User risk scoring based on role and event risk scores
US12323427B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 22, 2022 |
| Grant date | Jun 3, 2025 |
| Priority date | — |
| Expiry date | Jun 8, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Disclosed are techniques for monitoring internal security vulnerabilities in an enterprise based on determining composite risk scores for enterprise users. A method can include receiving information about an enterprise user, such as their role, identifying risks associated with the role, determining, based on the risks, a role-based risk score for the user, receiving, event alerts from a network security detection system, each event alert having been generated by the network security detection system identifying network activity on the enterprise's network that satisfies one or more security event rules indicative of a potential network security issue, determining that one or more of the event alerts are associated with the user in the enterprise to generate user-event pairings, determining, based on the user-event pairings, an event-based risk score for the user, and generating a composite risk score for the user based on aggregating the role-based risk score and the event-based risk score.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.