METHOD AND SYSTEM FOR INTEGRATED CYBERSECURITY OPERATIONS

Organization Name

SAUDI ARABIAN OIL COMPANY

Inventor(s)

Soloman M. Almadi of Dhahran (SA)

METHOD AND SYSTEM FOR INTEGRATED CYBERSECURITY OPERATIONS

This abstract first appeared for US patent application 20240430285 titled 'METHOD AND SYSTEM FOR INTEGRATED CYBERSECURITY OPERATIONS

Original Abstract Submitted

systems and methods include a computer-implemented cybersecurity data analytics system. an asset inventory is determined that identifies systems in a network. a baseline activity of the systems is determined using the asset inventory. the determining includes monitoring the systems during a time in which cybersecurity is secure. a real-time model of endpoints is generated using the baseline activity. the real-time model of endpoints includes endpoints communicating between systems in the network and reflects the baseline activity of, and communication among, the endpoints during the time in which cybersecurity is secure. the systems are monitored, including detecting, using the real-time model of endpoints, cybersecurity-related anomalies in the network that deviate from the baseline activity. actionable alerts are generated by the cybersecurity data analytics system by using at least the detected cybersecurity-related anomalies. the actionable alerts are displayed in a user interface and notify of potential and actual process disruptions.