Abstract: Conjoint vulnerability identifiers are determined for a vulnerability, and priorities are determined for the conjoint vulnerability identifiers. A highest priority conjoint vulnerability identifier is selected. An entry in a vulnerability cross reference table is created that associates the highest priority conjoint vulnerability identifier with a lower priority conjoint vulnerability identifier.

Abstract: Analyzing vulnerability vector information includes collecting information for a test performed by a vulnerability assessment tool to detect a vulnerability. Attributes of the test are determined from the collected information and are used to determine if there any matches with information in a security vulnerabilities information source.

Abstract: In one implementation, a service interface analysis system identifies a parameter at a portion of a service request for a network service and within a service response provided by the network service in response to the service request. The service interface analysis system then defines a request template including a placeholder at a portion of the request template associated with the portion of the service request.

Abstract: An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, the system including vulnerability information analyzing functionality to analyze preexisting vulnerability information, the preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, the at least one vulnerability having a preexisting CVSS score, the preexisting CVSS score being based at least partially on the preexisting vulnerability information, vulnerability information extraction functionality, responsive to the analyzing preexisting vulnerability information, to extract new vulnerability information, the new vulnerability information relating to the at least one of the at least one vulnerability and the at least one attack vector thereof, and CVSS score updating functionality to employ the new vulnerability information to update the preexisting CVSS score.

Abstract: An automated enterprise compliance auditing by vulnerabilities system including an enterprise asset database, a compliance regulation including compliance controls, a known asset vulnerabilities database including details of publicly known asset vulnerabilities, compliance control associating functionality to associate each of a set of audited assets with at least a subset of compliance controls of the compliance regulation, the audited assets being a subset of the enterprise assets, vulnerability mapping functionality to map each compliance control to a subset of the known asset vulnerabilities which may impact compliance of at least one of the audited assets therewith, asset scanning functionality to scan each audited asset to ascertain to which publicly known asset vulnerabilities the audited asset is vulnerable to, and numeric compliance score calculating functionality to, responsive to the associating, mapping and scanning, calculate for each audited asset, a numeric compliance score for each compliance

Abstract: An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, the system including vulnerability information analyzing functionality to analyze preexisting vulnerability information, the preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, the at least one vulnerability having a preexisting CVSS score, the preexisting CVSS score being based at least partially on the preexisting vulnerability information, vulnerability information extraction functionality, responsive to the analyzing preexisting vulnerability information, to extract new vulnerability information, the new vulnerability information relating to the at least one of the at least one vulnerability and the at least one attack vector thereof, and CVSS score updating functionality to employ the new vulnerability information to update the preexisting CVSS score.

Abstract: An automated enterprise compliance auditing by vulnerabilities system including an enterprise asset database, a compliance regulation including compliance controls, a known asset vulnerabilities database including details of publicly known asset vulnerabilities, compliance control associating functionality to associate each of a set of audited assets with at least a subset of compliance controls of the compliance regulation, the audited assets being a subset of the enterprise assets, vulnerability mapping functionality to map each compliance control to a subset of the known asset vulnerabilities which may impact compliance of at least one of the audited assets therewith, asset scanning functionality to scan each audited asset to ascertain to which publicly known asset vulnerabilities the audited asset is vulnerable to, and numeric compliance score calculating functionality to, responsive to the associating, mapping and scanning, calculate for each audited asset, a numeric compliance score for each compliance