Patent · US Active

System, method, and computer program product for detecting and assessing security risks in a network

US10474828B2 · kind B2 · utility

13Cited by

18References

25Claims

0Family size

Assignee

Exabeam, Inc. · US

Inventors

Sylvain Gil · San Francisco, US
Domingo Mihovilovic · Menlo Park, US
Nir Polak · Palo Alto, US
Magnus Stensmo · San Jose, US
Sing Yip · San Francisco, US

Key dates

Filing date	Oct 3, 2018
Grant date	Nov 12, 2019
Priority date	—
Expiry date	Oct 3, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1433
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The present disclosure is directed to a system, method, and computer program for detecting and assessing security risks in an enterprise's computer network. A behavior model is built for a user in the network based on the user's interactions with the network, wherein a behavior model for a user indicates client device(s), server(s), and resources used by the user. The user's behavior during a period of time is compared to the user's behavior model. A risk assessment is calculated for the period of time based at least in part on the comparison between the user's behavior and the user's behavior model, wherein any one of certain anomalies between the user's behavior and the user's behavior model increase the risk assessment.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.