SYNTHETIC CYBER-RISK MODEL FOR VULNERABILITY DETERMINATION
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and device are presented for assessing a target network'"'"'s vulnerability to a real cyberthreat based on determining policy-based synthetic tests configured to model the behavior of the cyberthreat. Real-time feedback from the target network (e.g., servers, desktops, and network/monitoring hardware and/or software equipment) are received, analyzed, and used to determine whether any modifications to the same or a new synthesized test is preferred. The technology includes self-healing processes that, using the feedback mechanisms, can attempt to find patches for known vulnerabilities, test for unknown vulnerabilities, and configure the target network'"'"'s resources in accordance with predefined service-level agreements.
3 Citations
50 Claims
-
1-26. -26. (canceled)
-
27. A method comprising:
-
receiving information associated with a cyberthreat from an external source; using the information, identifying one or more instructions that when executed in a target network simulate an existence of the cyberthreat within the target network without executing and without implementing the cyberthreat in the target network; determining one or more agents to execute the one or more instructions; initiating execution of the one or more instructions by the one or more agents to simulate the existence of the cyberthreat within the target network; and receiving feedback identifying how the target network responds to the simulated existence of the cyberthreat within the target network. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34)
-
-
35. A non-transitory computer readable storage medium containing computer-executable instructions that, when executed by at least one processor, cause the at least one processor to:
-
receive information associated with a cyberthreat from an external source; using the information, identify one or more instructions that when executed in a target network simulate an existence of the cyberthreat within the target network without executing and without implementing the cyberthreat in the target network; determine one or more agents to execute the one or more instructions; initiate execution of the one or more instructions by the one or more agents to simulate the existence of the cyberthreat within the target network; and receive feedback identifying how the target network responds to the simulated existence of the cyberthreat within the target network. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42)
-
-
43. An apparatus comprising:
-
at least one processor; and at least one memory storing computer-executable instructions that when executed cause the at least one processor to; receive information associated with a cyberthreat from an external source; using the information, identify one or more instructions that when executed in a target network simulate an existence of the cyberthreat within the target network without executing and without implementing the cyberthreat in the target network; determine one or more agents to execute the one or more instructions; initiate execution of the one or more instructions by the one or more agents to simulate the existence of the cyberthreat within the target network; and receive feedback identifying how the target network responds to the simulated existence of the cyberthreat within the target network. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50)
-
Specification