Abstract: Network entities of a network system are managed in an end-of-life context. A network system is scanned to determine network entities such as hardware devices and/or software applications. A network entity can be identified as vulnerable based on end-of-life data. A risk score for the vulnerable network entity is computed based on the end-of-life data and optionally other factors, and a potentially mitigating action is determined based on the risk score.

Abstract: Network entities of a network system are managed in an end-of-life context. A network system is scanned to determine network entities such as hardware devices and/or software applications. A network entity can be identified as vulnerable based on end-of-life data. A risk score for the vulnerable network entity is computed based on the end-of-life data and optionally other factors, and a potentially mitigating action is determined based on the risk score.

Abstract: A system for managing security within an enterprise includes a computing device that receives a vulnerability, generates a user score for each user within the enterprise and generates a threat score for the vulnerability. A user device score may also be generated for each device associated with a user. Based on the user score and the threat score, a composite score is generated. After acquiring a security measure, the security measure is implemented based on the composite score and, at times, the user score.

Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises a management system and method of handling unpatched users. When a user requests to access their user account or a network, the user is checked for type of browser the user is being used and which version of the browser is being used. If the user is using an unsecured or unpatched browser, the system offers to update the browser software or provide a virtual machine through the browser so that malware cannot transfer from the user computer to the network. The virtual machine can provide a virtual keyboard to protect the user's login credentials from a key logger. The user logs into the user account within the virtual machine.

Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of managing network entities. The innovation scans a network system to determine network entities, e.g. hardware devices and/or software applications. The innovation receives version information about hardware and software. The innovation compares version information to end-of-life information regarding the network entities. The innovation determines potential mitigating actions based on the comparison and creates an end-of-schedule for managing vendor contracts with regards to end-of-life network entities.

Abstract: One or more processors receive, from one or more social-network sources, social-network data that identifies at least one potentially malicious source accessing a plurality of social-network profiles for a group of users. The one or more processors receive, from one or more e-mail servers, e-mail data associated with a plurality of e-mail messages received by the group of users. The one or more processors determine, based on the social-network data and the e-mail data, that an e-mail message of the plurality of e-mail messages is from the at least one potentially malicious source. The one or more processors output information identifying the e-mail message as being from the potentially malicious source.

Abstract: A system for managing security within an enterprise includes a computing device that receives a vulnerability, generates a user score for each user within the enterprise and generates a threat score for the vulnerability. A user device score may also be generated for each device associated with a user. Based on the user score and the threat score, a composite score is generated. After acquiring a security measure, the security measure is implemented based on the composite score and, at times, the user score.

Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises a management system and method of handling unpatched users. When a user requests to access their user account or a network, the user is checked for type of browser the user is being used and which version of the browser is being used. If the user is using an unsecured or unpatched browser, the system offers to update the browser software or provide a virtual machine through the browser so that malware cannot transfer from the user computer to the network. The virtual machine can provide a virtual keyboard to protect the user's login credentials from a key logger. The user logs into the user account within the virtual machine.

Abstract: A system for managing security within an enterprise includes a computing device that receives a vulnerability, generates a user score for each user within the enterprise and generates a threat score for the vulnerability. A user device score may also be generated for each device associated with a user. Based on the user score and the threat score, a composite score is generated. After acquiring a security measure, the security measure is implemented based on the composite score and, at times, the user score.

Abstract: One or more processors receive, from one or more social-network sources, social-network data that identifies at least one potentially malicious source accessing a plurality of social-network profiles for a group of users. The one or more processors receive, from one or more e-mail servers, e-mail data associated with a plurality of e-mail messages received by the group of users. The one or more processors determine, based on the social-network data and the e-mail data, that an e-mail message of the plurality of e-mail messages is from the at least one potentially malicious source. The one or more processors output information identifying the e-mail message as being from the potentially malicious source.