SYSTEM AND METHOD FOR VULNERABILITY RISK ANALYSIS
First Claim
1. A method for analyzing risk, the method comprising:
- accessing, within an electronic system, host configuration information of a host;
querying a vulnerability database based on said host configuration information;
receiving a list of vulnerabilities, wherein said list of vulnerabilities corresponds to vulnerabilities of said host;
accessing a plurality of vulnerability scores;
determining a composite risk score for at least one of said host and each software product of said host based on said plurality of vulnerability scores, wherein said composite risk score measures at least in part a severity reflecting that an exploited vulnerability is needed by an attacker to compromise at least one of said host and a software product of said host;
determining an aggregate risk score for at least one of said host and each software product of said host based on said plurality of vulnerability scores, wherein said aggregate risk score measures at least in part a number of options available to said attacker for compromising at least one of said host and a software product of said host; and
reporting said composite risk score and said aggregate risk score.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention are directed to a method and system for automated risk analysis. The method includes accessing host configuration information of a host and querying a vulnerability database based on the host configuration information. The method further includes receiving a list of vulnerabilities and accessing a plurality of vulnerability scores. The list of vulnerabilities corresponds to vulnerabilities of the host. Vulnerabilities can be removed from the list based on checking for installed fixes corresponding to vulnerability. A composite risk score can then be determined for the host and each software product of the host based on the plurality of vulnerability scores. An aggregate risk score can then be determined for the host and each software product of the host based on the plurality of vulnerability scores.
-
Citations
20 Claims
-
1. A method for analyzing risk, the method comprising:
-
accessing, within an electronic system, host configuration information of a host; querying a vulnerability database based on said host configuration information; receiving a list of vulnerabilities, wherein said list of vulnerabilities corresponds to vulnerabilities of said host; accessing a plurality of vulnerability scores; determining a composite risk score for at least one of said host and each software product of said host based on said plurality of vulnerability scores, wherein said composite risk score measures at least in part a severity reflecting that an exploited vulnerability is needed by an attacker to compromise at least one of said host and a software product of said host; determining an aggregate risk score for at least one of said host and each software product of said host based on said plurality of vulnerability scores, wherein said aggregate risk score measures at least in part a number of options available to said attacker for compromising at least one of said host and a software product of said host; and reporting said composite risk score and said aggregate risk score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer readable storage medium having stored thereon, computer executable instructions that, if executed by a computer system cause the computer system to perform a method of risk analysis comprising:
-
accessing, within an electronic system, host configuration information of a host; querying a vulnerability database based on said host configuration information; receiving a list of vulnerabilities, wherein said list of vulnerabilities corresponds to vulnerabilities of said host; accessing a plurality of vulnerability scores; determining a composite risk score for at least one of said host and each software product of said host based on said plurality of vulnerability scores, wherein said composite risk score measures at least in part a severity reflecting that an exploited vulnerability is needed by an attacker to compromise at least one of said host and a software product of said host; determining an aggregate risk score for said host and each software product of said host based on said plurality of vulnerability scores, wherein said aggregate risk score measures at least in part a number of options available to said attacker for compromising at least one of said host and a software product of said host; and reporting said composite risk score and said aggregate risk score. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
a host configuration access module for accessing host configuration information; a vulnerability database query module for querying a vulnerability database; a fix database query module for querying a fix database; a composite risk determination module for determining and reporting a composite risk score based on data from said vulnerability database and based on data from said fix database, wherein said composite risk score measures at least in part a severity reflecting that an exploited vulnerability is needed by an attacker to compromise at least one of a host and a software product of said host; and an aggregate risk determination module for determining and reporting an aggregate risk score based on data from said vulnerability database and based on data from said fix database, wherein said aggregate risk score measures at least in part a number of options available to said attacker for compromising at least one of said host and a software product of said host. - View Dependent Claims (18, 19, 20)
-
Specification