System for monitoring and addressing events based on triplet metric analysis
First Claim
1. A system for monitoring and addressing events based on triplet metric analysis, the system comprising:
- one or more memory devices; and
one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute computer-readable program code to;
transmit control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset;
receive the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages;
apply an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset;
identify a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor;
identify a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means;
identify a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset;
calculate a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
R=|avb|sin(θ
)sin(φ
)wherein;
R is the threat-based exposure value calculated with the threat-based exposure model;
a is the identified threat actor value;
v is the identified threat means value;
b is the identified targeted asset value;
θ
is a degree of relation between the threat actor and the threat means; and
φ
is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;
calculate a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets;
in response to calculating the threat-based exposure value, transmit control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model;
receive, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and
in response to receiving instructions to print the threat-based exposure model, transmit control signals configured to cause a three-dimensional printer system to print the threat-based exposure model.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide a system for monitoring and addressing events based on triplet metric analysis. In some embodiments, the system transmits control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmits the new data input back to the system. From the new data input, the system may identify actors, actor values, means, means values, assets, and asset values associated with certain events. The system may then determine a model based on the new data input and transmit control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the model.
13 Citations
12 Claims
-
1. A system for monitoring and addressing events based on triplet metric analysis, the system comprising:
-
one or more memory devices; and one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute computer-readable program code to; transmit control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset; receive the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages; apply an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset; identify a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor; identify a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means; identify a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset; calculate a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
R=|avb|sin(θ
)sin(φ
)wherein; R is the threat-based exposure value calculated with the threat-based exposure model; a is the identified threat actor value; v is the identified threat means value; b is the identified targeted asset value; θ
is a degree of relation between the threat actor and the threat means; andφ
is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;calculate a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets; in response to calculating the threat-based exposure value, transmit control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model; receive, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and in response to receiving instructions to print the threat-based exposure model, transmit control signals configured to cause a three-dimensional printer system to print the threat-based exposure model. - View Dependent Claims (2, 3, 4)
-
-
5. A computer program product for monitoring and addressing events based on triplet metricanalysis, the computer program product comprising at least one non-transitory computer readable medium comprising computer readable instructions, the instructions comprising instructions for:
-
transmitting control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset; receiving the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages; applying an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset; identifying a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor; identifying a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means; identifying a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset; calculating a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
R=|avb|sin(θ
)sin(φ
)wherein; R is the threat-based exposure value calculated with the threat-based exposure model; a is the identified threat actor value; v is the identified threat means value; b is the identified targeted asset value; θ
is a degree of relation between the threat actor and the threat means; andφ
is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;calculating a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets; in response to calculating the threat-based exposure value, transmitting control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model; receiving, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and in response to receiving instructions to print the threat-based exposure model, transmitting control signals configured to cause a three-dimensional printer system to print the threat-based exposure model. - View Dependent Claims (6, 7, 8)
-
-
9. A computer implemented method for monitoring and addressing events based on triplet metric analysis, said computer implemented method comprising:
-
transmitting control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset; receiving the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages; applying an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset; identifying a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor; identifying a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means; identifying a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset; calculating a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
R=|avb|sin(θ
)sin(φ
)wherein; R is the threat-based exposure value calculated with the threat-based exposure model; a is the identified threat actor value; v is the identified threat means value; b is the identified targeted asset value; θ
is a degree of relation between the threat actor and the threat means; andφ
is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;calculating a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets in response to calculating the threat-based exposure value, transmitting control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model; receiving, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and in response to receiving instructions to print the threat-based exposure model, transmitting control signals configured to cause a three-dimensional printer system to print the threat-based exposure model. - View Dependent Claims (10, 11, 12)
-
Specification