Method and system for managing computer system vulnerabilities
First Claim
1. A computer-implemented method for vulnerability risk management of an enterprise computing system, comprising the steps of:
- instantiating, by a cloud computing system employing a software-as-a-service multi-tenant architecture, a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured for;
receiving from an end user a type of vulnerability;
determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan;
transmitting the list of potential vulnerabilities to the expert system;
receiving from the expert system a refined list of potential vulnerabilities; and
reporting the refined list of vulnerabilities to the end user.
2 Assignments
0 Petitions
Accused Products
Abstract
A vulnerability risk management (VRM) module receives an indication of a VRM service to be provided from the end user. The VRM module extracts from the indication either external IP addresses or the web application URL and a list of assets of the enterprise computer system to be tested. The VRM module discovers the assets of the enterprise computer system. The VRM module receives a request for a vulnerability scan using a predefined scan configuration based on preferences of the end user and a specified date and time to conduct the scan. The VRM module reports and stores a preliminary list of potential vulnerabilities in the VRM vulnerability database. The preliminary list is fed to an expert system, which applies specific rule sets using an inference engine and a knowledge base to refine results stored in the VRM vulnerability database by removing extraneous information and false positives.
35 Citations
17 Claims
-
1. A computer-implemented method for vulnerability risk management of an enterprise computing system, comprising the steps of:
instantiating, by a cloud computing system employing a software-as-a-service multi-tenant architecture, a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured for; receiving from an end user a type of vulnerability; determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan; transmitting the list of potential vulnerabilities to the expert system; receiving from the expert system a refined list of potential vulnerabilities; and reporting the refined list of vulnerabilities to the end user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A system for vulnerability risk management of an enterprise computing system, comprising:
a cloud computing system employing a software-as-a-service multi-tenant architecture, having a hardware processor and a memory configured to instantiate a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured to; receive from an end user a type of vulnerability; determine a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability, and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan; transmit the list of potential vulnerabilities to the expert system; receive from the expert system a refined list of potential vulnerabilities; and
report the refined list of vulnerabilities to the end user.- View Dependent Claims (11, 12, 13, 14, 15, 16)
-
17. A non-transitory computer-readable storage medium including instructions that, when accessed by a processing system, cause the processing system to perform a method for vulnerability risk management of an enterprise computing system employing a software-as-a-service multi-tenant architecture, comprising the steps of:
-
instantiating, by a cloud computing system, a vulnerability risk management module and an expert system coupled vulnerability risk management module, the vulnerability risk management module configured for; receiving from an end user a type of vulnerability; determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability, and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan; transmitting the list of potential vulnerabilities to the expert system; receiving from the expert system a refined list of potential vulnerabilities; and reporting the refined list of vulnerabilities to the end user.
-
Specification