International business machines corporation (20240114046). PRIORITIZATION OF ATTACK TECHNIQUES AGAINST AN ORGANIZATION simplified abstract
Contents
- 1 PRIORITIZATION OF ATTACK TECHNIQUES AGAINST AN ORGANIZATION
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 PRIORITIZATION OF ATTACK TECHNIQUES AGAINST AN ORGANIZATION - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Unanswered Questions
- 1.11 Original Abstract Submitted
PRIORITIZATION OF ATTACK TECHNIQUES AGAINST AN ORGANIZATION
Organization Name
international business machines corporation
Inventor(s)
Constantin Mircea Adam of Norwalk CT (US)
Muhammed Fatih Bulut of Auburndale MA (US)
Steven Ocepek of Cuyahoga Falls OH (US)
PRIORITIZATION OF ATTACK TECHNIQUES AGAINST AN ORGANIZATION - A simplified explanation of the abstract
This abstract first appeared for US patent application 20240114046 titled 'PRIORITIZATION OF ATTACK TECHNIQUES AGAINST AN ORGANIZATION
Simplified Explanation
The patent application relates to a system for prioritizing cyber security events based on risk factors.
- The system includes an attack prioritization engine that ranks security events according to risk.
- A mapping component links vulnerabilities to attack techniques.
- A calculation component aggregates scores for attack techniques.
- An attack surface component ranks attack techniques based on aggregated scores.
- The mapping component also maps security events to attack techniques.
Potential Applications
This technology can be applied in various industries such as finance, healthcare, and government to prioritize cyber security events and allocate resources effectively.
Problems Solved
This technology helps organizations identify and address high-risk cyber security events promptly, reducing the likelihood of successful cyber attacks and minimizing potential damage.
Benefits
The system enhances overall cyber security posture by prioritizing security events based on risk factors, allowing organizations to focus on addressing the most critical threats first.
Potential Commercial Applications
Potential commercial applications of this technology include offering cyber security services to businesses, developing security software solutions, and providing consulting services to improve cyber security strategies.
Possible Prior Art
One possible prior art could be the use of machine learning algorithms to prioritize cyber security events based on risk factors. Another could be the mapping of vulnerabilities to attack techniques to enhance threat detection and response capabilities.
Unanswered Questions
How does the system handle real-time security events and adapt to new threats?
The patent abstract does not provide details on the system's ability to handle real-time security events and adapt to emerging cyber threats.
What types of cyber security events are prioritized by the system?
The abstract does not specify the specific types of cyber security events that the system prioritizes based on risk factors.
Original Abstract Submitted
one or more systems, devices, computer program products and/or computer-implemented methods provided herein relate to prioritization of attack techniques and cyber security events. according to an embodiment, an attack prioritization engine can receive security events, train an artificial intelligence model to rank respective cyber security events as a function of risk, and output a prioritization of security events to address. a mapping component can map asset vulnerabilities to attack techniques. a calculation component can calculate and aggregate scores for respective attack techniques. an attack surface component can extract features from the aggregation of scores to rank attack techniques and determine an attack surface. the mapping component can further map security events to the attack techniques.
