SYSTEMS FOR NETWORK RISK ASSESSMENT INCLUDING PROCESSING OF USER ACCESS RIGHTS ASSOCIATED WITH A NETWORK OF DEVICES
First Claim
1. A computerized method comprising:
- by a computing device having one or more computer processors and a non-transitory computer readable storage device storing software instruction for execution by the one or more computer processors,accessing;
network device information indicating one or more of;
configuration information of network devices within a network, ora network topology indicating communication paths between network devices determined using, at least, monitored network traffic between the network devices; and
user account information indicating;
user access rights of respective user accounts, andone or more of;
profile information of respective user accounts,user account rules enforced on the network, ornetwork actions associated with the user accounts;
for each of the network devices and user accounts;
determining a vulnerability indicating a likelihood of the network device or user account being compromised, the vulnerability based on values of a plurality of vulnerability metrics determined using network device information associated with the network device or user account information associated with the user account;
determining an importance indicating a priority an attacker would place on compromising the network device or user account, the importance based on values of a plurality of importance metrics determined using network device information associated with the network device or user account information associated with the user account; and
providing, for presentation, an interactive user interface comprising a visual representation of;
at least some of the determined vulnerabilities for network devices and/or user accounts;
at least some of the determined importances for network devices and/or user accounts,wherein the interactive user interface is operable to modify, in response to received input indicating a weighting for one or more network device, user account, vulnerability metric, or importance metric, the determined vulnerabilities and/or importances, included in the interactive user interface.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network risk assessment. One of the methods includes obtaining information describing network traffic between a plurality of network devices within a network. A network topology of the network is determined based on the information describing network traffic, with the network topology including nodes connected by an edge to one or more other nodes, and with each node being associated with one or more network devices. Indications of user access rights of users are associated to respective nodes included in the network topology. User interface data associated with the network topology is generated.
-
Citations
20 Claims
-
1. A computerized method comprising:
-
by a computing device having one or more computer processors and a non-transitory computer readable storage device storing software instruction for execution by the one or more computer processors, accessing; network device information indicating one or more of; configuration information of network devices within a network, or a network topology indicating communication paths between network devices determined using, at least, monitored network traffic between the network devices; and user account information indicating; user access rights of respective user accounts, and one or more of; profile information of respective user accounts, user account rules enforced on the network, or network actions associated with the user accounts; for each of the network devices and user accounts; determining a vulnerability indicating a likelihood of the network device or user account being compromised, the vulnerability based on values of a plurality of vulnerability metrics determined using network device information associated with the network device or user account information associated with the user account; determining an importance indicating a priority an attacker would place on compromising the network device or user account, the importance based on values of a plurality of importance metrics determined using network device information associated with the network device or user account information associated with the user account; and providing, for presentation, an interactive user interface comprising a visual representation of; at least some of the determined vulnerabilities for network devices and/or user accounts; at least some of the determined importances for network devices and/or user accounts, wherein the interactive user interface is operable to modify, in response to received input indicating a weighting for one or more network device, user account, vulnerability metric, or importance metric, the determined vulnerabilities and/or importances, included in the interactive user interface. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computerized method comprising:
-
by a computing device having one or more computer processors and a non-transitory computer readable storage device storing software instruction for execution by the one or more computer processors, obtaining configuration information describing network devices within one or more networks; determining, from the configuration information and for at least one network device, one or more metrics measuring aspects of a network device compromise vulnerability of the network device; obtaining indications of user access rights of user accounts to respective network devices; determining, for each network device and using the user access rights and configuration information, one or more metrics measuring aspects of a network device compromise value of the network device; and determining, for at least one user account, one or more metrics measuring aspects of a user account compromise vulnerability, and one or more metrics measuring aspects of a user account compromise value. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A system comprising one or more computer systems and one or more computer storage media storing instructions that when executed by the computer systems cause the computer systems to perform operations comprising:
-
obtaining configuration information describing network devices within one or more networks; determining, from the configuration information and for at least one network device, one or more metrics measuring aspects of a network device compromise vulnerability of the network device; obtaining indications of user access rights of user accounts to respective network devices; determining, for each network device and using the user access rights and configuration information, one or more metrics measuring aspects of a network device compromise value of the network device; and determining, for at least one user account, one or more metrics measuring aspects of a user account compromise vulnerability, and one or more metrics measuring aspects of a user account compromise value. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification