SYSTEM AND METHOD FOR NETWORK-BASED ASSET OPERATIONAL DEPENDENCE SCORING
First Claim
1. A method comprising:
- identifying an asset with at least one vulnerability risk;
identifying at least one service running on at least one port on the asset;
identifying at least one connection to the at least one port;
calculating an operational dependence role of the asset as a function of the at least one service and the at least one connection; and
modifying the vulnerability risk based on the operational dependence role.
10 Assignments
0 Petitions
Accused Products
Abstract
A system and method in one embodiment includes modules for identifying an asset with a vulnerability risk, identifying a service running on a port on the asset, identifying a connection to the port, calculating an operational dependence role of the asset as a function of the service and the connection, and modifying the vulnerability risk based on the operational dependence role. Other embodiments include identifying a protocol of a data packet at the port, classifying the protocol into a protocol category with a protocol importance score, calculating a connection average for the asset, classifying the connection average into a connection category with a connection score, and calculating a service dependence score. Other embodiments include calculating a host dependence score, assigning a data importance score to data communicated by the asset, and calculating the operational dependence role as a function of the host dependence score and data importance score.
-
Citations
20 Claims
-
1. A method comprising:
-
identifying an asset with at least one vulnerability risk; identifying at least one service running on at least one port on the asset; identifying at least one connection to the at least one port; calculating an operational dependence role of the asset as a function of the at least one service and the at least one connection; and modifying the vulnerability risk based on the operational dependence role. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
identifying an asset with at least one vulnerability risk; identifying at least one service running on at least one port on the asset; identifying at least one connection to the at least one port; calculating an operational dependence role of the asset as a function of the at least one service and the at least one connection; and modifying the vulnerability risk based on the operational dependence role. - View Dependent Claims (11, 12, 13, 14)
-
-
15. An apparatus comprising:
-
a memory element configured to store data; and a computing processor operable to execute instructions associated with the data, including; identifying an asset with at least one vulnerability risk; identifying at least one service running on at least one port on the asset; identifying at least one connection to the at least one port; calculating an operational dependence role of the asset as a function of the at least one service and the at least one connection; and modifying the vulnerability risk based on the operational dependence role. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification