Determining technology-appropriate remediation for vulnerability
First Claim
1. An automated computerized method of determining one or more technology-appropriate remediations for a common aspect of vulnerability in a system, the method comprising:
- receiving one or more vulnerability identifications (VIDs) and descriptions thereof, respectively, that have a common aspect of vulnerability;
in response to the receiving of the one or more VIDs, determining, by executing instructions on a processor of a computer, a remediation identification (RID) associated with the common aspect of vulnerability;
in response to the determining of the RID, creating, by executing further instructions on the processor of the computer, based upon the one or more VIDs and the descriptions thereof, a first machine-actionable map between the RID, one or more technology identifications (TIDs), and one or more action identifications (ACTIDs) for actions that remediate the common aspect of vulnerability represented by the RID, where the first machine-actionable map is a representation of the remediation candidate, wherein the creating of the first machine-actionable map includes;
providing a plurality of machine-actionable second maps, each second map being between a given RID, at least two TIDs for which the given RID can be used, and two or more sets of ACTIDs, the two or more set of ACTIDs corresponding to the at least two TIDs, respectively;
selecting one or more instances of the plurality of second maps, where the one or more selected instances of second maps represents the first machine-actionable map, the selecting including;
indexing into the plurality of second maps using the RID to obtain a first subset of the plurality of second maps;
determining a list of one or more TIDs that correspond to the one or more VIDs, the determining of the list including;
determining, for each of the one or more VIDs, a technology genus associated with a given VID; and
populating the list with TIDs of technology species associated with the technology genus; and
eliminating members of the first subset that are specific to TIDs which are not present on the list; and
expanding the first machine-actionable map to include an invasiveness value that is indicative of a degree to which implementing the remediation on a machine is invasive thereof; and
storing the first machine-actionable map.
4 Assignments
0 Petitions
Accused Products
Abstract
A machine-actionable memory comprises one or more machine-actionable records arranged according to a data structure. Such a data structure may include links that respectively map between: a RID field, the contents of which denote an identification (ID) of a remediation (RID); at least one TID field, the contents of which denotes an ID of at least two technologies (TIDs), respectively; and at least one ACTID field, the contents of which denotes an ID of an action (ACTID). A method, of selecting a remediation that is appropriate to a technology present on a machine to be remediated, may include: providing such a machine-actionable memory; and indexing into the memory using a given RID value and a given TID value to determine values of the at-least-one ACTID corresponding to the given RID value and appropriate to the given TID value.
-
Citations
12 Claims
-
1. An automated computerized method of determining one or more technology-appropriate remediations for a common aspect of vulnerability in a system, the method comprising:
-
receiving one or more vulnerability identifications (VIDs) and descriptions thereof, respectively, that have a common aspect of vulnerability; in response to the receiving of the one or more VIDs, determining, by executing instructions on a processor of a computer, a remediation identification (RID) associated with the common aspect of vulnerability; in response to the determining of the RID, creating, by executing further instructions on the processor of the computer, based upon the one or more VIDs and the descriptions thereof, a first machine-actionable map between the RID, one or more technology identifications (TIDs), and one or more action identifications (ACTIDs) for actions that remediate the common aspect of vulnerability represented by the RID, where the first machine-actionable map is a representation of the remediation candidate, wherein the creating of the first machine-actionable map includes; providing a plurality of machine-actionable second maps, each second map being between a given RID, at least two TIDs for which the given RID can be used, and two or more sets of ACTIDs, the two or more set of ACTIDs corresponding to the at least two TIDs, respectively; selecting one or more instances of the plurality of second maps, where the one or more selected instances of second maps represents the first machine-actionable map, the selecting including; indexing into the plurality of second maps using the RID to obtain a first subset of the plurality of second maps; determining a list of one or more TIDs that correspond to the one or more VIDs, the determining of the list including; determining, for each of the one or more VIDs, a technology genus associated with a given VID; and populating the list with TIDs of technology species associated with the technology genus; and eliminating members of the first subset that are specific to TIDs which are not present on the list; and expanding the first machine-actionable map to include an invasiveness value that is indicative of a degree to which implementing the remediation on a machine is invasive thereof; and storing the first machine-actionable map. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
Specification