SYSTEM AND METHOD FOR PERFORMING VULNERABILITY ASSESSMENT OF A COMPUTER NETWORK

摘要

The invention provides a system and method for performing vulnerability assessment of a distributed computing network. The system and method may involve extracting vulnerability data from scan results generated by each computer accessible via the network, and then using the extracted vulnerability data to determine if each vulnerability is previously detected. If a vulnerability is previously detected, historical data relating to such vulnerability are retrieved from a database (209), in which the historical data are used to identify whether the vulnerability is detected in a repeated scanning task. The vulnerability data is also analysed if the vulnerability detected in the repeated scanning task still remains unresolved. A penalty will be assigned to the vulnerability that remains unresolved in the repeated scanning task. On the contrary, a time for resolving the vulnerability is computed if it is not previously detected or if it is not detected in the repeated scanning task.