Geographical vulnerability mitgation response mapping system

US 8,990,696 B2
Filed: 12/22/2010
Issued: 03/24/2015
Est. Priority Date: 11/20/1985
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for displaying a vulnerability of a network comprising one or more computers, the method comprising:

receiving network vulnerability information identifying a vulnerable computer in the network;

determining a network address of the identified vulnerable computer based on the received network vulnerability information;

determining a geographical location of the identified vulnerable computer based on the determined network address of the identified vulnerable computer;

receiving mitigation response status information indicative of a status of a mitigation response to the identified vulnerable computer;

providing a geographical map including at least the geographical location of the identified vulnerable computer;

providing a network vulnerability symbol on the map designating the geographical location of the vulnerable computer; and

graphically distinguishing the network vulnerability symbol on the map to indicate the status of the mitigation response.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for geographically mapping a vulnerability of a network having one or more network points include receiving vulnerability information identifying a vulnerability of a point of the network, correlating the vulnerability information with location information for the identified network point, and network identification information for the identified network point, and generating a map displaying a geographical location of the vulnerability.

Citations

21 Claims

1. A computer-implemented method for displaying a vulnerability of a network comprising one or more computers, the method comprising:
- receiving network vulnerability information identifying a vulnerable computer in the network;
  
  determining a network address of the identified vulnerable computer based on the received network vulnerability information;
  
  determining a geographical location of the identified vulnerable computer based on the determined network address of the identified vulnerable computer;
  
  receiving mitigation response status information indicative of a status of a mitigation response to the identified vulnerable computer;
  
  providing a geographical map including at least the geographical location of the identified vulnerable computer;
  
  providing a network vulnerability symbol on the map designating the geographical location of the vulnerable computer; and
  
  graphically distinguishing the network vulnerability symbol on the map to indicate the status of the mitigation response.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the network vulnerability information includes an Internet Protocol (IP) address associated with the identified vulnerable computer.
  - 3. The method of claim 1, wherein the network address includes at least one of a media access control (MAC) address or a router address associated with the identified vulnerable computer.
  - 4. The method of claim 1, wherein:
    - determining a network address includes looking up the network address in a network address database using the received vulnerability information; and
      
      determining a geographical location includes looking up the geographical location in a geographical location database using the determined network address.
  - 5. The method of claim 1, further including storing, in a map database, a vulnerability record for the identified vulnerable computer, the vulnerability record including the vulnerability information, the network address, the geographical location information, and the mitigation response status information associated with the identified vulnerable computer.
  - 6. The method of claim 1, wherein the status of the mitigation response includes new, open, assigned to a mitigation response team, or closed.
  - 7. The method of claim 1, further including:
    - receiving new mitigation response status information indicating a new status of the mitigation response; and
      
      updating the network vulnerability symbol on the map to indicate the new status of the mitigation response.

8. A non-transitory computer-readable storage medium storing instructions which, when executed by a computer, cause the computer to perform a method for displaying a vulnerability of a network having one or more network points, the method comprising:
- receiving network vulnerability information identifying a vulnerable computer in the network;
  
  determining a network address of the identified vulnerable computer based on the received network vulnerability information;
  
  determining a geographical location of the identified vulnerable computer based on the determined network address of the identified vulnerable computer;
  
  receiving mitigation response status information indicative of a status of a mitigation response to the identified vulnerable computer;
  
  providing a geographical map including at least the geographical location of the identified vulnerable computer;
  
  providing a network vulnerability symbol on the map designating the geographical location of the vulnerable computer; and
  
  graphically distinguishing the network vulnerability symbol on the map to indicate the status of the mitigation response.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable storage medium of claim 8, wherein the network vulnerability information includes an Internet Protocol (IP) address associated with the identified vulnerable computer.
  - 10. The computer-readable storage medium of claim 8, wherein the network address includes at least one of a media access control (MAC) address or a router address associated with the identified vulnerable computer.
  - 11. The computer-readable storage medium of claim 8, wherein the method further includes:
    - determining a network address includes looking up the network address in a network address database using the received vulnerability information; and
      
      determining a geographical location includes looking up the geographical location in a geographical location database using the determined network address.
  - 12. The computer-readable storage medium of claim 8, wherein the method further includes storing, in a map database, a vulnerability record for the identified vulnerable computer, the vulnerability record including the vulnerability information, the network address, the geographical location information, and the mitigation response status information associated with the identified vulnerable computer.
  - 13. The computer-readable storage medium of claim 8, wherein the status of the mitigation response includes new, open, assigned to a mitigation response team, or closed.
  - 14. The computer-readable storage medium of claim 8, wherein the method further includes:
    - receiving new mitigation response status information indicating a new status of the mitigation response; and
      
      updating the network vulnerability symbol on the map to indicate the new status of the mitigation response.

15. A computer-implemented method for representing vulnerabilities of a network comprising a plurality of network points, the method comprising:
- receiving, at a computer, network vulnerability information identifying a plurality of vulnerable computers on the network;
  
  determining network addresses of the identified vulnerable computers based on the received network vulnerability information;
  
  determining geographical locations of the identified vulnerable computers based on the determined network addresses of the identified vulnerable computers;
  
  receiving mitigation response status information indicative of statuses of mitigation responses to the identified vulnerable computers;
  
  providing a geographical map including at least the geographical locations of the identified vulnerable computers;
  
  providing network vulnerability symbols on the map designating the geographical locations of the vulnerable computers; and
  
  graphically distinguishing the network vulnerability symbols on the map to indicate the respective statuses of the mitigation responses to the vulnerable computers.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 15, wherein the network vulnerability information includes Internet Protocol (IP) addresses associated with the identified vulnerable computers.
  - 17. The method of claim 15, wherein the network addresses include at least one of media access control (MAC) addresses or a router addresses associated with the identified vulnerable computers.
  - 18. The method of claim 15, wherein:
    - determining network addresses includes looking up the network addresses in a network address database using the received vulnerability information; and
      
      determining geographical locations includes looking up the geographical locations in a geographical location database using the determined network addresses.
  - 19. The method of claim 15, further including storing, in a map database, vulnerability records for the identified vulnerable computers, the vulnerability records including the respective vulnerability information, network addresses, geographical location information, and mitigation response status information associated with the identified vulnerable computers.
  - 20. The method of claim 15, wherein the status of the mitigation responses include new, open, assigned to a mitigation response team, or closed.
  - 21. The method of claim 15, further including:
    - receiving new mitigation response status information indicating a new statuses of the mitigation responses; and
      
      updating the network vulnerability symbols on the map to indicate the new statuses of the mitigation responses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Palo Alto Networks Incorporated
Original Assignee
Verizon Corporate Services Group Incorporated (Verizon Communications Inc.)
Inventors
McConnell, James Trent
Primary Examiner(s)
PHANTANA ANGKOOL, DAVID

Application Number

US12/975,595
Publication Number

US 20110093786A1
Time in Patent Office

1,553 Days
Field of Search

715/736, 715/734, 709/233
US Class Current

715/736
CPC Class Codes

H04L 12/6418   Hybrid transport

H04L 41/12   Discovery or management of ...

H04L 61/103   across network layers, e.g....

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

Geographical vulnerability mitgation response mapping system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Geographical vulnerability mitgation response mapping system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links