SYSTEMS AND METHODS FOR INTELLIGENT CYBER SECURITY THREAT DETECTION AND INTELLIGENT VERIFICATION-INFORMED HANDLING OF CYBER SECURITY EVENTS THROUGH AUTOMATED VERIFICATION WORKFLOWS

Organization Name

Expel, Inc.

Inventor(s)

Peter Silberman of Rockville MD (US)

Jonathan Hencinski of Herndon VA (US)

Dan Whalen of Herndon VA (US)

Roger Studner of Herndon VA (US)

SYSTEMS AND METHODS FOR INTELLIGENT CYBER SECURITY THREAT DETECTION AND INTELLIGENT VERIFICATION-INFORMED HANDLING OF CYBER SECURITY EVENTS THROUGH AUTOMATED VERIFICATION WORKFLOWS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240028714 titled 'SYSTEMS AND METHODS FOR INTELLIGENT CYBER SECURITY THREAT DETECTION AND INTELLIGENT VERIFICATION-INFORMED HANDLING OF CYBER SECURITY EVENTS THROUGH AUTOMATED VERIFICATION WORKFLOWS

Simplified Explanation

The abstract describes a system and method for automated verification of a cybersecurity event. It involves identifying a cybersecurity event, constructing a response-enabled verification communication, and transmitting it to the subscriber associated with the event. The verification communication includes event-descriptive content, a selectable object to increase threat severity, and a selectable object to de-escalate threat severity. The cybersecurity event is then routed based on subscriber input.

• The system automates the verification process of a cybersecurity event.
• It constructs a response-enabled verification communication based on the features of the event.
• The communication includes event-descriptive content, allowing the subscriber to understand the event.
• It includes selectable objects to increase or decrease the threat severity level of the event.
• The subscriber can select the objects to escalate or de-escalate the severity accordingly.
• The cybersecurity event is then routed based on the subscriber's input, either escalating or de-escalating the threat.

Potential applications of this technology:

• Enhancing cybersecurity incident response by automating the verification process.
• Streamlining communication between subscribers and cybersecurity teams.
• Enabling subscribers to actively participate in threat severity management.

Problems solved by this technology:

• Manual verification of cybersecurity events can be time-consuming and prone to errors.
• Communication between subscribers and cybersecurity teams may be inefficient or delayed.
• Managing threat severity levels manually can be challenging and may lead to misjudgments.

Benefits of this technology:

• Faster and more accurate verification of cybersecurity events.
• Improved communication and collaboration between subscribers and cybersecurity teams.
• Enhanced threat severity management, allowing for timely and appropriate responses.

Original Abstract Submitted

a system and method for automated verification of a cybersecurity event includes identifying a cybersecurity event of a subscriber; automatically constructing a response-enabled verification communication based on one or more features of the cybersecurity event satisfying verification-initiating criteria of an automated verification-initiation workflow, and transmitting the response-enabled verification communication to the subscriber associated with the cybersecurity event, wherein the response-enabled verification communication includes: one or more pieces of event-descriptive content; a first selectable interface object that, when selected by the subscriber, automatically increases a threat severity level of the cybersecurity event; and a second selectable interface object that, when selected by the subscriber, automatically de-escalates the threat severity level of the cybersecurity event causing a disposal of the cybersecurity event; and automatically routing the cybersecurity event to one of a cybersecurity threat escalation route and a cybersecurity threat de-escalation route based on subscriber input.