System and method of managing network security risks

Assignee

• McAfee, LLC · US

Inventors

• Steven G. Andres · Tecate Mission Road, US
• David M. Cole · Tecate Mission Road, US
• Thomas Gregory Cummings · Laguna Niguel, US
• Roberto Garcia · Sherman, US
• Brian Michael Kenyon · Aliso Viejo, US
• George Robert Kurtz · Coto De Caza, US
• Stuart McClure · Ladera Ranch, US
• Christopher Moore · Newington, US
• Michael O'Dea · Estero, US
• Ken D. Saruwatari · Laguna Niguel, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/568
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A security risk management system comprises a vulnerability database, an asset database, a local threat intelligence database and a threat correlation module. The vulnerability database comprises data about security vulnerabilities of assets on a network gathered using active or passive vulnerability assessment techniques. The asset database comprises data concerning attributes of each asset. The threat correlation module receives threat intelligence alerts that identify attributes and vulnerabilities associated with security threats that affect classes of assets. The threat correlation module compares asset attributes and vulnerabilities with threat attributes and vulnerabilities and displays a list of assets that are affected by a particular threat. The list can be sorted according to a calculated risk score, allowing an administrator to prioritize preventive action and respond first to threats that affect higher risk assets. The security risk management system provides tools for performing preventive action and for tracking the success of preventive action.