Abstract: A method for analyzing a network element may include assigning values to each of a plurality of vulnerabilities. The method may also include identifying a vulnerability associated with the network element and generating a risk indicator for the network element based on the assigned value associated with the identified vulnerability.

Abstract: A method for analyzing a network element may include assigning values to each of a plurality of vulnerabilities. The method may also include identifying a vulnerability associated with the network element and generating a risk indicator for the network element based on the assigned value associated with the identified vulnerability.

Abstract: Methods and apparatus for validating network alarms, such as alarms from an Intrusion Detection System (IDS). The methods and apparatus validate network threats or alarms by receiving a detected network alarm indicating potentially harmful network activity where the alarm including an alarm destination and an alarm type and obtaining port information of a host targeted by the alarm based on the alarm destination and alarm type. Additionally, a determination is made whether the port at the host is vulnerable to the network alarm based on the obtained port information and the alarm type, and a priority value is assigned to the alarm based at least on the determination of whether the port is vulnerable to the particular network alarm in order to assess validity of the network threat that has triggered the alarm.