Abstract: Embodiments of the present invention are directed to a method and system for automated risk analysis. The method includes accessing host configuration information of a host and querying a vulnerability database based on the host configuration information. The method further includes receiving a list of vulnerabilities and accessing a plurality of vulnerability scores. The list of vulnerabilities corresponds to vulnerabilities of the host. Vulnerabilities can be removed from the list based on checking for installed fixes corresponding to vulnerability. A composite risk score can then be determined for the host and each software product of the host based on the plurality of vulnerability scores. An aggregate risk score can then be determined for the host and each software product of the host based on the plurality of vulnerability scores.

Abstract: A system and method for determining the model information of a device. A mapping database that maps a plurality of network device identifiers of a set of devices to model information of the devices may be automatically created. A request to determine model information of an unknown based on a network device identifier of the unknown device may then be received. The database may be analyzed to determine the model information of the unknown device. For example, the model information of the unknown device may be determined by extrapolating it based on the network device identifier of the device and the database information.

Abstract: A computer-implemented method for mapping network topologies may include (1) identifying a network including a plurality of network switches and a plurality of host systems, (2) identifying a host system within the plurality of host systems connected to the network via a network switch within the plurality of network switches, (3) refreshing an address of the host system within the network switch, (4) allowing the address of the host system to expire from each network switch within the plurality of network switches except the network switch, (5) transmitting a probing frame from a probing host system within the plurality of host systems to the address of the host system, (6) identifying a subset of host systems within the plurality of host systems that received the probing frame, and then (7) mapping a topology of the network based on the identified subset. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Embodiments of the present invention are directed to a method and system for automated risk analysis. The method includes accessing host configuration information of a host and querying a vulnerability database based on the host configuration information. The method further includes receiving a list of vulnerabilities and accessing a plurality of vulnerability scores. The list of vulnerabilities corresponds to vulnerabilities of the host. Vulnerabilities can be removed from the list based on checking for installed fixes corresponding to vulnerability. A composite risk score can then be determined for the host and each software product of the host based on the plurality of vulnerability scores. An aggregate risk score can then be determined for the host and each software product of the host based on the plurality of vulnerability scores.