公开(公告)号：US20120185945A1

公开(公告)日：2012-07-19

申请号：US13432722

申请日：2012-03-28

申请人： Steven G. Andres ,  David M. Cole ,  Thomas Gregory Cummings ,  Roberto Ramon Garcia ,  Brian Michael Kenyon ,  George R. Kurtz ,  Stuart Cartier McClure ,  Christopher William Moore ,  Michael J. O'Dea ,  Ken D. Saruwatari

发明人： Steven G. Andres ,  David M. Cole ,  Thomas Gregory Cummings ,  Roberto Ramon Garcia ,  Brian Michael Kenyon ,  George R. Kurtz ,  Stuart Cartier McClure ,  Christopher William Moore ,  Michael J. O'Dea ,  Ken D. Saruwatari

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F21/568

摘要： A security risk management system comprises a vulnerability database, an asset database, a local threat intelligence database and a threat correlation module. The vulnerability database comprises data about security vulnerabilities of assets on a network gathered using active or passive vulnerability assessment techniques. The asset database comprises data concerning attributes of each asset. The threat correlation module receives threat intelligence alerts that identify attributes and vulnerabilities associated with security threats that affect classes of assets. The threat correlation module compares asset attributes and vulnerabilities with threat attributes and vulnerabilities and displays a list of assets that are affected by a particular threat. The list can be sorted according to a calculated risk score, allowing an administrator to prioritize preventive action and respond first to threats that affect higher risk assets. The security risk management system provides tools for performing preventive action and for tracking the success of preventive action.

摘要翻译： 安全风险管理系统包括漏洞数据库，资产数据库，本地威胁情报数据库和威胁相关模块。 漏洞数据库包含有关使用主动或被动漏洞评估技术收集的网络上资产的安全漏洞的数据。 资产数据库包括有关每个资产属性的数据。 威胁相关模块接收威胁情报警报，识别与影响资产类别的安全威胁相关联的属性和漏洞。 威胁关联模块将资产属性和漏洞与威胁属性和漏洞进行比较，并显示受特定威胁影响的资产列表。 该列表可以根据计算的风险评分进行排序，从而允许管理员优先处理预防措施，并首先对影响更高风险资产的威胁做出回应。 安全风险管理系统为执行预防性行动和跟踪预防行动的成功提供了工具。

公开(公告)号：US08201257B1

公开(公告)日：2012-06-12

申请号：US10813917

申请日：2004-03-31

申请人： Steven G. Andres ,  David M. Cole ,  Thomas Gregory Cummings ,  Roberto Ramon Garcia ,  Brian Michael Kenyon ,  George R. Kurtz ,  Stuart Cartier McClure ,  Christopher William Moore ,  Michael J. O'Dea ,  Ken D. Saruwatari

发明人： Steven G. Andres ,  David M. Cole ,  Thomas Gregory Cummings ,  Roberto Ramon Garcia ,  Brian Michael Kenyon ,  George R. Kurtz ,  Stuart Cartier McClure ,  Christopher William Moore ,  Michael J. O'Dea ,  Ken D. Saruwatari

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F21/568

摘要： A security risk management system comprises a vulnerability database, an asset database, a local threat intelligence database and a threat correlation module. The vulnerability database comprises data about security vulnerabilities of assets on a network gathered using active or passive vulnerability assessment techniques. The asset database comprises data concerning attributes of each asset. The threat correlation module receives threat intelligence alerts that identify attributes and vulnerabilities associated with security threats that affect classes of assets. The threat correlation module compares asset attributes and vulnerabilities with threat attributes and vulnerabilities and displays a list of assets that are affected by a particular threat. The list can be sorted according to a calculated risk score, allowing an administrator to prioritize preventive action and respond first to threats that affect higher risk assets. The security risk management system provides tools for performing preventive action and for tracking the success of preventive action.

摘要翻译： 安全风险管理系统包括漏洞数据库，资产数据库，本地威胁情报数据库和威胁相关模块。 漏洞数据库包含有关使用主动或被动漏洞评估技术收集的网络上资产的安全漏洞的数据。 资产数据库包括有关每个资产属性的数据。 威胁相关模块接收威胁情报警报，识别与影响资产类别的安全威胁相关联的属性和漏洞。 威胁关联模块将资产属性和漏洞与威胁属性和漏洞进行比较，并显示受特定威胁影响的资产列表。 该列表可以根据计算的风险评分进行排序，从而允许管理员优先处理预防措施，并首先对影响更高风险资产的威胁做出回应。 安全风险管理系统为执行预防性行动和跟踪预防行动的成功提供了工具。