| 发明名称 | Method and system for managing computer system vulnerabilities | ||
| 摘要 | A vulnerability risk management (VRM) module receives an indication of a VRM service to be provided from the end user. The VRM module extracts from the indication either external IP addresses or the web application URL and a list of assets of the enterprise computer system to be tested. The VRM module discovers the assets of the enterprise computer system. The VRM module receives a request for a vulnerability scan using a predefined scan configuration based on preferences of the end user and a specified date and time to conduct the scan. The VRM module reports and stores a preliminary list of potential vulnerabilities in the VRM vulnerability database. The preliminary list is fed to an expert system, which applies specific rule sets using an inference engine and a knowledge base to refine results stored in the VRM vulnerability database by removing extraneous information and false positives. | ||
| 申请公布号 | US8756698(B2) | 申请公布日期 | 2014.06.17 |
| 申请号 | US201213572180 | 申请日期 | 2012.08.10 |
| 申请人 | NopSec Inc. | 发明人 | Sidagni Michelangelo |
| 分类号 | G06F21/00 | 主分类号 | G06F21/00 |
| 代理机构 | Chadbourne & Parke LLP | 代理人 | Chadbourne & Parke LLP |
| 主权项 | 1. A computer-implemented method for vulnerability risk management of an enterprise computing system, comprising the steps of: instantiating, by a cloud computing system employing a software-as-a-service multi-tenant architecture, a vulnerability risk management module and an expert system coupled to the vulnerability risk management module, the vulnerability risk management module configured for: receiving from an end user a type of vulnerability;determining a list of potential vulnerabilities of the enterprise computing system based on a non-intrusive scan of the enterprise computing system for the received type of vulnerability, wherein the scan includes a scan of an asset of the enterprise computing system associated with the type of vulnerability and wherein the scan is based on a preference of the end user regarding a specified date and time to conduct the scan;transmitting the list of potential vulnerabilities to the expert system;receiving from the expert system a refined list of potential vulnerabilities; andreporting the refined list of vulnerabilities to the end user. | ||
| 地址 | New York NY US | ||