System and method for prioritizing distributed system risk remediations

Assignee

• Tanium Inc. · US

Inventors

• Stefan Horst-Guenter Molls · Nuremberg, DE
• Joshua M. Bryant · Pecatonica, US
• Keith Robertson · Johns Creek, US
• John E. Foscue · Talbert, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1441
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A server system obtains, for machines in a distributed system, system risk information, such as information identifying open sessions between respective users and respective machines, information identifying vulnerabilities in respective machines; and administrative rights information identifying groups of users having administrative rights to respective machines. The server system determines security risk factors, including risk factors related to lateral movement between logically coupled machines, and generates machine risk assessment values for at least a subset of the machines, based on a weighted combination of the risk factors. A user interface that includes a list of machines, sorted in accordance with the machine risk assessment values is presented to a user. The user interface also includes, for respective machines, links for accessing additional information about risk factors associated with the machine, and for accessing one or more remediation tools for remediating one or more security risks associated with the respective machine.