Social network security monitoring

US 9,544,325 B2
Filed: 12/11/2014
Issued: 01/10/2017
Est. Priority Date: 12/11/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

scanning, by one or more processors, security settings data associated with one or more profiles of a protected social entity on one or more social networks, wherein the security settings data is selected from a group consisting of a password strength, a password uniqueness, and a profile privacy;

assessing the security settings data associated with the one or more profiles of the protected social entity, wherein assessing the security settings data comprises comparing the security settings associated with the one or more profiles of the protected social entity to one or more security settings associated with an expert modeled profile;

determining based on the assessment of the security settings data, a first security risk score for the protected social entity;

providing the first security risk score to the protected social entity;

monitoring the security settings data associated with the one or more profiles of the protected social entity;

identifying one or more changes in the security settings data;

determining based on an assessment of the changed security settings data, a second security risk score;

providing the second security risk score to the protected social entity;

determining one or more changes to the security settings data that lowers the second security score; and

providing, to the protected social entity, a list of the one or more changes to the security settings data that lowers the second security score.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method includes security settings data associated with one or more profiles of a protected social entity on one or more social networks is scanned, and the security settings data associated with the one or more profiles of the protected social entity is assessed. A first security risk score for the protected social entity is determined based on the assessment of the security settings data, and the first security risk score is provided to the protected social entity.

54 Citations

View as Search Results

17 Claims

1. A computer-implemented method comprising:
- scanning, by one or more processors, security settings data associated with one or more profiles of a protected social entity on one or more social networks, wherein the security settings data is selected from a group consisting of a password strength, a password uniqueness, and a profile privacy;
  
  assessing the security settings data associated with the one or more profiles of the protected social entity, wherein assessing the security settings data comprises comparing the security settings associated with the one or more profiles of the protected social entity to one or more security settings associated with an expert modeled profile;
  
  determining based on the assessment of the security settings data, a first security risk score for the protected social entity;
  
  providing the first security risk score to the protected social entity;
  
  monitoring the security settings data associated with the one or more profiles of the protected social entity;
  
  identifying one or more changes in the security settings data;
  
  determining based on an assessment of the changed security settings data, a second security risk score;
  
  providing the second security risk score to the protected social entity;
  
  determining one or more changes to the security settings data that lowers the second security score; and
  
  providing, to the protected social entity, a list of the one or more changes to the security settings data that lowers the second security score.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 17)
- - 2. The method of claim 1 further comprising:
    - comparing the first security risk score to a threshold; and
      
      generating, based on the comparison, an alert to the protected social entity if the first risk score exceeds the threshold.
  - 3. The method of claim 1 further comprising:
    - receiving from the protected social entity, authorization to access the security settings data of one or more social network profiles associated with the protected social entity.
  - 4. The method of claim 1 wherein the one or more profiles of the protected social entity are profiles across one or more social networks.
  - 5. The method of claim 1 wherein identifying one or more changes in the security settings data comprises identifying one or more changes made by a social network.
  - 6. The method of claim 1 wherein identifying one or more changes in the security settings data comprises identifying one or more changes made by the protected social entity.
  - 7. The method of claim 1 further comprising:
    - storing the first security risk score associated with the protected social entity;
      
      storing the second risk score associated with the protected social entity; and
      
      presenting the first and second security risk scores to the protected social entity as a security risk score history.
  - 8. The method of claim 1 further comprising:
    - receiving from the protected social entity a list identifying one or more profile attributes to monitor; and
      
      monitoring the one or more profiles of the protected social entity for changes to the one or more identified profile attributes.
  - 9. The method of claim 8 further comprising:
    - identifying a change to one or more of the identified profile attributes; and
      
      generating, based on identifying a change, an alert to the protected social entity.
  - 17. The method of claim 1 wherein expert modeled profile is a modeled profile with a high level of security.

10. A system comprising:
- one or more processing devices; and
  
  one or more non-transitory computer-readable media coupled to the one or more processing devices having instructions stored thereon which, when executed by the one or more processing devices, cause the one or more processing devices to perform operations comprising;
  
  scanning, by one or more processors, security settings data associated with one or more profiles of a protected social entity on one or more social networks, wherein the security settings data is selected from a group consisting of a password strength, a password uniqueness, and a profile privacy;
  
  assessing the security settings data associated with the one or more profiles of the protected social entity, wherein assessing the security settings data comprises comparing the security settings associated with the one or more profiles of the protected social entity to one or more security settings associated with an expert modeled profile;
  
  determining based on the assessment of the security settings data, a first security risk score for the protected social entity;
  
  providing the first security risk score to the protected social entity;
  
  monitoring the security settings data associated with the one or more profiles of the protected social entity;
  
  identifying one or more changes in the security settings data;
  
  determining based on an assessment of the changed security settings data, a second security risk score;
  
  providing the second security risk score to the protected social entity;
  
  determining one or more changes to the security settings data that lowers the second security score; and
  
  providing, to the protected social entity, a list of the one or more changes to the security settings data that lowers the second security score.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10 further comprising:
    - comparing the first security risk score to a threshold; and
      
      generating, based on the comparison, an alert to the protected social entity if the first risk score exceeds the threshold.
  - 12. The system of claim 10 further comprising:
    - receiving from the protected social entity, authorization to access the security settings data of one or more social network profiles associated with the protected social entity.
  - 13. The system of claim 10 wherein the one or more profiles of the protected social entity are profiles across one or more social networks.
  - 14. The system of claim 10 wherein identifying one or more changes in the security settings data comprises identifying one or more changes made by a social network.
  - 15. The system of claim 10 further comprising:
    - storing the first security risk score associated with the protected social entity;
      
      storing the second risk score associated with the protected social entity; and
      
      presenting the first and second security risk scores to the protected social entity as a security risk score history.

16. A non-transitory computer-readable storage medium storing software comprising instructions executable by one or more computers which, upon such execution, cause the one or more computers to perform operations comprising:
- scanning, by one or more processors, security settings data associated with one or more profiles of a protected social entity on one or more social networks, wherein the security settings data is selected from a group consisting of a password strength, a password uniqueness, and a profile privacy; and
  
  assessing the security settings data associated with the one or more profiles of the protected social entity, wherein assessing the security settings data comprises comparing the security settings associated with the one or more profiles of the protected social entity to one or more security settings associated with an expert modeled profile;
  
  determining based on the assessment of the security settings data, a first security risk score for the protected social entity;
  
  providing the first security risk score to the protected social entity;
  
  monitoring the security settings data associated with the one or more profiles of the protected social entity;
  
  identifying one or more changes in the security settings data;
  
  determining based on an assessment of the changed security settings data, a second security risk score;
  
  providing the second security risk score to the protected social entity;
  
  determining one or more changes to the security settings data that lowers the second security score; and
  
  providing, to the protected social entity, a list of the one or more changes to the security settings data that lowers the second security score.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZeroFOX, Inc. (ZeroFox Holdings, Inc.)
Original Assignee
ZeroFOX, Inc. (ZeroFox Holdings, Inc.)
Inventors
Foster, James C., Blair, Evan, Cullison, Christopher B., Francis, Robert
Primary Examiner(s)
Leung, Robert
Assistant Examiner(s)
Ho, Thomas

Application Number

US14/566,971
Publication Number

US 20160173520A1
Time in Patent Office

761 Days
Field of Search

726/24, 705/7.28
US Class Current

1/1
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/552   involving long-term monitor...

G06Q 10/0635   Risk analysis of enterprise...

H04L 63/102   Entity profiles

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

Social network security monitoring

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Social network security monitoring

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links