×

Information technology security assessment system

DC
  • US 9,973,524 B2
  • Filed: 11/18/2015
  • Issued: 05/15/2018
  • Est. Priority Date: 09/24/2010
  • Status: Active Grant
First Claim
Patent Images

1. A computer implemented method comprising:

  • on one or more computers, maintaining in a database an entity map that maps technical assets to respective companies or other entities with which the assets are associated, wherein mapping technical assets to respective companies or other entities comprises determining IP information by annotating a domain name with naming conventions for at least one of a mail server, an SMTP server, and an FTP server, thereby deriving a likely server name having assigned IP addresses,automatically useing sensors on the Internet to collect externally observable cyber-security characterizations of the technical assets that have been mapped to each of the entities and associating the observable cyber-security characterizations with a respective entity based at least in part on the derived server name,automatically deriving observations about the technical assets from the collected cyber-security characterizations, wherein the derived observations comprise (i) a number of technical assets that have been reported to be malicious and (ii) a duration of detected malicious activity associated with the technical assets,automatically generating a cyber-security rating for each of the entities using the entity map and the derived observations, andthrough a communication network, exposing to users in a user interface of a portal, information about the cyber-security ratings of the entities that is useful to decisions about entities with which to do business.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×