Abstract: A method for simulation aided security event management, the method includes: generating attack simulation information that comprises multiple simulation data items of at least one data item type out of vulnerability instances data items, attack step data items and attack simulation scope data items; wherein the generating of attack simulation information is responsive to a network model, at least one attack starting point and attack action information; identifying security events in response to a correlation between simulation data items and event data; and prioritizing identified security events.
Type:
Grant
Filed:
September 8, 2008
Date of Patent:
March 26, 2013
Assignee:
Skybox Secutiry Inc.
Inventors:
Amnon Lotem, Gideon Cohen, Lior Ban Naon
Abstract: A method for evaluating potential attacks of worms, the method includes: associating, in response to information representative of a network and of worm entities, between worm entities and potential worm sources to provide associated worm sources; determining potential worm attacks that start from the associated worm sources; and evaluating at least one potential worm attack security metric associated with the potential worm attacks.
Type:
Grant
Filed:
July 30, 2007
Date of Patent:
January 22, 2013
Assignee:
Skybox Secutiry Inc.
Inventors:
Amnon Lotem, Gideon Cohen, Moshe Meiseles, Ilan Horn