One of the core challenges in enterprise network security is prioritization: not every asset on a network is equally critical, and not every vulnerability is equally dangerous. An organization may have thousands of endpoints, hundreds of servers, and dozens of critical applications — all with vulnerabilities that need to be addressed. The question is which to fix first.
This patent addresses that challenge through a systematic approach to "operational dependence scoring" — measuring not just the intrinsic risk of a network asset, but its centrality to organizational operations. An asset that many other systems depend upon, or that is on the critical path of key business processes, should receive higher priority than an equivalent asset that is less operationally central, even if their individual vulnerability profiles are similar.
The patent describes a system that automatically maps the dependency relationships between network assets — understanding which systems call which other systems, which are load-balanced, which are redundant, and which represent single points of failure — and uses this map to compute scores that reflect operational risk rather than merely technical risk. The result is a prioritization system that aligns security investment with actual business impact.
This work reflects Stuart McClure's deep background in enterprise network security, developed through years of building vulnerability assessment methodologies at Foundstone and serving as Global CTO at McAfee. The patent takes that practical expertise and formalizes it into a systematic, automatable approach that can scale to the complexity of modern enterprise networks.