Detection of vulnerabilities in a computer network

The invention claimed is: 1. A method, performed by one or more processors, the method comprising: receiving first data representing an infrastructure of a computer network, the first data comprising an indication of a plurality of hosts which form at least part of the computer network and one or more software resources on respective hosts; receiving second data from a vulnerability scanning software, the second data comprising an indication of one or more vulnerabilities detected in the one or more software resources provided on at least some of the plurality of hosts of the computer network; generating, using a combination of the first data and the second data, output data representing a risk profile of the computer network infrastructure; and determining a patch deployment strategy based on one or more prioritization rules and the output data, the one or more prioritization rules determining an order of one or more patches to deploy to remedy the detected vulnerabilities, wherein the deployment strategy determines a least number of patches required to remedy the detected vulnerabilities. 2. The method of claim 1 , further comprising: determining a number of downstream hosts that take data from the at least some of the plurality of hosts; and including the number of downstream hosts in the output data. 3. The method of claim 1 , further comprising: determining the one or more patches for remedying the detected vulnerabilities; and presenting the output data on a user interface with an indication of the determined one or more patches on the user interface, the one or more patches being deployable through the user interface. 4. The method of claim 3 , wherein the output data includes the at least some of the plurality of hosts associated with the detected vulnerabilities, wherein information representing each host of the at least some of the plurality of hosts is arranged on the user interface based on the one or more prioritization rules. 5. The method of claim 1 , wherein the one or more prioritization rules are based at least in part on how critical a respective host of the plurality of hosts is to the infrastructure of the computer network. 6. The method of claim 5 , wherein the first data comprises an indication of a type or role for each host, and wherein how critical the respective host of the plurality of hosts is to the infrastructure of the computer network is determined based at least in part on a respective type or role of the respective host. 7. The method of claim 5 , wherein how critical the respective host of the plurality of hosts is to the infrastructure of the computer network is determined based at least in part on a number of downstream hosts that take data from the respective host. 8. The method of claim 5 , further comprising: receiving third data indicative of users or groups of users associated with particular hosts; wherein how critical the respective host of the plurality of hosts is to the infrastructure of the computer network is based at least in part on one or more users or groups of users associated with the respective host. 9. The method of claim 5 , further comprising: receiving third data indicative of users or groups of users associated with particular hosts; wherein how critical the respective host of the plurality of hosts is to the infrastructure of the computer network is based at least in part on a number of users associated with the respective host. 10. The method of claim 5 , wherein the one or more prioritization rules identify a number N of most critical hosts that require patching. 11. The method of claim 1 , further comprising deploying the one or more patches using the determined patch deployment strategy. 12. The method of claim 1 , further comprising generating an electronic report representing the patch deployment strategy for electronic transmission to a remote organization. 13. The method of claim 12 , wherein the electronic report comprises one or more embedded links for user-selection to deploy the one or more patches. 14. An apparatus comprising: one or more processors; and a memory storing instructions, the instructions, when executed by the one or more processors, causing the apparatus to perform: receiving first data representing an infrastructure of a computer network, the first data comprising an indication of a plurality of hosts which form at least part of the computer network and one or more software resources on respective hosts; receiving second data from a vulnerability scanning software, the second data comprising an indication of one or more vulnerabilities detected in the one or more software resources provided on at least some of the plurality of hosts of the computer network; generating, using a combination of the first data and the second data, output data representing a risk profile of the computer network infrastructure; and determining a patch deployment strategy based on one or more prioritization rules and the output data, the one or more prioritization rules determining an order of one or more patches to deploy to remedy the detected vulnerabilities, wherein the deployment strategy determines a least number of patches required to remedy the detected vulnerabilities. 15. The apparatus of claim 14 , wherein the instructions further cause the apparatus to perform: generating an electronic report representing the patch deployment strategy for electronic transmission to a remote organization, wherein the electronic report comprises one or more embedded links for user-selection to deploy the one or more patches. 16. The apparatus of claim 14 , wherein the instructions further cause the apparatus to perform: determining a number of downstream hosts that take data from the at least some of the plurality of hosts; and including the number of downstream hosts in the output data. 17. The apparatus of claim 14 , wherein the instructions further cause the apparatus to perform: determining the one or more patches for remedying the detected vulnerabilities; and presenting the output data on a user interface with an indication of the determined one or more patches on the user interface, the one or more patches being deployable through the user interface. 18. The apparatus of claim 14 , wherein the one or more prioritization rules are based at least in part on how critical a respective host of the plurality of hosts is to the infrastructure of the computer network. 19. The apparatus of claim 18 , wherein how critical the respective host of the plurality of hosts is to the infrastructure of the computer network is determined based at least in part on a number of downstream hosts that take data from the respective host. 20. A computer program, optionally stored on a non-transitory computer readable medium program which, when executed by one or more processors of a data processing apparatus, causes the data processing apparatus to perform: receiving first data representing an infrastructure of a computer network, the first data comprising an indication of a plurality of hosts which form at least part of the computer network and one or more software resources on respective hosts; receiving second data from a vulnerability scanning software, the second data comprising an indication of one or more vulnerabilities detected in the one or more software resources provided on at least some of the plurality of hosts of the computer network; generating, using a combination of the first data and the second data, output data representing a