Mapping remediation to plurality of vulnerabilities

US 7,774,848 B2
Filed: 07/23/2004
Issued: 08/10/2010
Est. Priority Date: 07/23/2004
Status: Active Grant

First Claim

Patent Images

1. A method of mapping a remediation to a plurality of vulnerabilities, the method comprising:

assessing susceptibility of a non-remediated machine to a first vulnerability and at least a second vulnerability by testing the non-remediated machine for susceptibility to the first vulnerability and at least the second vulnerability, the first vulnerability indicating a remediation;

if the assessing of the non-remediated machine results in a first set of two or more vulnerabilities, including the first vulnerability and the second vulnerability, to which the machine is susceptible, then;

implementing the remediation for the first vulnerability upon the machine to remediate the first vulnerability on the non-remediated machine;

assessing susceptibility of the remediated machine to the first vulnerability and at least the second vulnerability by testing the remediated machine for susceptibility to the first vulnerability and at least the second vulnerability;

if the assessing of the remediated machine identifies that the machine has been remediated for the first and second vulnerabilities and results in a second set of vulnerabilities to which the machine is susceptible, removing the vulnerabilities of the second set of vulnerabilities from first set of two or more vulnerabilities to obtain a residual set of plural vulnerabilities, the residual set including the first and second vulnerabilities, thencreating a machine-actionable map between the implemented remediation and the vulnerabilities of the residual set, the machine-actionable map available for further susceptibility assessment and vulnerability remediation.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of mapping a remediation to a plurality of vulnerabilities may include: assessing susceptibility of an non-remediated machine to a first vulnerability, which results in a first set of two or more vulnerabilities to which the machine is susceptible; implementing the remediation upon the machine; assessing susceptibility of the remediated machine to the first vulnerability, which results in a second set of vulnerabilities to which the machine is susceptible; and creating a machine-actionable map between the remediation and two or more members of the first set based upon differences between the first and second sets.

64 Citations

View as Search Results

15 Claims

1. A method of mapping a remediation to a plurality of vulnerabilities, the method comprising:
- assessing susceptibility of a non-remediated machine to a first vulnerability and at least a second vulnerability by testing the non-remediated machine for susceptibility to the first vulnerability and at least the second vulnerability, the first vulnerability indicating a remediation;
  
  if the assessing of the non-remediated machine results in a first set of two or more vulnerabilities, including the first vulnerability and the second vulnerability, to which the machine is susceptible, then;
  
  implementing the remediation for the first vulnerability upon the machine to remediate the first vulnerability on the non-remediated machine;
  
  assessing susceptibility of the remediated machine to the first vulnerability and at least the second vulnerability by testing the remediated machine for susceptibility to the first vulnerability and at least the second vulnerability;
  
  if the assessing of the remediated machine identifies that the machine has been remediated for the first and second vulnerabilities and results in a second set of vulnerabilities to which the machine is susceptible, removing the vulnerabilities of the second set of vulnerabilities from first set of two or more vulnerabilities to obtain a residual set of plural vulnerabilities, the residual set including the first and second vulnerabilities, thencreating a machine-actionable map between the implemented remediation and the vulnerabilities of the residual set, the machine-actionable map available for further susceptibility assessment and vulnerability remediation.
- View Dependent Claims (2, 3, 4, 9, 10, 11, 12, 14, 15)
- - 2. The method of claim 1, wherein the creating of the machine-actionable map includes:
    - eliminating members of the first set that are also members of the second set to produce the residual set; and
      
      creating the machine-actionable map between the remediation indicated by the first vulnerability and members of the residual set.
  - 3. The method of claim 2, wherein:
    - the machine is a first version of the machine that includes at least a first technology;
      
      the method further comprises;
      
      adding to the non-remediated first version of the machine at least a second technology according to the residual set in order to produce a second version of the machine;
      
      assessing susceptibility of a non-remediated second version of the machine to the first vulnerability to result in a third set of vulnerabilities to which the non-remediated second version of the machine is susceptible by testing the non-remediated second version of the machine for susceptibility to the first vulnerability;
      
      if the third set has two or more vulnerabilities to which the non-remediated second version of the machine is susceptible, then;
      
      implementing the remediation upon the second version of the machine to remediate the first vulnerability on the non-remediated second version;
      
      assessing susceptibility of the remediated second version of the machine to the first vulnerability to result in a fourth set of vulnerabilities to which the remediated second version of the machine is susceptible by testing the remediated second version of the machine for susceptibility to the first vulnerability;
      
      verifying that the remediation on the second version of the machine mitigates the members of the residual set for the first version of the machine by eliminating members of the third set that are also members of the fourth set to produce a second residual set; and
      
      if none of the members of the second residual set are members of the residual set, then associating, in the machine-actionable map, the first and second versions of the machine with the residual set and the second residual set, respectively, and with the remediation.
  - 4. The method of claim 1, wherein:
    - the machine includes at least a first technology;
      
      the method further includesforming a third set of vulnerabilities only from members of the first set thereof which correspond to the first technology, andforming a fourth set of vulnerabilities only from members of the second set thereof which correspond to the first technology; and
      
      the creating of the machine-actionable map includeseliminating members of the third set that are also members of the fourth set to produce the residual set, andcreating the machine-actionable map between the remediation and members of the residual set.
  - 9. A machine configured to implement the method of claim 1.
  - 10. A machine configured to implement the method of claim 2.
  - 11. A machine configured to implement the method of claim 3.
  - 12. A machine configured to implement the method of claim 4.
  - 14. The method of claim 1, further comprising indexing into the machine-actionable map using one of the plural additional vulnerabilities to obtain a remediation corresponding to the one of the plural additional vulnerabilities.
  - 15. The method of claim 3, further comprising indexing into the machine-actionable map using one of the plural additional vulnerabilities and the first or second version of the machine to obtain a remediation corresponding to the one of the plural additional vulnerabilities and the first or second version of the machine.

