Patent attributes
A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynamic risk score for each data record; (4) storing, by a risk record register, a risk record for each data record, wherein the risk record may include the dynamic risk score, a priority level, an identifier for a software application, and a software dependency; (5) selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores; (6) implementing, by the risk record register, the selected control policy; (7) monitoring, by the risk record register, implementation of the control policy; and (8) updating, by the risk record register, the control policy selection engine based on the monitoring.
