US 11,677,773 B2
Prioritized remediation of information security vulnerabilities based on service model aware multi-dimensional security risk scoring
G S Narayan Iyer, Houston, TX (US); Ajoy Kumar, Santa Clara, CA (US); and Amit Gupta, Needham, MA (US)
Assigned to BMC Software, Inc., Houston, TX (US)
Filed by BMC Software, Inc., Houston, TX (US)
Filed on Nov. 19, 2018, as Appl. No. 16/194,735.
Prior Publication US 2020/0162497 A1, May 21, 2020
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/1433 (2013.01) [H04L 63/164 (2013.01); H04L 63/20 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A method for securing a service implemented on a computer network, the method comprising:
identifying network assets in the computer network used by the service;
identifying vulnerabilities in one or more of the network assets, each vulnerability having one or more vulnerability risk dimensions weighted by a risk value for each of the vulnerability risk dimensions;
based on the identified vulnerabilities, determining an asset risk score for each of the network assets by applying a criticality value to a sum of the one or more vulnerability risk dimensions as weighted by the risk value for each of the vulnerability risk dimensions;
based on the determined asset risk scores of the network assets, determining a service risk score for the service;
prioritizing implementation of a plurality of vulnerability remediation actions in a priority order based on effects on the service risk score, wherein the priority order is based on a reduction of the service risk score; and
implementing one or more of the plurality of vulnerability remediation actions based on the priority order.