Systems and methods for personalizing security incident reports
First Claim
1. A computer-implemented method for personalizing security incident reports, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients assigned to the security incidents as labels;
training a supervised machine learning function on the training dataset using the response codes that the set of clients assigned to the security incidents such that the supervised machine learning function learns how to predict an assignment of future response codes to future security incidents;
applying the trained supervised machine learning function to a feature vector that describes a new security incident, as one of the future security incidents, on the set of clients to predict that the set of clients will ignore the new security incident; and
personalizing a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident based on applying the trained supervised machine learning function to the feature vector that describes the new security incident.
6 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for personalizing security incident reports may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients previously assigned to the security incidents as labels, (ii) training a supervised machine learning function on the training dataset using the response codes that the set of clients previously assigned to the security incidents, (iii) applying the supervised machine learning function to a feature vector that describes a new security incident on the set of clients to predict that the set of clients will ignore the new security incident, and (iv) personalizing a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident. Other methods, systems, and computer-readable media are also disclosed.
-
Citations
20 Claims
-
1. A computer-implemented method for personalizing security incident reports, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients assigned to the security incidents as labels; training a supervised machine learning function on the training dataset using the response codes that the set of clients assigned to the security incidents such that the supervised machine learning function learns how to predict an assignment of future response codes to future security incidents; applying the trained supervised machine learning function to a feature vector that describes a new security incident, as one of the future security incidents, on the set of clients to predict that the set of clients will ignore the new security incident; and personalizing a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident based on applying the trained supervised machine learning function to the feature vector that describes the new security incident. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for personalizing security incident reports, the system comprising:
-
a generation module, stored in memory, that generates, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients assigned to the security incidents as labels; a training module, stored in memory, that trains a supervised machine learning function on the training dataset using the response codes that the set of clients assigned to the security incidents such that the supervised machine learning function learns how to predict an assignment of future response codes to future security incidents; an application module, stored in memory, that applies the trained supervised machine learning function to a feature vector that describes a new security incident, as one of the future security incidents, on the set of clients to predict that the set of clients will ignore the new security incident; a personalizing module, stored in memory, that personalizes a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident based on applying the trained supervised machine learning function to the new security incident; and at least one physical processor configured to execute the generation module, the training module, the application module, and the personalizing module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
generate, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients assigned to the security incidents as labels; train a supervised machine learning function on the training dataset using the response codes that the set of clients assigned to the security incidents such that the supervised machine learning function learns how to predict an assignment of future response codes to future security incidents; apply the trained supervised machine learning function to a feature vector that describes a new security incident, as one of the future security incidents, on the set of clients to predict that the set of clients will ignore the new security incident; and personalize a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident based on applying the trained supervised machine learning function to the feature vector that describes the new security incident.
-
Specification