Security assessment using service provider digital asset information

US 9,830,569 B2
Filed: 04/29/2016
Issued: 11/28/2017
Est. Priority Date: 09/24/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprisingreceiving from a service provider customer account data representative of relationships that exist at successive times between digital assets provided by the service provider and respective entities to whom the digital assets are provided by the service provider, andusing the received data to update a database to represent (a) mappings of the digital assets to respective entities to whom the digital assets are provided at one of the successive times, and (b) changes in the mappings between successive times, wherein the changes in mappings result from state-transitions of IP allocations at the service provider, and wherein the state-transitions comprise splitting an allocated IP address space into sub-spaces and allocating one or more of the sub-spaces to one of the respective entities, andwherein the customer account data is preprocessed by selectively identifying and ordering metadata within the customer account data to facilitate one of (i) matching of the customer account data to an existing entity in the database or (ii) creation of a new entity in the database, andderiving a cybersecurity rating for the respective entities based at least in part on the updated database.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Among other things, customer account data is received from a service provider. The customer account data is representative of relationships that exist at successive times between digital assets provided by the service provider and respective entities to whom the digital assets are provided by the service provider. The received data is used to update a database to represent mappings of digital assets to respective entities to whom the digital assets are provided at one of the successive times, changes in the mappings between successive times, or both.

56 Citations

View as Search Results

28 Claims

1. A computer-implemented method comprisingreceiving from a service provider customer account data representative of relationships that exist at successive times between digital assets provided by the service provider and respective entities to whom the digital assets are provided by the service provider, andusing the received data to update a database to represent (a) mappings of the digital assets to respective entities to whom the digital assets are provided at one of the successive times, and (b) changes in the mappings between successive times, wherein the changes in mappings result from state-transitions of IP allocations at the service provider, and wherein the state-transitions comprise splitting an allocated IP address space into sub-spaces and allocating one or more of the sub-spaces to one of the respective entities, andwherein the customer account data is preprocessed by selectively identifying and ordering metadata within the customer account data to facilitate one of (i) matching of the customer account data to an existing entity in the database or (ii) creation of a new entity in the database, andderiving a cybersecurity rating for the respective entities based at least in part on the updated database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 2. The method of claim 1 in which the digital assets provided by the service provider comprise digital asset identifiers of digital assets provided by the service provider as of each of the successive times.
  - 3. The method of claim 2 in which the digital asset identifiers comprise IP addresses or domain names or both.
  - 4. The method of claim 1 in which the customer account data is expressed in a predetermined format and in which the method comprises preprocessing the account data in the predetermined format to generate data in a common format for use in the updating of the database.
  - 5. The method of claim 1 in which the relationships comprise vendor-customer relationships between the service provider and the entities with respect to the digital assets.
  - 6. The method of claim 1 in which a party other than the service provider or any of the entities receives the data and updates the database.
  - 7. The method of claim 1 in which the service provider internally receives the data and updates the database.
  - 8. The method of claim 1 in which the account data comprises identifiers of the entities.
  - 9. The method of claim 1 in which the account data comprises information about the digital assets.
  - 10. The method of claim 1 in which the account data comprises a dataset of a database of the service provider.
  - 11. The method of claim 1 in which the preprocessing comprises distinguishing an entity for which the account data identifies a name from an entity for which the database identifies the same name, when the two entities are different entities.
  - 12. The method of claim 1 comprising evaluating security risks associated with the entities based on the digital assets mapped to the respective entities.
  - 13. The method of claim 1 comprising merging information from the account data of the service provider with account data of another source.
  - 14. The method of claim 1 comprisingdetermining events based on changes in the mappings.
  - 15. The method of claim 14 in which at least one of the events comprises creation of a new static assignment or allocation by the service provider.
  - 16. The method of claim 14 in which at least one of the events comprises updating of an existing static assignment or allocation by the service provider.
  - 17. The method of claim 14 in which at least one of the events comprises removal of a CIDRs or a set of CIDRs by the service provider.
  - 18. The method of claim 14 in which at least one of the events comprises provisioning of or renewal of a DHCP lease for a customer.
  - 19. The method of claim 14 in which at least one of the events comprises creation or removal of announcements by the service provider related to CIDRs were a set of CIDRs.
  - 20. The method of claim 14 in which at least one of the events comprises creation, updating, or removal of IMSI information.
  - 21. The method of claim 14 in which at least one of the events comprises creation, updating, or removal of email addresses.
  - 22. The method of claim 14 in which at least one of the events comprises creation, updating, or termination of the customer in the account data.
  - 23. The method of claim 1 in which the account data is received through an exposed API.
  - 24. The method of claim 1 in which the account data is received at regular intervals as character delimited files.
  - 25. The method of claim 1 in which the account data is received as a snapshot of an entire database maintained by the service provider.
  - 26. The method of claim 25 in which the account data is received as deltas relative to the entire database snapshot.

27. A computer-implemented method comprisingmaintaining customer account data representative of relationships that exist at successive times between digital assets provided by a service provider and respective entities to whom the digital assets are provided by the service provider,making the customer account data available through the Internet to another party for use in updating a database to represent a mappings of digital assets to respective entities as of each of the successive times, and (b) changes in the mappings between successive times wherein the changes in mappings result from state-transitions of IP allocations at the service provider, and wherein the state-transitions comprise splitting an allocated IP address space into sub-spaces and allocating one or more of the sub-spaces to one of the respective entities, andwherein the customer account data is preprocessed by selectively identifying and ordering metadata within the customer account data to facilitate one of (i) matching of the customer account data to an existing entity in the database or (ii) creation of a new entity in the database, andderiving a cybersecurity rating for the respective entities based at least in part on the updated database.
- View Dependent Claims (28)
- - 28. The method of claim 27 in which the digital assets provided by the service provider comprise digital asset identifiers of digital assets provided by the service provider as of each of the successive times wherein the changes in the mappings are based on one or more events and wherein the identified events comprise one or more of removal of one or more CIDRs provided by the service provider, provisioning of or renewal of a DHCP lease and creation, updating, or removal of IMSI information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BitSight Technologies, Inc.
Original Assignee
BitSight Technologies, Inc.
Inventors
Dahlberg, Daniel
Primary Examiner(s)
LEWIS, LISA C

Application Number

US15/142,677
Publication Number

US 20160239772A1
Time in Patent Office

578 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/23   Updating

G06Q 10/0635   Risk analysis of enterprise...

H04L 63/1425   Traffic logging, e.g. anoma...

Security assessment using service provider digital asset information

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

56 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Security assessment using service provider digital asset information

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

56 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others