WORK PRIORITIZATION SYSTEM AND METHOD

US 20080168453A1
Filed: 01/08/2008
Published: 07/10/2008
Est. Priority Date: 01/09/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for prioritizing a work task within a plurality of work tasks, the method comprising:

determining a task false positive rate for the work task;

determining an event materiality score based on the task false positive rate; and

prioritizing the work task within the plurality of work tasks based on the event materiality score.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A work prioritization system and method that includes determining a task false positive rate for the work task. The work prioritization system and method may further include determining an event materiality score based on the task false positive rate and prioritizing the work task within the plurality of work tasks based on the event materiality score.

89 Citations

View as Search Results

20 Claims

1. A method for prioritizing a work task within a plurality of work tasks, the method comprising:
- determining a task false positive rate for the work task;
  
  determining an event materiality score based on the task false positive rate; and
  
  prioritizing the work task within the plurality of work tasks based on the event materiality score.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising the step of determining a risk value for the work task, wherein the event materiality score is determined from the risk value.
  - 3. The method of claim 2, wherein the risk value is based on a total number of violations associated with the work task.
  - 4. The method of claim 1, wherein the work task includes an investigation of an incident notification triggered by a violation of a software policy.
  - 5. The method of claim 4, wherein a policy false positive rate is associated with the software policy, wherein determining the task false positive rate is based on the policy false positive rate associated with the software policy.
  - 6. The method of claim 4, wherein determining the event materiality score is also based on a total number of software policies triggered and associated with the work task.
  - 7. The method of claim 1, further comprising providing a prioritized list of the plurality of work tasks.

8. A system for prioritizing a plurality of work tasks, the system comprising:
- a computer readable medium storing instructions, the instructions including;
  
  determining a task false positive rate for each of the plurality of work tasks;
  
  determining a risk value for each of the plurality of work tasks;
  
  determining an event materiality score for each of the plurality of work tasks based on the task false positive rate and the risk value; and
  
  prioritizing the plurality of work tasks based on their event materiality scores;
  
  a processor for implementing the instructions; and
  
  an output device for providing a prioritized list of the plurality of work tasks.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The system of claim 8, wherein the instructions further include associating a policy false positive rate with each software policy, wherein determining the task false positive rate is based on the policy false positive rate associated with a violated software policy.
  - 10. The system of claim 9, wherein for each work task, the task false positive rate is a lowest policy false positive rate associated with one or more violated software policies.
  - 11. The system of claim 8, wherein each of the plurality of work tasks is triggered by a violation of a software policy.
  - 12. The system of claim 11, wherein the risk value is based on a total number of violations associated with the software policy.
  - 13. The system of claim 8, wherein the instructions further include providing the prioritized list of the plurality of work tasks to the output device.
  - 14. The system of claim 8, wherein the event materiality score is determined by the risk value multiplied by a sum of one (1) minus the task false positive rate.
  - 15. The system of claim 8, wherein determining the event materiality score is based on a total number of software policies triggered and associated with each work task.

16. A method for prioritizing an investigation of an incident, the method comprising:
- implementing a security policy;
  
  receiving an incident notification based on the incident associated with a violation of the security policy;
  
  determining a policy false positive rate for the security policy;
  
  determining a risk value for the incident notification;
  
  determining an event materiality score for the incident notification based on the policy false positive rate and the risk value; and
  
  prioritizing the investigation of the incident notification according to the event materiality score.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein the risk value is based on a total number of violations of the security policy.
  - 18. The method of claim 16, wherein the risk value is one of a plurality of values, wherein each of the plurality of values is associated with one of a plurality of categories.
  - 19. The method of claim 16, further comprising investigating the incident, determining whether the incident is a false positive, and updating the policy false positive rate based on the determination whether the incident is a false positive.
  - 20. The method of claim 16, further comprising providing a priority number for the investigation of the incident to an output device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Caterpillar Incorporated
Original Assignee
Caterpillar Incorporated
Inventors
Ludlow, Gram M., Hutson, James O., Wagner, Todd M.

Application Number

US11/970,577
Publication Number

US 20080168453A1
Time in Patent Office

Days
Field of Search
US Class Current

718/103
CPC Class Codes

G06F 21/552 involving long-term monitor...

WORK PRIORITIZATION SYSTEM AND METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

89 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

WORK PRIORITIZATION SYSTEM AND METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links