US 9,811,667 B2
System and method for grouping computer vulnerabilities
James M. Hugard, IV, Mission Viejo, CA (US); Alexander Lawrence Leroux, Cypress, CA (US); Charles Mallabarapu, Laguna Niguel, CA (US); Jorge Armando Muniz, Costa Mesa, CA (US); Braden C. Russell, Ladera Ranch, CA (US); and Zengjue Wu, Aliso Viejo, CA (US)
Assigned to McAfee, Inc., Santa Clara, CA (US)
Filed by James M. Hugard, IV, Mission Viejo, CA (US); Alexander Lawrence Leroux, Cypress, CA (US); Charles Mallabarapu, Laguna Niguel, CA (US); Jorge Armando Muniz, Costa Mesa, CA (US); Braden C. Russell, Ladera Ranch, CA (US); and Zengjue Wu, Aliso Viejo, CA (US)
Filed on Sep. 21, 2011, as Appl. No. 13/239,271.
Prior Publication US 2013/0247206 A1, Sep. 19, 2013
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/57 (2013.01); H04L 29/06 (2006.01); G06F 11/30 (2006.01)
CPC G06F 21/577 (2013.01) [G06F 21/57 (2013.01); H04L 63/1433 (2013.01); G06F 11/3051 (2013.01); H04L 63/20 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method comprising:
providing a query including at least one condition defining at least one vulnerability, the query to be displayed by a graphical user interface (GUI) of a computer that includes a processor;
creating a vulnerability set based on the query;
adding the vulnerability set to a program;
running the query upon execution of the program to dynamically select one or more vulnerability checks to apply to one or more assets in a network, wherein the at least one condition in the query indicates a level of severity of vulnerabilities, and wherein a vulnerability check is selected for the program based, at least in part, on one or more vulnerabilities associated with the vulnerability check meeting the level of severity indicated by the at least one condition;
updating the program by updating the query to add at least one other condition defining at least one other vulnerability and running the updated query upon a subsequent execution of the program;
producing scan results based on the subsequent execution of the program; and
generating an asset report that includes data based on the scan results indicating a vulnerability of at least one asset of the one or more assets.