| CPC G06F 21/577 (2013.01) [G06F 8/65 (2013.01); G06F 21/54 (2013.01); H04L 63/0263 (2013.01); G06F 2221/033 (2013.01)] | 18 Claims |
|
1. A computer-implemented method of managing computer vulnerabilities, comprising:
detecting, by a processor, one or more processes running on a particular computing system during a particular period of time including now;
determining, by the processor, a set of active vulnerabilities that are associated with the one or more processes from a plurality of vulnerabilities;
determining, for each vulnerability of the set of active vulnerabilities, context metadata related to a process or an application associated with the vulnerability, the context metadata including runtime metadata indicating how often the application has been executed, for how long the process has run, or when in the particular period of time the process was, is, or will be running, and vulnerability metadata indicating vulnerability severity, attack type, or availability of a solution for the vulnerability;
filtering the set of active vulnerabilities based on the context metadata;
ranking the filtered set of active vulnerabilities based on the context metadata for each active vulnerability to obtain a ranked order; and
transmitting information related to the ranking to a device.
|