Security vulnerability analytics engine
US10733302B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 15, 2017 |
| Grant date | Aug 4, 2020 |
| Priority date | — |
| Expiry date | Jun 6, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Vulnerability data is classified as described herein. A finding object is created based on vulnerability data associated with a vulnerability finding and that finding object is populated with property values based on the vulnerability data. Technical owner rules associated with a plurality of technical owners are evaluated based on the property values of the finding object and a technical owner is assigned to the finding object based on the evaluated technical owner rules. Once a technical owner is assigned, the finding object is provided to a governance, risk, and compliance (GRC) module for distribution of the vulnerability finding to the assigned technical owner for remediation. Classification of vulnerability data using the described property values and technical owner rules provides an efficient, accurate, and automated way of distributing vulnerability findings of large, complex code bases to teams for remediation.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.