Using a risk profile associated with a service, application, and/or other process to optimize deployment of security measures is disclosed in co-pending U.S. patent application Ser. No. 10/677,730 (the '730 Application), which is incorporated by reference above. The '730 Application describes, inter alfa, calculating a risk profile for a host service based on such factors as which, if any external ports the service communicates on and, if applicable, the risk profile of services, applications, and/or other processes with which the service interacts and through which the service to be protected may be vulnerable to indirect attack, e.g., by virtue of the fact that such other services, applications, and/or processes communicate via external ports.
However, certain services, applications, or processes may be exposed to indirect attack through asynchronous interaction with objects created, modified, accessed, or otherwise affected at a prior time by another service, application, or process that has a higher level of risk associated with it. For example, a first application may be configured to generate as output a file, data, or other object that is stored in memory (e.g., in the file system, a database, and/or otherwise) by the first application, and a second application configured to access the stored object from memory at a later time, such that no direct, live connection between the first and second applications ever exists. For such asynchronous interactions, a system or process configured to monitor for live interactions and adjust the risk profile of one or the other of the applications (or services or other processes) accordingly would not observe an asynchronous interaction such as through a stored file, data, or other object. Therefore, there is a need for a way to factor risks to which a service, application, or other process may be exposed through asynchronous interaction with objects stored by another service, application, or other process.