公开(公告)号：US10546134B2

公开(公告)日：2020-01-28

申请号：US16054851

申请日：2018-08-03

申请人： Rapid7, LLC

发明人： Derek M Abdine ,  Anastasios Giakouminakis ,  Chad Loder ,  Richard D. Li

IPC分类号： G06F21/57 ,  H04L29/06

摘要： A solution recommendation (SR) tool can receive vulnerabilities identified by a vulnerability scanner and/or penetration testing tool. The SR tool can determine various approaches for remediating or mitigating the identified vulnerabilities, and can prioritize the various approaches based on the efficiency of the various approaches in remediating or mitigating the identified vulnerabilities. The SR tool can recommend one or more of the prioritized approaches based on constraints such as cost, effectiveness, complexity, and the like. Once the one or more of the prioritized approaches are selected, the SR tool can recommend the one or more prioritized approaches to third-party experts for evaluation.

公开(公告)号：US20190034640A1

公开(公告)日：2019-01-31

申请号：US16054851

申请日：2018-08-03

申请人： Rapid7, LLC

发明人： Derek M. Abdine ,  Anastasios Giakouminakis ,  Chad Loder ,  Richard D. Li

IPC分类号： G06F21/57 ,  H04L29/06

摘要： A solution recommendation (SR) tool can receive vulnerabilities identified by a vulnerability scanner and/or penetration testing tool. The SR tool can determine various approaches for remediating or mitigating the identified vulnerabilities, and can prioritize the various approaches based on the efficiency of the various approaches in remediating or mitigating the identified vulnerabilities. The SR tool can recommend one or more of the prioritized approaches based on constraints such as cost, effectiveness, complexity, and the like. Once the one or more of the prioritized approaches are selected, the SR tool can recommend the one or more prioritized approaches to third-party experts for evaluation.

公开(公告)号：US09411965B2

公开(公告)日：2016-08-09

申请号：US14862107

申请日：2015-09-22

申请人： Rapid7 LLC

发明人： Anastasios Giakouminakis ,  Sheldon E Malm ,  Chad Loder ,  Richard D Li

IPC分类号： G06F21/57 ,  H04L29/06

CPC分类号： G06F21/577 ,  G06F21/57 ,  H04L63/1433

摘要： A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities based on base and optional CVSS vectors and additional factors that represent the evolving nature of vulnerabilities. Likewise, the security tool can determine an overall risk for vulnerabilities, an asset, and/or a collection of assets that encompasses a global view of an asset's risk and/or collection of assets' risk, business considerations of an entity that own and controls the asset and/or the collection of assets, and the entity's associations.

公开(公告)号：US20160012236A1

公开(公告)日：2016-01-14

申请号：US14862107

申请日：2015-09-22

申请人： Rapid7 LLC

发明人： Anastasios Giakouminakis ,  Sheldon E. Malm ,  Chad Loder ,  Richard D. Li

IPC分类号： G06F21/57 ,  H04L29/06

CPC分类号： G06F21/577 ,  G06F21/57 ,  H04L63/1433

摘要： A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities based on base and optional CVSS vectors and additional factors that represent the evolving nature of vulnerabilities. Likewise, the security tool can determine an overall risk for vulnerabilities, an asset, and/or a collection of assets that encompasses a global view of an asset's risk and/or collection of assets' risk, business considerations of an entity that own and controls the asset and/or the collection of assets, and the entity's associations.