| 发明名称 | Methods and systems for evaluating software for known vulnerabilities | ||
| 摘要 | A vulnerability identification and resolution (VIR) computer device for identifying security vulnerabilities in a computer system is provided. The VIR computer device includes a memory device for storing data including data representing computing assets installed in the computer system and a processor in communication with the memory device. The VIR computer device is programmed to receive an asset identifier identifying a computing asset selected for evaluation and execute a query on at least one database storing security vulnerabilities, the query searching for security vulnerability data associated with the selected computing asset. The VIR computer device is further programmed to receive the security vulnerability data at the VIR computer device in response to the query. | ||
| 申请公布号 | US9094448(B2) | 申请公布日期 | 2015.07.28 |
| 申请号 | US201414466623 | 申请日期 | 2014.08.22 |
| 申请人 | MasterCard International Incorporated | 发明人 | Benefield William H. |
| 分类号 | H04L29/06;G06F21/00;G06F21/57 | 主分类号 | H04L29/06 |
| 代理机构 | Armstrong Teasdale LLP | 代理人 | Armstrong Teasdale LLP |
| 主权项 | 1. A vulnerability identification and resolution (VIR) computer device for identifying security vulnerabilities in a computer system, said VIR computer device comprising: a memory device for storing data including data representing computing assets installed in the computer system; and a processor in communication with said memory device, said VIR computer device programmed to: execute a query on at least one database storing security vulnerabilities, the query searching for security vulnerability data associated with a selected computing asset from a plurality of computing assets of an organization;receive said security vulnerability data at the VIR computer device in response to the query, wherein the security vulnerability data includes a security vulnerability identifier that identifies a security vulnerability and a proposed resolution identifier that identifies a proposed resolution;provide proposed resolution data associated with the proposed resolution, the proposed resolution configured to resolve the security vulnerability when applied to the selected computing asset; and electronically display an impact score, wherein the impact score indicates a qualitative determination of an impact of the security vulnerability associated with the selected computing asset. | ||
| 地址 | Purchase NY US | ||