| 发明名称 |
System and method for a security asset manager |
| 摘要 |
Implementations of the present disclosure involve a system and/or method of performing security asset management. The system and/or method may schedule vulnerability scanners to scan the various portions of one or more networks and obtain the results of the vulnerability scans. IP addresses may be assigned to each of vulnerability scanners to scan. The system obtains the results of the vulnerability scans and may adjust the results of the scans according to configuration of the one or more networks that an IP address is associated with. The system and/or method may also assign and reassign IP addresses amongst the scanners to optimize scanning speed. |
| 申请公布号 |
US9191409(B2) |
申请公布日期 |
2015.11.17 |
| 申请号 |
US201314089285 |
申请日期 |
2013.11.25 |
| 申请人 |
LEVEL 3 COMMUNICATIONS, LLC |
发明人 |
Doctor Brad Bernay;Fraley Taylor;Romero Daniel Joseph;Wentworth Brett;Berg Keshava |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A security asset management system comprising:
a plurality of computing device; a plurality of vulnerability scanners operating on each of the plurality of computing devices, wherein a first computing device of the plurality of computing devices includes a first processor coupled to a first memory, the first memory storing first instructions for execution on the first processor, the first instructions configured to cause the first processor to:
perform a first vulnerability scan on a first plurality of IP addresses on a first network using a first vulnerability scanner of the plurality of vulnerability scanners to identify a first vulnerability of the first computing device to which one of the first plurality of IP addresses is assigned, wherein the first vulnerability is associated with a first severity rating, and wherein the first plurality of IP addresses are divided between the plurality of computing devices for scanning;reassign at least one of the first plurality of IP addresses assigned to one of the plurality of computing devices to a different one of the plurality of computing devices according to a progress of the first vulnerability scan; andadjust the first severity rating according to at least one network configuration associated with the first network; wherein a second computing device of the plurality of computing devices includes a second processor coupled to a second memory, the second memory storing second instructions for execution on the second processor, the second instructions configured to cause the second processor to:
perform a second vulnerability scan on a second plurality of IP addresses on a second network using a second vulnerability scanner of the plurality of vulnerability scanners to identify a second vulnerability of the second computing device to which one of the second plurality of IP addresses is assigned, wherein the second vulnerability is associated with a second severity rating; andadjust the second severity rating according to at least one network configuration associated with the second network. |
| 地址 |
Broomfield CO US |
