Method and system for managing computer system vulnerabilities

US 8,756,698 B2
Filed: 08/10/2012
Issued: 06/17/2014
Est. Priority Date: 08/10/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for vulnerability risk management of an enterprise computing system, comprising the steps of:

instantiating, by a cloud computing system employing a software-as-a-service multi-tenant architecture, a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured for;

receiving from an end user a type of vulnerability;

determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan;

transmitting the list of potential vulnerabilities to the expert system;

receiving from the expert system a refined list of potential vulnerabilities; and

reporting the refined list of vulnerabilities to the end user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A vulnerability risk management (VRM) module receives an indication of a VRM service to be provided from the end user. The VRM module extracts from the indication either external IP addresses or the web application URL and a list of assets of the enterprise computer system to be tested. The VRM module discovers the assets of the enterprise computer system. The VRM module receives a request for a vulnerability scan using a predefined scan configuration based on preferences of the end user and a specified date and time to conduct the scan. The VRM module reports and stores a preliminary list of potential vulnerabilities in the VRM vulnerability database. The preliminary list is fed to an expert system, which applies specific rule sets using an inference engine and a knowledge base to refine results stored in the VRM vulnerability database by removing extraneous information and false positives.

35 Citations

View as Search Results

17 Claims

1. A computer-implemented method for vulnerability risk management of an enterprise computing system, comprising the steps of:
- instantiating, by a cloud computing system employing a software-as-a-service multi-tenant architecture, a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured for;
  
  receiving from an end user a type of vulnerability;
  
  determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan;
  
  transmitting the list of potential vulnerabilities to the expert system;
  
  receiving from the expert system a refined list of potential vulnerabilities; and
  
  reporting the refined list of vulnerabilities to the end user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the refined list is free of at least one of extraneous information and false positives.
  - 3. The method of claim 1, wherein the refined list of vulnerabilities is based on an application of a rule set to the list of potential vulnerabilities by an inference engine and a knowledge base of the expert system.
  - 4. The method of claim 3, wherein the rule set is based on the received type of vulnerability.
  - 5. The method of claim 3, wherein the inference engine is configured to iteratively refine the list of potential vulnerabilities using the knowledge base to produce the refined list of vulnerabilities.
  - 6. The method of claim 1, wherein the software-as-a-service multi-tenant architecture includes a dual factor log-in to prevent sharing of a database between the enterprise computing system and another enterprise computing system.
  - 7. The method of claim 1, wherein the asset is at least one of an external network, an internal network, a Web application, a mobile application, a social engineering application, a voice-over Internet protocol (VolP) application, or a wireless application.
  - 8. The method of claim 1, further comprising automatically opening a trouble ticket based on a vulnerability threshold determined by the end user.
  - 9. The method of claim 1, further comprising resolving at least one vulnerability on the refined list of vulnerabilities and removing the at least one vulnerability from the refined list of vulnerabilities.

10. A system for vulnerability risk management of an enterprise computing system, comprising:
- a cloud computing system employing a software-as-a-service multi-tenant architecture, having a hardware processor and a memory configured to instantiate a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured to;
  
  receive from an end user a type of vulnerability;
  
  determine a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability, and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan;
  
  transmit the list of potential vulnerabilities to the expert system;
  
  receive from the expert system a refined list of potential vulnerabilities; and
  
  report the refined list of vulnerabilities to the end user.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system of claim 10, wherein the refined list is free of at least one of extraneous information and false positives.
  - 12. The system of claim 10, wherein the refined list of vulnerabilities is based on an application of a rule set to the list of potential vulnerabilities by an inference engine and a knowledge base of the expert system.
  - 13. The system of claim 12, wherein the inference engine is configured to iteratively refine the list of potential vulnerabilities using the knowledge base to produce the refined list of vulnerabilities.
  - 14. The system of claim 10, wherein the software-as-a-service multi-tenant architecture includes a dual factor log-in to prevent sharing of a database between the enterprise computing system and another computer computing system.
  - 15. The system of claim 10, wherein the vulnerability risk management module is configured to automatically open a trouble ticket based on a vulnerability threshold determined by the end user.
  - 16. The system of claim 10, wherein the vulnerability risk management module is configured to resolve at least one vulnerability from the refined list of vulnerabilities and remove the at least one vulnerability from the refined list of vulnerabilities.

17. A non-transitory computer-readable storage medium including instructions that, when accessed by a processing system, cause the processing system to perform a method for vulnerability risk management of an enterprise computing system employing a software-as-a-service multi-tenant architecture, comprising the steps of:
- instantiating, by a cloud computing system, a vulnerability risk management module and an expert system coupled vulnerability risk management module, the vulnerability risk management module configured for;
  
  receiving from an end user a type of vulnerability;
  
  determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability, and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan;
  
  transmitting the list of potential vulnerabilities to the expert system;
  
  receiving from the expert system a refined list of potential vulnerabilities; and
  
  reporting the refined list of vulnerabilities to the end user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NopSec, Inc.
Original Assignee
NopSec, Inc.
Inventors
Sidagni, Michelangelo
Primary Examiner(s)
LEE, JASON T

Application Number

US13/572,180
Publication Number

US 20140047546A1
Time in Patent Office

676 Days
Field of Search

726/25
US Class Current

726/25
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

Method and system for managing computer system vulnerabilities

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for managing computer system vulnerabilities

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links