Security vulnerability information aggregation
First Claim
1. An apparatus comprising:
- an interface to receive from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities;
a policies store to store one or more aggregation policies, the one or more aggregation policies specifying respective sets of distribution parameters for one or more vulnerability definition information consumers;
one or more output interfaces to enable transmission of vulnerability definitions to respective groups of the one or more vulnerability definition information consumers;
an aggregator, operatively coupled to the interface, to the policies store, and to the one or more output interfaces, to receive the vulnerability definition information through the interface, to aggregate the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with the aggregation policy of a vulnerability definition information consumer in the policies store, and to distribute the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer through an output interface of the one or more output interfaces,wherein the vulnerability definition information received from each source comprises respective source content arranged according to a respective source format, and wherein the aggregator comprises;
a plurality of format adapters operatively coupled to the interface, the plurality of format adapters comprising respective format adapters configured to convert a format of vulnerability definition information that defines the one or more respective security vulnerabilities and is received from a respective source into a format of the one or more respective unified vulnerability descriptions; and
a content aggregator operatively coupled to the plurality of format adapters and configured to determine portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information received from the plurality of sources and converted by the plurality of format adapters.
6 Assignments
0 Petitions
Accused Products
Abstract
Security vulnerability information aggregation techniques are disclosed. Vulnerability information associated with one or more security vulnerabilities is obtained from multiple sources and aggregated into respective unified vulnerability definitions for the one or more security vulnerabilities. Aggregation may involve format conversion, content aggregation, or both in some embodiments. Unified vulnerability definitions may be distributed to vulnerability information consumers in accordance with consumer-specific policies. Storage of vulnerability information received from the sources may allow the aggregation process to be performed on existing vulnerability information “retro-actively”. Related data structures and Graphical User Interfaces (GUIs) are also disclosed.
93 Citations
15 Claims
-
1. An apparatus comprising:
-
an interface to receive from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities; a policies store to store one or more aggregation policies, the one or more aggregation policies specifying respective sets of distribution parameters for one or more vulnerability definition information consumers; one or more output interfaces to enable transmission of vulnerability definitions to respective groups of the one or more vulnerability definition information consumers; an aggregator, operatively coupled to the interface, to the policies store, and to the one or more output interfaces, to receive the vulnerability definition information through the interface, to aggregate the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with the aggregation policy of a vulnerability definition information consumer in the policies store, and to distribute the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer through an output interface of the one or more output interfaces, wherein the vulnerability definition information received from each source comprises respective source content arranged according to a respective source format, and wherein the aggregator comprises; a plurality of format adapters operatively coupled to the interface, the plurality of format adapters comprising respective format adapters configured to convert a format of vulnerability definition information that defines the one or more respective security vulnerabilities and is received from a respective source into a format of the one or more respective unified vulnerability descriptions; and a content aggregator operatively coupled to the plurality of format adapters and configured to determine portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information received from the plurality of sources and converted by the plurality of format adapters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
obtaining, by an aggregator, from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities; aggregating, by the aggregator, the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with an aggregation policy that specifies a set of distribution parameters for a vulnerability definition information consumer; and distributing, by the aggregator, the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer, wherein the vulnerability definition information obtained from each source comprises respective source content arranged according to a respective source format, wherein the method further comprises; converting the vulnerability definition information associated with the one or more respective security vulnerabilities from each source format into a format of the one or more respective unified vulnerability descriptions, wherein aggregating comprises determining portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information obtained from the plurality of sources. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable medium storing instructions which when executed perform a method comprising:
-
obtaining from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities; aggregating the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with an aggregation policy that specifies a set of distribution parameters for a vulnerability definition information consumer; and distributing the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer, wherein the vulnerability definition information obtained from each source comprises respective source content arranged according to a respective source format, wherein the method further comprises; converting the vulnerability definition information associated with the one or more respective security vulnerabilities from each source format into a format of the one or more respective unified vulnerability descriptions, wherein aggregating comprises determining portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information obtained from the plurality of sources.
-
Specification