Deutsche Telekom has filed a patent for a method of adaptive vulnerability management for computer systems. The method involves collecting vulnerability information, including cybersecurity vulnerabilities and exposures (CVEs), from a networked source. The collected information is then processed using natural language processing (NLP) to identify potential vulnerabilities in the computer system. A subset of the vulnerability information is stored in a database, and a search index is generated for accessing processed analytics of the vulnerability information. GlobalData’s report on Deutsche Telekom gives a 360-degree view of the company including its patenting strategy. Buy the report here.

According to GlobalData’s company profile on Deutsche Telekom, Payment actuated vending was a key innovation area identified from patents. Deutsche Telekom's grant share as of September 2023 was 66%. Grant share is based on the ratio of number of grants to total number of patents.

Method for adaptive vulnerability management of a computer system

Source: United States Patent and Trademark Office (USPTO). Credit: Deutsche Telekom AG

A recently filed patent (Publication Number: US20230319096A1) describes a method for adaptive vulnerability management of a computer system. The method involves collecting vulnerability information from a networked source, which includes a known vulnerability of a computer asset and a set of cybersecurity vulnerabilities and exposures (CVEs). System information of the computer system is also collected, including information about the computer asset. The vulnerability information and system information are then processed using natural language processing (NLP) to interpret some of the CVEs and identify potential vulnerabilities based on a correlation between the interpreted CVEs and the system information. A subset of the vulnerability information that does not match the system information is stored in a database, and a search index is generated based on text extracted from this subset to enable access to processed analytics of the vulnerability information.

The method also includes correlating the interpreted CVEs with the system information using a machine learning (ML) model trained based on the system information. This correlation involves calculating a Levenshtein distance between the known vulnerability and the computer asset, ranking the distance as a measure of relevance, and identifying potential vulnerabilities based on the rank. Additionally, a similarity analysis can be performed between the computer asset and a second computer asset associated with the vulnerability information to further correlate the CVEs with the system information.

The method further includes performing risk classification and prioritization of potential vulnerabilities using a multi-class boosted decision forests algorithm. Financial risk estimation of potential vulnerabilities can be done through risk valuation using a Monte Carlo simulation or other methods.

The vulnerability information can be collected from a publishing source, such as a public national vulnerability database (NVD) or a vendor of the computer asset. The method also allows for the identification of potential vulnerabilities for multiple computer assets based on the interpreted CVEs in a machine-readable format.

The patent also describes a vulnerability management system that includes a network interface for obtaining vulnerability information, processors for identifying vulnerabilities based on the information and inventory information of the computer assets, and a storage medium for storing a subset of the vulnerability information and generating a search index.

Overall, this patent presents a method and system for adaptive vulnerability management of computer systems, utilizing natural language processing, machine learning, and risk assessment techniques to identify and prioritize potential vulnerabilities based on collected vulnerability information and system information.

To know more about GlobalData’s detailed insights on Deutsche Telekom, buy the report here.

Data Insights

From

The gold standard of business intelligence.

Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.

GlobalData

GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.

GlobalData Patent Analytics tracks bibliographic data, legal events data, point in time patent ownerships, and backward and forward citations from global patenting offices. Textual analysis and official patent classifications are used to group patents into key thematic areas and link them to specific companies across the world’s largest industries.