Systems and methods for managing vulnerability data

Systems and methods for managing vulnerability data

A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynam...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Legault, Jean-Francois, Colvin, Jessica, Grant, Jr., Martin J, Everett, David, Patel, Samiksha, Ward, Patrick M
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynamic risk score for each data record; (4) storing, by a risk record register, a risk record for each data record, wherein the risk record may include the dynamic risk score, a priority level, an identifier for a software application, and a software dependency; (5) selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores; (6) implementing, by the risk record register, the selected control policy; (7) monitoring, by the risk record register, implementation of the control policy; and (8) updating, by the risk record register, the control policy selection engine based on the monitoring.