Dynamic grouping of users in an enterprise and watch list generation based on user risk scoring
US12273350B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 22, 2022 |
| Grant date | Apr 8, 2025 |
| Priority date | — |
| Expiry date | Jun 25, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1433
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Disclosed are techniques for identifying users within an enterprise who pose heightened security risks to the enterprise. A method can include receiving, by a computing system, information about users in the enterprise, grouping the users into groups based on at least one grouping feature and the user information, the at least one grouping feature including, for each of the users, behavior, activity, role, department, region, role-based risk score, event-based risk score, and/or composite risk score, identifying, for each group, normalized behavior of users in the group, generating, for each user in each group, a composite risk score based on deviation of the user's activity from the normalized behavior of the group, identifying, for each group, a subset of users in the group to be added to a watch list, and adding the subset of users to the watch list.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.