Abstract: Disclosed are methods, systems and non-transitory computer readable memory for container image or host deduplication in vulnerability management systems. For instance, a method may include: obtaining source data from at least one source, wherein the source data includes a plurality of assets and/or findings; extracting data bits for each asset or finding from the source data; determining a first asset or finding concerns a first container image or first host based on the data bits for the first asset or finding; in response to determining the first asset or finding concerns the first container image or first host, obtaining a container image dataset or a search structure; determining whether the data bits match any of the plurality of sets of values of the container image dataset or the search structure; and, based on a match result, generating or updating records for the first container image or the first host.

Abstract: Disclosed are methods, systems and non-transitory computer readable memory for container image or host deduplication in vulnerability management systems. For instance, a method may include: obtaining source data from at least one source, wherein the source data includes a plurality of assets and/or findings; extracting data bits for each asset or finding from the source data; determining a first asset or finding concerns a first container image or first host based on the data bits for the first asset or finding; in response to determining the first asset or finding concerns the first container image or first host, obtaining a container image dataset or a search structure; determining whether the data bits match any of the plurality of sets of values of the container image dataset or the search structure; and, based on a match result, generating or updating records for the first container image or the first host.

Abstract: Disclosed are methods, systems and non-transitory computer readable memory for container image or host deduplication in vulnerability management systems. For instance, a method may include: obtaining source data from at least one source, wherein the source data includes a plurality of assets and/or findings; extracting data bits for each asset or finding from the source data; determining a first asset or finding concerns a first container image or first host based on the data bits for the first asset or finding; in response to determining the first asset or finding concerns the first container image or first host, obtaining a container image dataset or a search structure; determining whether the data bits match any of the plurality of sets of values of the container image dataset or the search structure; and, based on a match result, generating or updating records for the first container image or the first host.

Abstract: Disclosed are methods, systems and non-transitory computer readable memory for vulnerability detection and management. For instance, a method may include obtain asset information for an organization, wherein the asset information indicates a plurality of assets; obtain a set of grouping rules, wherein the set of grouping rules defines a plurality of groups based on asset attributes; obtain asset data from at least one source, wherein the asset data indicates particular attributes for at least a subset of assets of the plurality of assets; determine at least one specific group for each of the subset of assets; generate a data structure associating each asset of the subset of assets to a first group, thereby grouping the subset of assets into the first group; and perform at least one vulnerability management action using a command that applies to all of the assets, and only the assets, of the first group.

Abstract: Disclosed are methods, systems and non-transitory computer readable memory for vulnerability detection and management. For instance, a method may include obtain asset information for an organization, wherein the asset information indicates a plurality of assets; obtain a set of grouping rules, wherein the set of grouping rules defines a plurality of groups based on asset attributes; obtain asset data from at least one source, wherein the asset data indicates particular attributes for at least a subset of assets of the plurality of assets; determine at least one specific group for each of the subset of assets; generate a data structure associating each asset of the subset of assets to a first group, thereby grouping the subset of assets into the first group; and perform at least one vulnerability management action using a command that applies to all of the assets, and only the assets, of the first group.