AUTOMATED PRIORITIZATION OF CYBER RISK MITIGATION BY SIMULATING EXPLOITS

AUTOMATED PRIORITIZATION OF CYBER RISK MITIGATION BY SIMULATING EXPLOITS

Implementations include receiving graph data representative of a process-aware analytical attack graph (AAG) representing paths within an enterprise network with respect to observed facts of the enterprise network, the process-aware AAG at least partially defining a digital twin of the enterprise ne...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Genachowski, Asher, Engelberg, Gal, Klein, Dan, Hadar, Eitan
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Implementations include receiving graph data representative of a process-aware analytical attack graph (AAG) representing paths within an enterprise network with respect to observed facts of the enterprise network, the process-aware AAG at least partially defining a digital twin of the enterprise network, receiving data indicating at least one non-observed fact of the enterprise network, generating, from the graph data and the received data, an augmented process-aware AAG representing paths within the enterprise network with respect to the observed facts and the at least one non-observed fact, determining, by a process-aware risk assessment module, a risk assessment based on the augmented process-aware AAG, and providing, by a mitigation simulator module, a mitigation list based on the process-aware AAG and the risk assessment, the mitigation list comprising a prioritized list of observed facts of the process-aware AAG.