-
公开(公告)号:US20220131887A1
公开(公告)日:2022-04-28
申请号:US17078455
申请日:2020-10-23
Applicant: International Business Machines Corporation
Inventor: Lilian Mathias Ngweta , Steven Ocepek , Constantin Mircea Adam , Sai Zeng , Muhammed Fatih Bulut , Milton H. Hernandez
Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.
-
公开(公告)号:US20210273968A1
公开(公告)日:2021-09-02
申请号:US16802644
申请日:2020-02-27
Applicant: International Business Machines Corporation
Inventor: Johnny Al Shaieb , Jason A. Nikolai , Michael Redford , Steven Ocepek , Jason Bornheimer , Robert Maier
Abstract: The subject matter herein provides an automated system and method for software patch management that ranks patches at least in part according to a score indicative of a complexity (e.g., cost) of remediating a vulnerability. This score is sometimes referred to herein as a vulnerability remediation complexity (VRC) score. A VRC score provides an objective measure by which an organization can determine which patches are most likely to be successfully applied, thus enabling implementation of a patching strategy that preferentially applies most critical, but less impact (in terms of remediation cost) patches first to remediate as must risk as possible as quickly as possible. Thus, for example, the approach herein enables the patching to focus on vulnerabilities of highest severity and small remediation cost over those, for example, representing lower severity and higher remediation cost.
-
公开(公告)号:US20210250371A1
公开(公告)日:2021-08-12
申请号:US17302211
申请日:2021-04-27
Applicant: International Business Machines Corporation
Inventor: Steven Ocepek , Nevenko Zunic , Tamer Aboualy , Johnny A. Shaieb
IPC: H04L29/06
Abstract: Prioritizing vulnerability scan results is provided. Vulnerability scan results data corresponding to a network of data processing systems are received from a vulnerability scanner. The vulnerability scan results data are parsed to group the vulnerability scan results data by vulnerability identifiers. A corresponding security threat information identifier is associated with each vulnerability identifier. A correlation of each associated security threat information identifier is performed with a set of current vulnerability exploit data that corresponds to that particular security threat information identifier. Current security threat information that affects host data processing systems in the network is determined based on the correlation between each associated security threat information identifier and its corresponding set of current vulnerability exploit data. The current security threat information is prioritized based on a number of corresponding current vulnerability exploit attacks.
-
-
Search Results
13
records
(took 0.017 seconds)
