Enterprise security measures
First Claim
Patent Images
1. An electronic computing device comprising:
- a processing unit; and
system memory, the system memory including instructions that, when executed by the processing unit, cause the electronic computing device to;
receive a vulnerability;
generate a user score for each of a plurality of users within an enterprise,wherein the user score is generated based on a set of characteristics including;
behavioral data, user device data, and user status data;
generate a threat score for the vulnerability;
based on the user score and the threat score, generate a composite score for each of the plurality of users within the enterprise;
generate a user rank using the user score generated for each of the plurality of users within the enterprise;
acquire the security patch that addresses the vulnerability; and
based on the composite score, implement a security measure across the enterprise in a sequential order according to the user rank;
wherein implementing the security measure includes publishing the security patch to the plurality of users according to the user rank.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for managing security within an enterprise includes a computing device that receives a vulnerability, generates a user score for each user within the enterprise and generates a threat score for the vulnerability. A user device score may also be generated for each device associated with a user. Based on the user score and the threat score, a composite score is generated. After acquiring a security measure, the security measure is implemented based on the composite score and, at times, the user score.
46 Citations
19 Claims
-
1. An electronic computing device comprising:
-
a processing unit; and system memory, the system memory including instructions that, when executed by the processing unit, cause the electronic computing device to; receive a vulnerability; generate a user score for each of a plurality of users within an enterprise, wherein the user score is generated based on a set of characteristics including;
behavioral data, user device data, and user status data;generate a threat score for the vulnerability; based on the user score and the threat score, generate a composite score for each of the plurality of users within the enterprise; generate a user rank using the user score generated for each of the plurality of users within the enterprise; acquire the security patch that addresses the vulnerability; and based on the composite score, implement a security measure across the enterprise in a sequential order according to the user rank; wherein implementing the security measure includes publishing the security patch to the plurality of users according to the user rank. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method, comprising:
-
receiving a vulnerability; generating a user score for each of a plurality of users within an enterprise; generating a threat score for the vulnerability, wherein the threat score is generated based on a third party vulnerability score and an internal vulnerability score; based on the user score and the threat score, generating a composite score; generating a user rank using the user score generated for each of the plurality of users, the user rank being generated for each of the plurality of users within the enterprise; receiving a security measure; and based on the composite score and the user rank, implementing the security measure across the enterprise in a sequential order according to the user rank, wherein implementing the security measure includes publishing a security patch to the plurality of users according to the user rank. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system for managing security within an enterprise, comprising:
a computer-readable, non-transitory data storage memory comprising instructions that, when executed by a processing unit of an electronic computing device, cause the processing unit to; receive a vulnerability; generate a user device score for each of a plurality of user devices within the enterprise based on user device data, wherein the user device data includes at least one of;
a type of a user device and a type of data processes used by the user device;generate a threat score for the vulnerability, wherein the threat score is generated based on a third party vulnerability score and an internal vulnerability score; based on the user device score and the threat score, generate a composite score; generate a user score for each of a plurality of users within the enterprise, wherein the user score is generated based on a set of characteristics including;
behavioral data and user status data;wherein the behavioral data include behavioral patterns and access patterns; and wherein the user status data includes at least one of;
a corporate rank of a user and a system access level for the user;generate a user rank using the user score for each of the plurality of users within the enterprise; acquire a security measure; and implement the security measure across the enterprise in a sequential order according to the composite score and the user rank, wherein implementing the security measure includes publishing a security patch to the plurality of users according to the user rank. - View Dependent Claims (18, 19)
Specification