Ordered computer vulnerability remediation reporting
First Claim
1. A method comprising:
- determining a first plurality of vulnerabilities of a first computing asset;
generating a first risk score for the first computing asset based on the first plurality of vulnerabilities and on one or more contextual factors that include a number of available exploits for each vulnerability of the first plurality of vulnerabilities,wherein the number of available exploits for a first vulnerability is a first number of available exploits and the number of available exploits for a second vulnerability is a second number of available exploits,wherein the first number of available exploits is different than the second number of available exploits;
wherein the method is performed by one or more computing devices.
5 Assignments
0 Petitions
Accused Products
Abstract
Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.
-
Citations
24 Claims
-
1. A method comprising:
-
determining a first plurality of vulnerabilities of a first computing asset; generating a first risk score for the first computing asset based on the first plurality of vulnerabilities and on one or more contextual factors that include a number of available exploits for each vulnerability of the first plurality of vulnerabilities, wherein the number of available exploits for a first vulnerability is a first number of available exploits and the number of available exploits for a second vulnerability is a second number of available exploits, wherein the first number of available exploits is different than the second number of available exploits; wherein the method is performed by one or more computing devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 24)
-
-
10. An apparatus comprising:
-
one or more processors; one or more non-transitory computer-readable media storing instructions which, when executed by the one or more processors, cause; determining a first plurality of vulnerabilities of a first computing asset; generating a first risk score for the first computing asset based on the first plurality of vulnerabilities and on one or more contextual factors that include a number of available exploits for each vulnerability of the first plurality of vulnerabilities, wherein the number of available exploits for a first vulnerability is a first number of available exploits and the number of available exploits for a second vulnerability is a second number of available exploits, wherein the first number of available exploits is different than the second number of available exploits. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
11. A method comprising:
-
determining a first plurality of vulnerabilities of a first computing asset; generating a first risk score for the first computing asset based on the first plurality of vulnerabilities; determining a second plurality of vulnerabilities of a second computing asset that is different than the first computing asset; determining to include the first computing asset and the second computing asset in a set of computing assets based on geographical location of the first and second computing assets, type of the first and second computing assets, or subnet of the first and second computing assets; generating, based on the first plurality of vulnerabilities and the second plurality of vulnerabilities, a second risk score for the set of computing assets that includes the first computing asset and the second computing asset; wherein the method is performed by one or more computing devices. - View Dependent Claims (12, 13, 14)
-
Specification