System and method of managing network security risks

a network security and risk management technology, applied in the field of managing threats to network security, can solve problems such as compromise network security, and many administrators, however, have neither the time nor the experience to maintain up-to-date knowledge of network security threats

Inactive Publication Date: 2012-07-19
MCAFEE INC
View PDF6 Cites 110 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Computer networks are exposed to a large number of vulnerabilities to network security, including open ports, flawed application programs, worms, viruses, trojan horses, and the like.
At times, individuals, groups of individuals, or automated programs, either intentionally or unwittingly, take advantage of these vulnerabilities to compromise network security.
Attempts to compromise network security include attempts to damage data, to infect one or more computers with viruses or worms, and to access a computer system without authorization.
Many administrators, however, have neither the time nor the experience to maintain up-to-date knowledge of network security threats.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method of managing network security risks
  • System and method of managing network security risks
  • System and method of managing network security risks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022]Computer networks are exposed to a number of vulnerabilities to network security. Such vulnerabilities include open ports, flawed email application programs and other flawed application programs that can provide unauthorized access to a network node, trojan horses, worms, viruses, and the like. Many of these vulnerabilities, such as trojan horses, worms, and viruses, can cause damage or data loss to a computer system simply by existing and being activated on a computer system. Other vulnerabilities, such as holes created by flawed email or other flawed application programs, can provide means for individuals to gain unauthorized access to a computer system. Individuals that gain unauthorized access to a computer system may willfully or unwittingly view secret information, delete files, alter the settings of a computer network, or otherwise compromise the security of a computer network. For this reason, many administrators desire to detect network vulnerabilities and fix them be...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A security risk management system comprises a vulnerability database, an asset database, a local threat intelligence database and a threat correlation module. The vulnerability database comprises data about security vulnerabilities of assets on a network gathered using active or passive vulnerability assessment techniques. The asset database comprises data concerning attributes of each asset. The threat correlation module receives threat intelligence alerts that identify attributes and vulnerabilities associated with security threats that affect classes of assets. The threat correlation module compares asset attributes and vulnerabilities with threat attributes and vulnerabilities and displays a list of assets that are affected by a particular threat. The list can be sorted according to a calculated risk score, allowing an administrator to prioritize preventive action and respond first to threats that affect higher risk assets. The security risk management system provides tools for performing preventive action and for tracking the success of preventive action.

Description

BACKGROUND OF THE INVENTION[0001]1. Field of the Invention[0002]Embodiments of the invention relate to managing threats to network security.[0003]2. Description of the Related Art[0004]Computer networks are exposed to a large number of vulnerabilities to network security, including open ports, flawed application programs, worms, viruses, trojan horses, and the like. At times, individuals, groups of individuals, or automated programs, either intentionally or unwittingly, take advantage of these vulnerabilities to compromise network security. Attempts to compromise network security include attempts to damage data, to infect one or more computers with viruses or worms, and to access a computer system without authorization.[0005]Automated vulnerability scanners scan the assets and nodes of a network to discover active devices (thereby building an asset inventory) and to detect the vulnerabilities that exist on a network. Based on the information provided by vulnerability scanners, admin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(United States)
IPC IPC(8): G06F21/00
CPCG06F21/00G06F21/56G06F21/568
Inventor ANDRES, STEVEN G.COLE, DAVID M.CUMMINGS, THOMAS GREGORYGARCIA, ROBERTO RAMONKENYON, BRIAN MICHAELKURTZ, GEORGE R.MCCLURE, STUART CARTIERMOORE, CHRISTOPHER WILLIAMO'DEA, MICHAEL J.SARUWATARI, KEN D.
Owner MCAFEE INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap