Risk Meter For Vulnerable Computing Devices

US 20150237062A1
Filed: 02/14/2014
Published: 08/20/2015
Est. Priority Date: 02/14/2014
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

determining a first plurality of vulnerabilities of a first computing asset;

generating a first risk score for the first computing asset based on the first plurality of vulnerabilities and on one or more contextual factors;

wherein the one or more contextual factors include;

a number of available exploits for each vulnerability of the first plurality of vulnerabilities, wherein the number of available exploits includes a first number of available exploits for a first vulnerability and a second number of available exploits for a second vulnerability, wherein the first number of available exploits is different than the second number of available exploits, orone or more values that indicate a popularity of the first computing asset across one or more organizations that are different than an organization that owns the first computing asset;

wherein the method is performed by one or more computing devices.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.

44 Citations

View as Search Results

37 Claims

1. A method comprising:
- determining a first plurality of vulnerabilities of a first computing asset;
  
  generating a first risk score for the first computing asset based on the first plurality of vulnerabilities and on one or more contextual factors;
  
  wherein the one or more contextual factors include;
  
  a number of available exploits for each vulnerability of the first plurality of vulnerabilities, wherein the number of available exploits includes a first number of available exploits for a first vulnerability and a second number of available exploits for a second vulnerability, wherein the first number of available exploits is different than the second number of available exploits, orone or more values that indicate a popularity of the first computing asset across one or more organizations that are different than an organization that owns the first computing asset;
  
  wherein the method is performed by one or more computing devices.
- View Dependent Claims (2, 3, 5, 6, 22, 25, 26, 27, 28, 37)
- - 2. The method of claim 1, further comprising:
    - determining a second plurality of vulnerabilities of a second computing asset that is different than the first computing asset;
      
      generating, based on the first plurality of vulnerabilities and the second plurality of vulnerabilities, a second risk score for a set of computing assets that includes the first computing asset and the second computing asset.
  - 3. The method of claim 2, further comprising:
    - causing the second risk score to be displayed on a screen of a computing device;
      
      receiving input that selects the second risk score;
      
      in response to receiving the input that selects the second risk score, causing data that indicates each computing asset in the set of computing assets to be displayed on the screen of the computing device.
  - 5. The method of claim 1, wherein the first computing asset is one of a database, an operating system, an application, a desktop computer, a server, or source code.
  - 6. The method of claim 1, further comprising:
    - causing, to be displayed concurrently on a screen of a computing device, a plurality of risk scores, each of which is associated with a different computing asset or a different set of computing assets;
      
      wherein each computing asset or set of computing assets is associated with a different plurality of vulnerabilities.
  - 22. The method of claim 1, further comprising:
    - receiving one or more values that indicate an importance of the computing asset to the customer;
      
      wherein the one or more contextual factors includes the one or more values that indicate the importance of the computing asset to the customer.
  - 25. The method of claim 1, wherein the one or more contextual factors include a number of active breaches of each vulnerability of the first plurality of vulnerabilities, wherein the active breaches occurred to computing assets that are external to the network that includes the first computing asset.
  - 26. The method of claim 1, wherein the one or more contextual factors include the number of available exploits for each vulnerability of the first plurality of vulnerabilities.
  - 27. The method of claim 1, wherein the one or more contextual factors include the one or more values that indicate the popularity of the first computing asset across one or more industries.
  - 28. The method of claim 1, wherein the one or more contextual factors include the one or more values that indicate the difficulty of exploiting the particular vulnerability of the plurality of vulnerabilities.
  - 37. The method of claim 1, further comprising causing the first risk score to be displayed on a screen of a computing device.

