Abstract: Disclosed embodiments include receiving network data associated with a first system of a network. The network data may comprise first data, second data, third data, fourth data, fifth data, and sixth data. The method may quantify, the first data, the second data, the third data, the fourth data, the fifth data, and the sixth data. The method may further determine, a risk parameter based on the quantifying. The method may generate, a vulnerability risk profile for a vulnerability based on the risk parameter. The vulnerability profile may indicate a security weakness of the first system or the second system. The method may determine, based on the security weakness of the first system or the second system, a remediation protocol for minimizing the security weakness of the first system of the network or the second system of the network.

Abstract: Disclosed are methods and systems for assessing system risks associated with one or more assets coupled to a network and mitigating against said system risks. According to one implementation, a method for assessing a system risk comprises receiving network data associated with a first asset communicatively coupled to a network, quantifying the network data, and generating a risk parameter using the quantified network data and vulnerability data associated with the network. The method further comprises determining, based on the risk parameter that a security risk of a first asset of the network is higher than the security risk of a second asset of the network. Upon this determining, the method initiates remediation operations that first secure the first asset on the network against a security breach to the network.

Abstract: Embodiments disclosed herein are directed to intelligent malware detection. A scanner server is used to scan an endpoint device for malware. Various attributes and behaviors of the endpoint device are identified in retrieved scan data. Identified attributes and behaviors are then evaluated according to a malware detection framework, which is used to determine whether (as well as to what extent) the identified attributes and behaviors are indicative of malware. In this manner, potential security risks associated with the malware may be identified. The framework is constructed through a machine learning process that aggregates attributes and behaviors common amongst members of malware families. Advantageously, the framework enables the scanner server to detect unknown variants of known malware families.