×

SYSTEMS FOR NETWORK RISK ASSESSMENT INCLUDING PROCESSING OF USER ACCESS RIGHTS ASSOCIATED WITH A NETWORK OF DEVICES

  • US 20170078322A1
  • Filed: 07/13/2016
  • Published: 03/16/2017
  • Est. Priority Date: 12/29/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method comprising:

  • by a computing device having one or more computer processors and a non-transitory computer readable storage device storing software instruction for execution by the one or more computer processors,accessing;

    network device information indicating one or more of;

    configuration information of network devices within a network, ora network topology indicating communication paths between network devices determined using, at least, monitored network traffic between the network devices; and

    user account information indicating;

    user access rights of respective user accounts, andone or more of;

    profile information of respective user accounts,user account rules enforced on the network, ornetwork actions associated with the user accounts;

    for each of the network devices and user accounts;

    determining a vulnerability indicating a likelihood of the network device or user account being compromised, the vulnerability based on values of a plurality of vulnerability metrics determined using network device information associated with the network device or user account information associated with the user account;

    determining an importance indicating a priority an attacker would place on compromising the network device or user account, the importance based on values of a plurality of importance metrics determined using network device information associated with the network device or user account information associated with the user account; and

    providing, for presentation, an interactive user interface comprising a visual representation of;

    at least some of the determined vulnerabilities for network devices and/or user accounts;

    at least some of the determined importances for network devices and/or user accounts,wherein the interactive user interface is operable to modify, in response to received input indicating a weighting for one or more network device, user account, vulnerability metric, or importance metric, the determined vulnerabilities and/or importances, included in the interactive user interface.

View all claims
  • 8 Assignments
Timeline View
Assignment View
    ×
    ×