4. A method comprising:
- determining a first plurality of vulnerabilities of a first computing asset;
  
  generating a first risk score for the first computing asset based on the first plurality of vulnerabilities;
  
  determining a second plurality of vulnerabilities of a second computing asset that is different than the first computing asset;
  
  determining to include the first computing asset and the second computing asset in a set of computing assets based on geographical location of the first and second computing assets, type of the first and second computing assets, or subnet of the first and second computing assets;
  
  generating, based on the first plurality of vulnerabilities and the second plurality of vulnerabilities, a second risk score for the set of computing assets that includes the first computing asset and the second computing asset;
  
  wherein the method is performed by one or more computing devices.
- View Dependent Claims (34, 35, 36)
- - 34. The method of claim 4, wherein determining to include the first computing asset and the second computing asset in the set of computing assets comprises determining to include the first computing asset and the second computing asset in the set of computing assets based on geographical location of the first and second computing assets.
  - 35. The method of claim 4, wherein determining to include the first computing asset and the second computing asset in the set of computing assets comprises determining to include the first computing asset and the second computing asset in the set of computing assets based on type of the first and second computing assets.
  - 36. The method of claim 4, wherein determining to include the first computing asset and the second computing asset in the set of computing assets comprises determining to include the first computing asset and the second computing asset in the set of computing assets based on subnet of the first and second computing assets.

7-18. -18. (canceled)

19. An apparatus comprising:
- one or more processors;
  
  one or more non-transitory computer-readable media storing instructions which, when executed by the one or more processors, cause;
  
  determining a first plurality of vulnerabilities of a first computing asset;
  
  generating a first risk score for the first computing asset based on the first plurality of vulnerabilities and on one or more contextual factors;
  
  wherein the one or more contextual factors include;
  
  a number of available exploits for each vulnerability of the first plurality of vulnerabilities, wherein the number of available exploits includes a first number of available exploits for a first vulnerability and a second number of available exploits for a second vulnerability, wherein the first number of available exploits is different than the second number of available exploits, orone or more values that indicate a popularity of the first computing asset across one or more organizations that are different than an organization that owns the first computing asset.
- View Dependent Claims (20, 24, 29, 30, 31, 32)
- - 20. The apparatus of claim 19, wherein the instructions, when executed by the one or more processors, further cause:
    - determining a second plurality of vulnerabilities of a second computing asset that is different than the first computing asset;
      
      generating, based on the first plurality of vulnerabilities and the second plurality of vulnerabilities, a second risk score for a set of computing assets that includes the first computing asset and the second computing asset.
  - 24. The apparatus of claim 19, wherein the instructions, when executed by the one or more processors, further cause:
    - receiving one or more values that indicate an importance of the computing asset to the customer;
      
      wherein the one or more contextual factors includes the one or more values that indicate the importance of the computing asset to the customer.
  - 29. The apparatus of claim 19, wherein the one or more contextual factors include a number of active breaches of each vulnerability of the first plurality of vulnerabilities, wherein the active breaches occurred to computing assets that are external to the network that includes the first computing asset.
  - 30. The apparatus of claim 19, wherein the one or more contextual factors include the number of available exploits for each vulnerability of the first plurality of vulnerabilities.
  - 31. The apparatus of claim 19, wherein the one or more contextual factors include the one or more values that indicate the popularity of the first computing asset across one or more industries.
  - 32. The apparatus of claim 19, wherein the one or more contextual factors include the one or more values that indicate the difficulty of exploiting the particular vulnerability of the plurality of vulnerabilities.

21. (canceled)

23. (canceled)

33. An apparatus comprising:
- one or more processors;
  
  one or more non-transitory computer-readable media storing instructions which, when executed by the one or more processors, cause;
  
  determining a first plurality of vulnerabilities of a first computing asset;
  
  generating a first risk score for the first computing asset based on the first plurality of vulnerabilities;
  
  determining a second plurality of vulnerabilities of a second computing asset that is different than the first computing asset;
  
  automatically determining to include the first computing asset and the second computing asset in a set of computing assets based on geographical location of the first and second computing assets, a type of first and second computing assets, or subnet of the first and second computing assets;
  
  generating, based on the first plurality of vulnerabilities and the second plurality of vulnerabilities, a second risk score for the set of computing assets that includes the first computing asset and the second computing asset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kenna Security, Inc. (Cisco Systems, Inc.), Risk I/O, Inc.
Original Assignee
Risk I/O, Inc.
Inventors
Roytman, Michael, Bellis, Edward T., Heuer, Jeffrey

Application Number

US14/181,352
Publication Number

US 20150237062A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

H04L 63/1433 Vulnerability analysis

Risk Meter For Vulnerable Computing Devices

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Risk Meter For Vulnerable Computing Devices

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links