Communication network security risk exposure management systems and methods
First Claim
1. A risk analysis system comprising:
- a risk analyzer configured to determine a consolidated security risk to a feature of a communication network by analyzing assets of the communication network which are associated with the communication network feature and vulnerabilities affecting the assets which are associated with the communication network feature and calculating the consolidated security risk to the communication network feature based on the vulnerabilities, the consolidated security risk being in addition to any security risks calculated for the assets based on the vulnerabilities; and
a user interface operatively coupled to the risk analyzer.
9 Assignments
0 Petitions
Accused Products
Abstract
Communication network security risk exposure management systems and methods are disclosed. Risks to a communication network are determined by analyzing assets of the communication network and vulnerabilities affecting the assets. Assets may include physical assets such as equipment or logical assets such as software or data. Risk analysis may be adapted to assess risks to a particular feature of a communication network by analyzing assets of the communication network which are associated with that feature and one or more of vulnerabilities which affect the feature and vulnerabilities which affect the assets associated with the feature. A feature may be an asset itself or a function or service offered in the network and supported by particular assets, for example.
71 Citations
20 Claims
-
1. A risk analysis system comprising:
-
a risk analyzer configured to determine a consolidated security risk to a feature of a communication network by analyzing assets of the communication network which are associated with the communication network feature and vulnerabilities affecting the assets which are associated with the communication network feature and calculating the consolidated security risk to the communication network feature based on the vulnerabilities, the consolidated security risk being in addition to any security risks calculated for the assets based on the vulnerabilities; and a user interface operatively coupled to the risk analyzer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A communication network security risk analysis method comprising:
-
providing vulnerabilities affecting assets of a communication network; and determining a consolidated security risk to a feature of a communication network by analyzing the assets which are associated with the communication network feature and the vulnerabilities affecting the assets which are associated with the communication network feature and calculating the consolidated security risk to the feature based on the vulnerabilities, the consolidated security risk being in addition to any security risks calculated for the assets based on the vulnerabilities, wherein the assets comprise one or more of; physical assets comprising equipment in the communication network; and logical assets comprising one or more of;
software for execution by processors in the communication network and information stored by equipment in the communication network.- View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification