This specification relates to prioritizing asset remediations in a system of assets. An asset is a computer or other electronic device. A system of assets can be connected over one or more networks. For example, a home might have five assets, each of which are networked to each other and connected to the outside world through the Internet. As another example, a business might have three physically separate offices, each of which has many assets. The assets within each office and the assets across the offices can be connected over a network.
Each asset in a system of assets can be at risk from multiple threats at any given time. Each threat corresponds to a potential attack on the asset by a particular virus, malware, or other unauthorized entity. An attack occurs when the unauthorized entity exploits a known vulnerability of the asset in an attempt to access or control the asset. Some threats have known remediations that, if put in place for an asset, eliminate or reduce the risk that the threat will affect the asset. Some threats do not have known remediations.
System administrators must determine what remediations to apply to assets, and the order in which to apply the remediations. However, it can be difficult, especially in large asset systems, for a system administrator to easily prioritize application of remediations.