Dynamic vulnerability correlation
US11128652B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 25, 2018 |
| Grant date | Sep 21, 2021 |
| Priority date | — |
| Expiry date | Oct 25, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Apparatus and methods are disclosed for performing dynamic vulnerability correlation suitable for use in enterprise information technology (IT) environments, including vulnerability filtering, patch correlation, and vulnerability paring. According to one disclosed embodiment, a method of vulnerability filtering includes attempting to execute vulnerability scanning rules according to a specified order in a rule hierarchy, and depending on the type of the rule hierarchy and on whether the attempt was successful, not executing additional rules in the rule hierarchy. In another disclosed embodiment, a method of patch correlation includes executing vulnerability scanning rules based on a correlation associations including, if a particular vulnerability is detected, then not executing other correlated scanning rules for a particular software patch. In another disclosed embodiment, a method of vulnerability paring includes defining a plurality of patch milestones for a software product and scanning a target computer for vulnerabilities associated with a current installed patch.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.