vulnerabilities and remediation undertaken. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for generating a vulnerability score associated with an information technology assets of an enterprise, said method comprising:
-
collecting results of at least one vulnerability assessment conducted on the information technology assets by at least one vendor tool; analyzing each result for base score metrics; analyzing each result for temporal score metrics; analyzing each result for environment score metrics; generating a CVSS score for each result based on the base score metrics, temporal score metrics and environment score metrics for each result. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification