×

Synthetic cyber-risk model for vulnerability determination

  • US 10,044,746 B2
  • Filed: 01/06/2017
  • Issued: 08/07/2018
  • Est. Priority Date: 11/11/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving information associated with a cyberthreat from an external source, wherein the cyberthreat is associated with one or more objectives;

    using the information, mapping one or more characteristics of the cyberthreat into one or more instructions, wherein the one or more instructions when executed in a target network perform multiple steps to simulate an existence of the cyberthreat within the target network without implementing the one or more objectives of the cyberthreat in the target network;

    determining one or more agents to execute the one or more instructions;

    initiating execution of the one or more instructions by the one or more agents to simulate the existence of the cyberthreat within the target network;

    receiving feedback including a progression of the multiple steps identifying how the target network responds to the simulated existence of the cyberthreat within the target network;

    using the feedback, determining whether one of the multiple steps to simulate the cyberthreat has failed in the target network; and

    responsive to determining that one of the multiple steps has failed, replacing at least one instruction for the failed step with at least one additional instruction to be executed by the one or more agents or one or more additional agents in the target network.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×