Adaptive Remediation of Multivariate Risk

US 20190036971A1
Filed: 07/25/2018
Published: 01/31/2019
Est. Priority Date: 07/26/2017
Status: Active Grant

First Claim

Patent Images

1. A computer-implementable method for adaptively remediating multivariate risk, comprising:

detecting a violation of a multivariate security policy, the multivariate security policy comprising a plurality of variables;

identifying a variable from the plurality of variables associated with a cause of the violation;

associating an entity with the variable associated with the cause of the violation; and

,adaptively remediating a risk associated with the entity.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system and computer-usable medium for adaptively remediating multivariate risk, comprising: detecting a violation of a multivariate security policy, the multivariate security policy comprising a plurality of variables; identifying a variable from the plurality of variables associated with a cause of the violation; associating an entity with the variable associated with the cause of the violation; and, adaptively remediating a risk associated with the entity.

20 Citations

20 Claims

1. A computer-implementable method for adaptively remediating multivariate risk, comprising:
- detecting a violation of a multivariate security policy, the multivariate security policy comprising a plurality of variables;
  
  identifying a variable from the plurality of variables associated with a cause of the violation;
  
  associating an entity with the variable associated with the cause of the violation; and
  
  ,adaptively remediating a risk associated with the entity.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising:
    - configuring the multivariate security policy by setting parameters of the plurality of variables.
  - 3. The method of claim 1, wherein:
    - the multivariate security policy comprises a rule and an action associated with a particular user; and
      
      ,each of the plurality of variables is associated with the rule and the action of the multivariate security policy for the particular user.
  - 4. The method of claim 3, wherein:
    - at least some of the plurality of variables comprise risk-adaptive user behavior factors.
  - 5. The method of claim 1, wherein:
    - detecting the violation of a multivariate security policy comprises analyzing a plurality of combinations of variables and events.
  - 6. The method of claim 5, wherein:
    - analyzing the plurality of combinations of variables and events comprise at least one ofanalyzing two sets of variables associated with a single entity;
      
      analyzing two sets of variables associated with two entities; and
      
      ,analyzing one set of variables associated with two entities.

7. A system comprising:
- a processor;
  
  a data bus coupled to the processor; and
  
  a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for;
  
  detecting a violation of a multivariate security policy, the multivariate security policy comprising a plurality of variables;
  
  identifying a variable from the plurality of variables associated with a cause of the violation;
  
  associating an entity with the variable associated with the cause of the violation; and
  
  ,adaptively remediating a risk associated with the entity.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the instructions executable by the processor are further configured for:
    - configuring the multivariate security policy by setting parameters of the plurality of variables.
  - 9. The system of claim 7, wherein:
    - the multivariate security policy comprises a rule and an action associated with a particular user; and
      
      ,each of the plurality of variables is associated with the rule and the action of the multivariate security policy for the particular user.
  - 10. The system of claim 9, wherein:
    - at least some of the plurality of variables comprise risk-adaptive user behavior factors.
  - 11. The system of claim 7, wherein:
    - detecting the violation of a multivariate security policy comprises analyzing a plurality of combinations of variables and events.
  - 12. The system of claim 11, wherein:
    - analyzing the plurality of combinations of variables and events comprise at least one ofanalyzing two sets of variables associated with a single entity;
      
      analyzing two sets of variables associated with two entities; and
      
      ,analyzing one set of variables associated with two entities.

13. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
- detecting a violation of a multivariate security policy, the multivariate security policy comprising a plurality of variables;
  
  identifying a variable from the plurality of variables associated with a cause of the violation;
  
  associating an entity with the variable associated with the cause of the violation; and
  
  ,adaptively remediating a risk associated with the entity.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory, computer-readable storage medium of claim 13, wherein the computer executable instructions are further configured for:
    - configuring the multivariate security policy by setting parameters of the plurality of variables.
  - 15. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the multivariate security policy comprises a rule and an action associated with a particular user; and
      
      ,each of the plurality of variables is associated with the rule and the action of the multivariate security policy for the particular user.
  - 16. The non-transitory, computer-readable storage medium of claim 15, wherein:
    - at least some of the plurality of variables comprise risk-adaptive user behavior factors.
  - 17. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - detecting the violation of a multivariate security policy comprises analyzing a plurality of combinations of variables and events.
  - 18. The non-transitory, computer-readable storage medium of claim 17, wherein:
    - analyzing the plurality of combinations of variables and events comprise at least one ofanalyzing two sets of variables associated with a single entity;
      
      analyzing two sets of variables associated with two entities; and
      
      ,analyzing one set of variables associated with two entities.
  - 19. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the computer executable instructions are deployable to a client system from a server system at a remote location.
  - 20. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the computer executable instructions are provided by a service provider to a user on an on-demand basis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Forcepoint LLC
Original Assignee
Forcepoint LLC
Inventors
Ford, Richard A., Irvine, Ann, Reeve, Adam

Granted Patent

US 10,642,996 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/3072   where the reporting involve...

G06F 11/3438   monitoring of user actions ...

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

G06F 21/6254   by anonymising data, e.g. d...

G06F 21/84   output devices, e.g. displa...

G06F 2201/86   Event-based monitoring

G06F 2221/031   Protect user input by softw...

G06F 2221/032   Protect output to user by s...

G06F 2221/034   Test or assess a computer o...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 63/1408   by monitoring network traff...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

H04L 67/025   for remote control or remot...

H04L 67/141   Setup of application sessio...

H04L 67/146 : Markers for unambiguous ide...

H04L 67/289 : Intermediate processing fun...

H04L 67/306 : User profiles

H04L 67/535 : Tracking the activity of th...

View All

Adaptive Remediation of Multivariate Risk

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Adaptive Remediation of Multivariate Risk

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links