SECURITY RISK MANAGEMENT

US 20160330231A1
Filed: 07/22/2016
Published: 11/10/2016
Est. Priority Date: 09/09/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving traces of activities of an online user who is associated with an entity; and

inferring by analysis of the traces a security state of the entity.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Among other things, traces are received of activities of an online user who is associated with an entity. By analysis of the traces a security state of the entity is inferred. Also, a map is generated between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets. At least part of the generating of the map is done automatically. A user can be engaged to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities.

18 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving traces of activities of an online user who is associated with an entity; and
  
  inferring by analysis of the traces a security state of the entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1 in which the traces indicate successful attacks on computer systems of the entity.
  - 3. The method of claim 1 comprising distinguishing between traces that represent a less satisfactory security state of the entity and traces that represent a more satisfactory security state of the entity.
  - 4. The method of claim 1 in which the analysis comprises a comparison of traces that originated in different contexts of the user'"'"'s online activities.
  - 5. The method of claim 4 in which the different contexts comprise different times.
  - 6. The method of claim 5 in which the traces that originated at one of the times reflect a user deletion relative to the traces that originated at an earlier time.
  - 7. The method of claim 6 in which the traces that originated at one of the times reflect a user deletion of malicious data or code relative to the traces at the earlier time.
  - 8. The method of claim 4 in which the different contexts comprise a context the security of which is controlled by the entity and a context the security of which is at least partly uncontrolled by the entity.
  - 9. The method of claim 8 in which the controlled context comprises a computer system or device made accessible by the entity to the user, and the partly uncontrolled context comprises a computer system or device owned by the user.
  - 10. The method of claim 4 in which the traces comprise tracking of an identity of the online user between two of the different contexts.
  - 11. The method of claim 10 in which the tracking comprises cookies associated with advertising directed to the online user.
  - 12. The method of claim 1 in which the traces comprise indications of security checks made with respect to communications associated with the user.
  - 13. The method of claim 12 in which the security checks comprise indications of whether email messages conform to DomainKeys Identified Mail standards or email domains conform to Sender Policy Framework.
  - 14. The method of claim 1 in which the traces of activities comprise logs of online activities of employees of the entity.
  - 15. The method of claim 1 in which the traces of activities comprise information associated with a user device that represents online activities.
  - 16. The method of claim 15 in which the information associated with the user device comprises information about one or more cookies stored in a memory of the user device.
  - 17. The method of claim 1 in which the traces of activities comprise information about social media activities.
  - 18. The method of claim 1 in which the traces of activities comprise information about email communications.
  - 19. The method of claim 1 in which the traces of activities comprise information about content presented to the online user.
  - 20. The method of claim 1 in which the traces of activities comprise information about receipt by the online user of malicious mail and the compromise of a domain identified as an origin of the malicious mail.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BitSight Technologies, Inc.
Original Assignee
BitSight Technologies, Inc.
Inventors
Gladstone, Philip John Steuart, Kirby, Alan Joseph, Truelove, John Matthew, Feinzeig, David, Venna, Nagarjuna, Boyer, Stephen

Granted Patent

US 10,326,786 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 3/0484   for the control of specific...

G06Q 30/0277   Online advertisement

G06Q 50/01   Social networking

H04L 61/4511   using domain name system [DNS]

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

SECURITY RISK MANAGEMENT

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

18 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURITY RISK MANAGEMENT

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links