Automated prioritization of cyber risk mitigation by simulating exploits

Assignee

• ACCENTURE GLOBAL SOLUTIONS LIMITED · IE

Inventors

• Gal Engelberg · Pardes Hana-Karkur, IL
• Dan Klein · Neve Yaraq, IL
• Eitan Hadar · Nesher, IL
• Asher Genachowski · Shoham, IL

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06T17/20
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Implementations include receiving graph data representative of a process-aware analytical attack graph (AAG) representing paths within an enterprise network with respect to observed facts of the enterprise network, the process-aware AAG at least partially defining a digital twin of the enterprise network, receiving data indicating at least one non-observed fact of the enterprise network, generating, from the graph data and the received data, an augmented process-aware AAG representing paths within the enterprise network with respect to the observed facts and the at least one non-observed fact, determining, by a process-aware risk assessment module, a risk assessment based on the augmented process-aware AAG, and providing, by a mitigation simulator module, a mitigation list based on the process-aware AAG and the risk assessment, the mitigation list comprising a prioritized list of observed facts of the process-aware AAG.