AUTOMATED PRIORITIZATION OF PROCESS-AWARE CYBER RISK MITIGATION

AUTOMATED PRIORITIZATION OF PROCESS-AWARE CYBER RISK MITIGATION

Implementations are directed to receiving graph data representative of a process-aware AAG (410) that is representative of potential lateral movement of adversaries within a computer network, receiving risk profile data (412) representative of a risk profile of an enterprise with respect to two or m...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ENGELBERG, Gal, RAM, Tomer, KLEIN, Dan
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Implementations are directed to receiving graph data representative of a process-aware AAG (410) that is representative of potential lateral movement of adversaries within a computer network, receiving risk profile data (412) representative of a risk profile of an enterprise with respect to two or more risk aspects, generating, by a process-aware risk assessment module (402), a risk assessment based on the process-aware AAG and the risk profile, and generating, by a mitigation simulator module (404), a mitigation list (416) based on the process-aware AAG, the risk profile, and the risk assessment, the mitigation list comprising a prioritized list of two or more facts of the process-aware AAG. Other implementations of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices.