Automated quantified assessment, recommendations and mitigation actions for enterprise level security operations

Assignee

• Anvilogic, Inc. · US

Inventors

• Karthik Kannan · Los Altos Hills, US
• Deb Banerjee · Cupertino, US
• Mackenzie Kyle · New York, US
• Benjamin Arnold · Sioux Falls, US
• Kevin Gonzalez · Miami, US
• Jeswanth Manikonda · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A dynamic threat landscape to which computer resources of a specific enterprise are subject is tracked. Data feeds maintained by a security system of the enterprise are assessed. The effectiveness of data feed utilization by the security system is quantified, relative to the threat landscape. Threat detection rules deployed by the security system are assessed, and the effectiveness thereof by the security system is quantified. Processing capability of alerts generated by threat detection rules and threat response capability may also be assessed and quantified. The effectiveness of the security system as a whole is automatically quantified, based on the tracked threat landscape, the quantifications of the effectiveness of data feed utilization, threat detection rule utilization, processing capability of alerts generated by threat detection rules and/or threat response capability. Recommendations concerning more effectively protecting the enterprise against specific threats are output. Actions are automatically taken to mitigate specific threats.