&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
			function printpage()
			{
			window.print()
			}
			</script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11704414.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,704,414 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Systems and methods for managing vulnerability data</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Samiksha Patel,  New York, NY (US);  Jessica Colvin,  New York, NY (US);  Patrick M. Ward,  Caldwell, NJ (US);  Martin J. Grant, Jr.,  Middletown, DE (US);  David Everett,  New York, NY (US); and  Jean-Francois Legault,  Brooklyn, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  JPMORGAN CHASE BANK, N.A.,  New York, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  JPMORGAN CHASE BANK, N.A.,  New York, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Apr.  27, 2021, as Appl. No. 17/242,071.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Claims priority of provisional application 63/017,545, filed on Apr.  29, 2020.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2021/0342450 A1, Nov.  4, 2021</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 21/57</b></i> (2013.01); <i><b>G06F 16/215</b></i> (2019.01); <i><b>G06F 21/60</b></i> (2013.01); <i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 21/577</b></i> (2013.01)&#xa0;[<i><b>G06F 16/215</b></i> (2019.01)]</td>
            <td class="table_data" align="right"><b>18 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11704414-20230718-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method for managing vulnerability data, comprising:<div class="claim_text">ingesting, by a data ingestion engine, vulnerability data from a plurality of sources;</div>
                <div class="claim_text">normalizing, by a data normalizer module, the vulnerability data into a plurality of data records, each data record having a predefined format and a plurality of pre-defined fields;</div>
                <div class="claim_text">generating, by a data processing module, a dynamic risk score for each data record, wherein the dynamic risk score is based on one or more rules, and is further based on an asset sensitivity for an asset associated with a vulnerability associated with the data record, wherein the asset sensitivity is based on a confidentiality impact on the asset, an integrity impact on the asset, and an availability impact on the asset;</div>
                <div class="claim_text">storing, by a risk record register, a risk record for each data record, wherein the risk record comprises the dynamic risk score, a priority level, an identifier for a software application, and a software dependency;</div>
                <div class="claim_text">selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores;</div>
                <div class="claim_text">implementing, by the risk record register, the selected control policy;</div>
                <div class="claim_text">monitoring, by the risk record register, implementation of the control policy; and</div>
                <div class="claim_text">updating, by the risk record register, the control policy selection engine based on the monitoring.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>