WORK PRIORITIZATION SYSTEM AND METHOD
First Claim
Patent Images
1. A method for prioritizing a work task within a plurality of work tasks, the method comprising:
- determining a task false positive rate for the work task;
determining an event materiality score based on the task false positive rate; and
prioritizing the work task within the plurality of work tasks based on the event materiality score.
1 Assignment
0 Petitions
Accused Products
Abstract
A work prioritization system and method that includes determining a task false positive rate for the work task. The work prioritization system and method may further include determining an event materiality score based on the task false positive rate and prioritizing the work task within the plurality of work tasks based on the event materiality score.
89 Citations
20 Claims
-
1. A method for prioritizing a work task within a plurality of work tasks, the method comprising:
-
determining a task false positive rate for the work task; determining an event materiality score based on the task false positive rate; and prioritizing the work task within the plurality of work tasks based on the event materiality score. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for prioritizing a plurality of work tasks, the system comprising:
-
a computer readable medium storing instructions, the instructions including; determining a task false positive rate for each of the plurality of work tasks; determining a risk value for each of the plurality of work tasks; determining an event materiality score for each of the plurality of work tasks based on the task false positive rate and the risk value; and prioritizing the plurality of work tasks based on their event materiality scores; a processor for implementing the instructions; and an output device for providing a prioritized list of the plurality of work tasks. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for prioritizing an investigation of an incident, the method comprising:
-
implementing a security policy; receiving an incident notification based on the incident associated with a violation of the security policy; determining a policy false positive rate for the security policy; determining a risk value for the incident notification; determining an event materiality score for the incident notification based on the policy false positive rate and the risk value; and prioritizing the investigation of the incident notification according to the event materiality score. - View Dependent Claims (17, 18, 19, 20)
-
Specification