5. A machine-readable medium comprising instructions, execution of which by a machine maps a remediation to a plurality of vulnerabilities, the machine-readable instructions including:
- a first code segment to assess susceptibility of a non-remediated machine to a first vulnerability and at least a second vulnerability by testing the non-remediated machine for susceptibility to the first vulnerability and at least the second vulnerability, the first vulnerability indicating a remediation;
  
  if the assessing of the non-remediated machine results in a first set of two or more vulnerabilities to which the machine is susceptible, then executing;
  
  a second code segment to implement the remediation for the first vulnerability upon the machine to remediate the first vulnerability on the non-remediated machine;
  
  a third code segment to assess susceptibility of the remediated machine to the first vulnerability and at least the second vulnerability by testing the remediated machine for susceptibility to the first vulnerability and at least the second vulnerability;
  
  if the assessing of the remediated machine identifies that the machine has been remediated for the first and second vulnerabilities and results in a second set of vulnerabilities to which the machine is susceptible, then executing;
  
  a fourth code segment to remove the vulnerabilities of the second set of vulnerabilities from the first set of two or more vulnerabilities to obtain a residual set of plural vulnerabilities, the residual set including the first and second vulnerabilities and create a machine-actionable map between the implemented remediation and the vulnerabilities of the residual set, the machine actionable map available for further susceptibility assessment and vulnerability remediation.
- View Dependent Claims (6, 7, 8)
- - 6. The machine-readable medium of claim 5, wherein the fourth code segment includes:
    - a fifth code segment to eliminate members of the first set that are also members of the second set to produce the residual set; and
      
      a sixth code segment to create the machine-actionable map between the remediation and members of the residual set.
  - 7. The machine-readable medium of claim 6, wherein:
    - the machine is a first version of the machine that includes at least a first technology;
      
      the machine-readable instructions further include;
      
      a fifth code segment to add to the non-remediated first version of the machine at least a second technology according to the residual set in order to produce a second version of the machine;
      
      a sixth code segment to assess susceptibility of a non-remediated second version of the machine to the first vulnerability to result in a third set of vulnerabilities to which the non-remediated second version of the machine is susceptible by testing the non-remediated second version of the machine for susceptibility to the first vulnerability;
      
      if the third set has two or more vulnerabilities to which the non-remediated second version of the machine is susceptible, then executing;
      
      a seventh code segment to implement the remediation upon the second version of the machine to remediate the first vulnerability on the non-remediated second version;
      
      an eighth code segment to assess susceptibility of the remediated second version of the machine to the first vulnerability to result in a fourth set of vulnerabilities to which the remediated second version of the machine is susceptible by testing the remediated second version of the machine for susceptibility to the first vulnerability;
      
      a ninth code segment to verify that the remediation on the second version of the machine mitigates the members of the residual set for the first version of the machine by eliminating members of the third set that are also members of the fourth set to produce a second residual set; and
      
      if none of the members of the second residual set are members of the residual set, then associating, in the machine-actionable map, the first and second versions of the machine with the residual set and the second residual set, respectively, and with the remediation.
  - 8. The machine-readable medium of claim 5, wherein:
    - the machine includes at least a first technology;
      
      the machine-readable instructions further includea fifth code segment to form a third set of vulnerabilities only from members of the first set thereof which correspond to the first technology, anda sixth code segment to form a fourth set of vulnerabilities only from members of the second set thereof which correspond to the first technology; and
      
      the fourth code segment includesa seventh code segment to eliminate members of the third set that are also members of the fourth set to produce the residual set, andan eighth code segment to create the machine-actionable map between the remediation and members of the residual set.

13. An apparatus for mapping a remediation to a plurality of vulnerabilities, the apparatus comprising:
- means for assessing susceptibility of a non-remediated machine to a first vulnerability and at least a second vulnerability by testing the non-remediated machine for susceptibility to the first vulnerability and at least the second vulnerability, the first vulnerability indicating a remediation;
  
  if the assessing of the non-remediated machine results in a first set of two or more vulnerabilities, including the first vulnerability and the second vulnerability, to which the machine is susceptible, then means for;
  
  implementing the remediation for the first vulnerability upon the machine to remediate the first vulnerability on the non-remediated machine;
  
  assessing susceptibility of the remediated machine to the first vulnerability and at least the second vulnerability by testing the remediated machine for susceptibility to the first vulnerability and at least the second vulnerability;
  
  if the means for assessing of the remediated machine identifies that the machine has been remediated for the first and second vulnerabilities and identifies a second set of vulnerabilities to which the machine is susceptible, means for;
  
  removing the vulnerabilities of the second set of vulnerabilities from first set of two or more vulnerabilities to obtain a residual set of plural vulnerabilities, the residual set including the first and second vulnerabilities, and creating a machine-actionable map between the implemented remediation and the vulnerabilities of the residual set, the machine-actionable map available for further susceptibility assessment and vulnerability remediation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fortinet Inc.
Original Assignee
Fortinet Inc.
Inventors
Gandhe, Sudhir, Tyree, David Spencer, D'Mello, Kurt
Primary Examiner(s)
LaForgia; Christian
Assistant Examiner(s)
Wang; Harris C

Application Number

US10/897,402
Publication Number

US 20060021052A1
Time in Patent Office

2,209 Days
Field of Search

726/25
US Class Current

726/25
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06F 21/577 Assessing vulnerabilities a...

Mapping remediation to plurality of vulnerabilities

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Mapping remediation to plurality of vulnerabilities

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links