What technology area does this patent fall under?

Primary CPC classification G06F21/577. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Feb 22 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Application selection based on cumulative vulnerability risk assessment

US11256814B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11256814-B2
Application number	US-202016819313-A
Country	US
Kind code	B2
Filing date	Mar 16, 2020
Priority date	Mar 16, 2020
Publication date	Feb 22, 2022
Grant date	Feb 22, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Using a processor and a memory of a testing system, a set of vulnerability testing instructions is executed relative to an application, causing an output of a set of vulnerabilities from the testing system. By executing a probability model, a first probability of adverse impact corresponding to a first vulnerability in the set of vulnerabilities is computed. The first vulnerability and the first probability of adverse impact are added to a vulnerability repository. Using the first probability of adverse impact and a second probability of adverse impact, a first cumulative probability of adverse impact is calculated. Using the first cumulative probability and a first level of organizational impact corresponding to the application, a first risk category is assigned to the application. Responsive to the first risk category being lower than a second risk category, a system management application is caused to install the application in the computer system.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method comprising: executing, using a processor and a memory of a testing system, a set of vulnerability testing instructions relative to an application, the executing causing an output of a set of vulnerabilities from the testing system; selecting, from a first set of categories according to a vulnerability type of a first vulnerability in the set of vulnerabilities, a likelihood of occurrence category of the first vulnerability; selecting, from a first numerical range corresponding to the selected likelihood of occurrence category, a first numerical value comprising a probability of occurrence of the first vulnerability; selecting, from a second set of categories according to the vulnerability type, a likelihood of adverse impact category; selecting, from a second numerical range corresponding to the selected likelihood of adverse impact category, a second numerical value comprising a probability of adverse impact given the occurrence of the first vulnerability; calculating, using the probability of occurrence and the probability of adverse impact given the occurrence, a first probability of adverse impact corresponding to the first vulnerability; modifying a vulnerability repository in a data storage device, by adding to the vulnerability repository the first vulnerability and the first probability of adverse impact; calculating, using the first probability of adverse impact and a second probability of adverse impact, a first cumulative probability of adverse impact; assigning to the application, using the first cumulative probability and a first level of organizational impact corresponding to the application, a first risk category; and causing, responsive to the first risk category being lower than a second risk category corresponding to a second application, a system management application to install the application on a computer system, the computer system utilized to execute the installed application. 2. The computer-implemented method of claim 1 , wherein selecting, from the first numerical range corresponding to the selected likelihood of occurrence category, the first numerical value comprising the probability of occurrence of the first vulnerability comprises: selecting a midpoint of the first numerical range. 3. The computer-implemented method of claim 1 , wherein selecting, from the first numerical range corresponding to the selected likelihood of occurrence category, the first numerical value comprising the probability of occurrence of the first vulnerability comprises: selecting a lower bound of the first numerical range. 4. The computer-implemented method of claim 1 , wherein calculating, using the first probability of adverse impact and the second probability of adverse impact, the cumulative probability of adverse impact further comprises: calculating a probability of occurrence of at least one of the first probability of adverse impact and the second probability of adverse impact. 5. The computer-implemented method of claim 1 , wherein the second probability of adverse impact corresponds to a second vulnerability in the set of vulnerabilities. 6. A computer program product for application selection based on cumulative vulnerability risk assessment, the computer program product comprising: one or more computer readable storage media, and program instructions collectively stored on the one or more computer readable storage media, the program instructions when executed by a processor causing operations comprising: executing, using a processor and a memory of a testing system, a set of vulnerability testing instructions relative to an application, the executing causing an output of a set of vulnerabilities from the testing system; selecting, from a first set of categories according to a vulnerability type of a first vulnerability in the set of vulnerabilities, a likelihood of occurrence category of the first vulnerability; selecting, from a first numerical range corresponding to the selected likelihood of occurrence category, a first numerical value comprising a probability of occurrence of the first vulnerability; selecting, from a second set of categories according to the vulnerability type, a likelihood of adverse impact category; selecting, from a second numerical range corresponding to the selected likelihood of adverse impact category, a second numerical value comprising a probability of adverse impact given the occurrence of the first vulnerability; calculating, using the probability of occurrence and the probability of adverse impact given the occurrence, a first probability of adverse impact corresponding to the first vulnerability; modifying a vulnerability repository in a data storage device, by adding to the vulnerability repository the first vulnerability and the first probability of adverse impact; calculating, using the first probability of adverse impact and a second probability of adverse impact, a first cumulative probability of adverse impact; assigning to the application, using the first cumulative probability and a first level of organizational impact corresponding to the application, a first risk category; and causing, responsive to the first risk category being lower than a second risk category corresponding to a second application, a system management application to install the application on a computer system, the computer system utilized to execute the installed application. 7. The computer program product of claim 6 , wherein selecting, from the first numerical range corresponding to the selected likelihood of occurrence category, the first numerical value comprising the probability of occurrence of the first vulnerability comprises: selecting a midpoint of the first numerical range. 8. The computer program product of claim 6 , wherein selecting, from the first numerical range corresponding to the selected likelihood of occurrence category, the first numerical value comprising the probability of occurrence of the first vulnerability comprises: selecting a lower bound of the first numerical range. 9. The computer program product of claim 6 , wherein calculating, using the first probability of adverse impact and the second probability of adverse impact, the cumulative probability of adverse impact further comprises: calculating a probability of occurrence of at least one of the first probability of adverse impact and the second probability of adverse impact. 10. The computer program product of claim 6 , wherein the second probability of adverse impact corresponds to a second vulnerability in the set of vulnerabilities. 11. The computer program product of claim 6 , wherein the stored program instructions are stored in the at least one of the one or more storage media of a local data processing system, and wherein the stored program instructions are transferred over a network from a remote data processing system. 12. The computer program product of claim 6 , wherein the stored program instructions are stored in the at least one of the one or more storage media of a server data processing system, and wherein the stored program instructions are downloaded over a network to a remote data processing system for use in a computer readable storage device associated with the remote data processing system. 13. The computer program product of claim 6 , wherein the computer program product is provided as a service in a cloud environment. 14. A computer system comprising one or more processors, one or more computer-readable memories, and one or more computer-readable storage devices, and program instructions stored on at least one of th

Assignees

Kyndryl Inc

Inventors

Classifications

G06F21/54
by adding security routines or objects to programs · CPC title
G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
G06F21/51
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
G06F21/55
Detecting local intrusion or implementing counter-measures · CPC title
G06F8/65
Updates (security arrangements therefor G06F21/57) · CPC title

Patent family

Related publications grouped by family.

View patent family 77663949

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11256814B2 cover?: Using a processor and a memory of a testing system, a set of vulnerability testing instructions is executed relative to an application, causing an output of a set of vulnerabilities from the testing system. By executing a probability model, a first probability of adverse impact corresponding to a first vulnerability in the set of vulnerabilities is computed. The first vulnerability and the firs…
Who is the assignee on this patent?: Kyndryl Inc
What technology area does this patent fall under?: Primary CPC classification G06F21/577. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Feb 22 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).