×

System, method, and software for cyber threat analysis

  • US 9,241,008 B2
  • Filed: 12/02/2013
  • Issued: 01/19/2016
  • Est. Priority Date: 09/04/2009
  • Status: Active Grant
First Claim
Patent Images

1. A system comprising:

  • a first memory unit and a second memory unit;

    one or more processing units operable to;

    generate a network model of a network infrastructure that is used by an organization, wherein the network infrastructure includes a plurality of segments including a first segment and a second segment, the first segment including first network elements with a first level of security and the second segment including second network elements with a second level of security different from the first level of security;

    determine a vulnerability of a first network element of the first network elements of the network infrastructure;

    simulate, using the network model, an attack vector on the determined vulnerability of the first network element of the network infrastructure to determine a resulting ramification on a second network element of the second network elements due to the attack vector; and

    determine, using the resulting ramification, a criticality level of the attack vector associated with the second network element;

    displaying the criticality level of the attack vector on a user interface of the system in order to alert a user as to the effect of the determined vulnerability; and

    wherein the first memory unit is configured as a first federated memory with the first segment of the network infrastructure stored thereon, the second memory unit is configured as second federated memory with the second segment of the network infrastructure stored thereon, and the simulation is configured to simulate a cascading effect of the attack vector on the second network element due to the attack vector attacking the vulnerability of the first network element using the first and second federated memories which are autonomous memories independently managed by respective administrators of the first and second segments to independently control sensitive information generated and gathered throughout collection, storage, and analysis of vulnerabilities on the network model.

View all claims
  • 12 Assignments
Timeline View
Assignment View
    ×
    ×