公开(公告)号：US20140173737A1

公开(公告)日：2014-06-19

申请号：US13716038

申请日：2012-12-14

Applicant: VMWARE, INC.

Inventor： Michael Ira Toback ,  David Ferguson ,  Maria del Carmen Hernandez-Villavicencio ,  Wenfeng Liu ,  Monty Ijzerman

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F21/57

Abstract: Exemplary methods, apparatuses, and systems receive data describing a first software component used by a software product and vulnerability data describing a vulnerability in the first software component. A vulnerability score is calculated for the software product based upon the vulnerability data for the first software component. The vulnerability score is recalculated for the software product based upon receiving an updated status of the vulnerability in the first software component from bug tracking software, a waiver of the vulnerability of a software component, the addition of another software component, or another update to the software product or component(s). The task of remediation of the vulnerability in the first software component can be assigned to a user and tracked. A user interface is provided to enable users to monitor the vulnerabilities of software products or components.

Abstract translation: 示例性方法，装置和系统接收描述由软件产品使用的第一软件组件的数据和描述第一软件组件中的漏洞的漏洞数据。 基于第一个软件组件的漏洞数据计算软件产品的漏洞得分。 基于从错误跟踪软件接收到第一软件组件中的漏洞的更新状态，软件组件的漏洞的豁免，另外的软件组件的添加或另一个更新到 软件产品或组件。 可以将修复第一个软件组件中的漏洞的任务分配给用户并进行跟踪。 提供了一个用户界面，使用户能够监视软件产品或组件的漏洞。

公开(公告)号：US09256746B2

公开(公告)日：2016-02-09

申请号：US13716038

申请日：2012-12-14

Applicant: VMware, Inc.

Inventor： Michael Ira Toback ,  David Ferguson ,  Maria del Carmen Hernandez-Villavicencio ,  Wenfeng Liu ,  Monty Ijzerman

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F21/57

Abstract: Exemplary methods, apparatuses, and systems receive data describing a first software component used by a software product and vulnerability data describing a vulnerability in the first software component. A vulnerability score is calculated for the software product based upon the vulnerability data for the first software component. The vulnerability score is recalculated for the software product based upon receiving an updated status of the vulnerability in the first software component from bug tracking software, a waiver of the vulnerability of a software component, the addition of another software component, or another update to the software product or component(s). The task of remediation of the vulnerability in the first software component can be assigned to a user and tracked. A user interface is provided to enable users to monitor the vulnerabilities of software products or components.

Abstract translation: 示例性方法，装置和系统接收描述由软件产品使用的第一软件组件的数据和描述第一软件组件中的漏洞的漏洞数据。 基于第一个软件组件的漏洞数据计算软件产品的漏洞得分。 基于从错误跟踪软件接收到第一软件组件中的漏洞的更新状态，软件组件的漏洞的豁免，另外的软件组件的添加或另一个更新到 软件产品或组件。 可以将修复第一个软件组件中的漏洞的任务分配给用户并进行跟踪。 提供了一个用户界面，使用户能够监视软件产品或组件的漏洞。