End user risk management
First Claim
Patent Images
1. A method for calculating a risk score representing a risk posed by a user to information within a computer system, the method comprising:
- determining, by a security agent executing on a computer within a computer system, a data risk associated with computer system information accessible by a user of the computer system;
determining, by the security agent, an application risk associated with applications executing within the computer system;
calculating, by the security agent, a risk score associated with the user using at least the data risk and the application risk;
analyzing, by the security agent, interactions between the user and the computer system to determine a risk metric for the user interactions;
re-calculating, by the security agent, the risk score using the data risk, the application risk and the determined risk metric; and
displaying the risk score to the user.
9 Assignments
0 Petitions
Accused Products
Abstract
A flexible, efficient and easy-to-use computer security management system effectively evaluates and responds to informational risks on a wide variety of computing platforms and in a rapidly changing network environment. An individual computer system dynamically monitors its end user, without regard to network connectivity, in order to calculate a risk score and to ensure that the end user'"'"'s behavior does not put corporate information or other assets at risk. Data regarding such risks and responses are analyzed and stored in real-time.
-
Citations
16 Claims
-
1. A method for calculating a risk score representing a risk posed by a user to information within a computer system, the method comprising:
-
determining, by a security agent executing on a computer within a computer system, a data risk associated with computer system information accessible by a user of the computer system; determining, by the security agent, an application risk associated with applications executing within the computer system; calculating, by the security agent, a risk score associated with the user using at least the data risk and the application risk; analyzing, by the security agent, interactions between the user and the computer system to determine a risk metric for the user interactions; re-calculating, by the security agent, the risk score using the data risk, the application risk and the determined risk metric; and displaying the risk score to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for calculating a risk score representing a risk posed by a user to information in a computer system, the system comprising:
-
a computer system comprising at least one computer and having information accessible by a user of the computer system; and a security agent executing on a computer within the computer system to; determine a data risk associated with the computer system information, determine an application associated with applications executing within the computer system, calculate a risk score associated with the user, using at least the data risk and the application risk, analyze interactions between the user and the computer system to determine a risk metric for the user interactions, re-calculate the risk score using the data risk, the application risk, and the determined risk metric, and display the risk score to the user. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification