Identifying vulnerabilities of computing assets based on breach data
First Claim
1. A method comprising:
- receiving, from a first source, vulnerability data that indicates a set of vulnerabilities of computing assets in a customer network;
receiving, from one or more second sources that are different than the first source, breach data that indicates a set of successful exploits that occurred outside the customer network;
identifying, based on the breach data, a subset of the set of vulnerabilities that are most vulnerable to a successful exploit;
causing result data that identifies the subset to be displayed on a screen of a computing device;
wherein the method is performed by one or more computing devices.
6 Assignments
0 Petitions
Accused Products
Abstract
Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.
-
Citations
21 Claims
-
1. A method comprising:
-
receiving, from a first source, vulnerability data that indicates a set of vulnerabilities of computing assets in a customer network; receiving, from one or more second sources that are different than the first source, breach data that indicates a set of successful exploits that occurred outside the customer network; identifying, based on the breach data, a subset of the set of vulnerabilities that are most vulnerable to a successful exploit; causing result data that identifies the subset to be displayed on a screen of a computing device; wherein the method is performed by one or more computing devices. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more non-transitory computer-readable media storing instructions which, when executed by one or more processors, cause:
-
receiving, from a first source, vulnerability data that indicates a set of vulnerabilities of computing assets in a customer network; receiving, from one or more second sources that are different than the first source, breach data that indicates a set of successful exploits that occurred outside the customer network; identifying, based on the breach data, a subset of the set of vulnerabilities that are most vulnerable to a successful exploit; causing result data that identifies the subset to be displayed on a screen of a computing device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus comprising:
-
one or more processors; one or more computer-readable media storing instructions which, when executed by the one or more processors, cause; receiving, from a first source, vulnerability data that indicates a set of vulnerabilities of computing assets in a customer network; receiving, from one or more second sources that are different than the first source, breach data that indicates a set of successful exploits that occurred outside the customer network; identifying, based on the breach data, a subset of the set of vulnerabilities that are most vulnerable to a successful exploit; causing result data that identifies the subset to be displayed on a screen of a computing device. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification