Systems and methods for intelligently configuring computer security

US 10,412,113 B2
Filed: 12/10/2018
Issued: 09/10/2019
Est. Priority Date: 12/08/2017
Status: Active Grant

First Claim

Patent Images

1. A method for configuring computer security of a subject entity at a computer security platform, the method comprising:

monitoring a security environment maintained by the subject entity;

collecting a corpus of security data, the security data comprising security environment data relating to one or more security configurations of a network maintained by the subject entity;

analyzing the corpus of security data to determine one or more vulnerability factors and one or more security behaviors relating to the subject entity;

generating a security assessment for the subject entity based on the analysis of the corpus of security data;

generating a computer security policy for the security environment based on the security assessment, comprising one or more computer security configurations;

providing, to the subject entity, a security policy recommendation incorporating at least a subset of the generated computer security policy;

receiving a recommendation response from the subject entity declining to accept the security policy recommendation; and

responsive to the recommendation response declining to accept the security policy recommendation, providing an alternative security policy recommendation to the subject entity based on the recommendation response.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method that enables the configuration of computer security of a subject entity at a computer security platform includes collecting a corpus of security data relating to one or more security configurations of the network maintained by the subject entity, analyzing the corpus of security data to determine one or more vulnerability factors and one or more security behaviors relating to the subject entity, generating a security assessment for the subject entity based on the analysis of the corpus of security data, generating a computer security policy for the security environment based on the security assessment, and providing, to the subject entity, a security policy recommendation incorporating at least a subset of the generated computer security policy.

469 Citations

16 Claims

1. A method for configuring computer security of a subject entity at a computer security platform, the method comprising:
- monitoring a security environment maintained by the subject entity;
  
  collecting a corpus of security data, the security data comprising security environment data relating to one or more security configurations of a network maintained by the subject entity;
  
  analyzing the corpus of security data to determine one or more vulnerability factors and one or more security behaviors relating to the subject entity;
  
  generating a security assessment for the subject entity based on the analysis of the corpus of security data;
  
  generating a computer security policy for the security environment based on the security assessment, comprising one or more computer security configurations;
  
  providing, to the subject entity, a security policy recommendation incorporating at least a subset of the generated computer security policy;
  
  receiving a recommendation response from the subject entity declining to accept the security policy recommendation; and
  
  responsive to the recommendation response declining to accept the security policy recommendation, providing an alternative security policy recommendation to the subject entity based on the recommendation response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein analyzing the corpus of security data, generating the security assessment, and/or generating the computer security policy comprises performing one or more machine learning techniques on one or more neural networks.
  - 3. The method of claim 1, wherein monitoring the security environment comprises monitoring authentication activity within the security environment.
  - 4. The method of claim 1, wherein the corpus of security data further comprises historical authentication data relating to one or more authentications performed using authentication services of the computer security platform.
  - 5. The method of claim 4, wherein the authentication services comprise multi-factor authentication services.
  - 6. The method of claim 1, wherein the security data further comprises global security environment data aggregated from a plurality of additional subject entities.
  - 7. The method of claim 1, wherein the security data further comprises user-submitted risk tolerance data.
  - 8. The method of claim 1, wherein the security data comprises one or more current security policy configurations of the subject entity.
  - 9. The method of claim 1, wherein the vulnerability factors comprise one or more attack vectors.
  - 10. The method of claim 1, wherein analyzing the corpus of security data comprises filtering the corpus of security data based on probative security value regarding a state of the network maintained by the subject entity.
  - 11. The method of claim 10,wherein probative security value relates at least to a probability of the existence of that malicious software exists within the security environment, andwherein analyzing the corpus of security data further comprises detecting one or more predetermined features of known malicious software within the security environment.
  - 12. The method of claim 1, wherein generating the security assessment comprises generating a risk score for the security environment.
  - 13. The method of claim 1, wherein generating the computer security policy comprises generating one or more crowd-sourced computer security configurations.
  - 14. The method of claim 1, further comprising:
    - receiving a second recommendation response from the subject entity accepting the alternative security policy recommendation; and
      
      implementing at least a subset of a computer security policy of the alternative security policy recommendation, based on the second recommendation response.
  - 15. The method of claim 1, further comprising:
    - receiving a second recommendation response from the subject entity adjusting one or more components of the alternative security policy recommendation; and
      
      implementing at least a subset of the adjusted security policy of the alternative security policy recommendation, based on the second recommendation response.

16. A system for configuring computer security of a subject entity, the system comprising:
- a security environment maintained by the subject entity; and
  
  a computer security platform implemented via one or more web servers or a distributed computing system, the one or more web servers or the distributed computing system comprising a non-transitory computer-readable medium storing computer instructions that when executed by one or more computer processors enables the computer security platform to;
  
  collect a corpus of security data, the security data comprising security environment data relating to one or more security configurations of the security environment maintained by the subject entity;
  
  analyze the corpus of security data to determine one or more vulnerability factors and one or more security behaviors relating to the subject entity;
  
  generate a security assessment for the subject entity based on the analysis of the corpus of security data;
  
  generate a computer security policy for the security environment based on the security assessment, comprising one or more computer security configurations; and
  
  provide, to the subject entity, a security policy recommendation incorporating at least a subset of the generated computer security policy;
  
  receive a recommendation response from the subject entity declining to accept the security policy recommendation; and
  
  responsive to the recommendation response declining to accept the security policy recommendation, provide one or more alternative security policy recommendations to the subject entity based on the recommendation response.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Duo Security Incorporated (Cisco Systems, Inc.)
Inventors
Hanley, Michael, Anise, Olabode, Lady, Kyle, Oberheide, Jon
Primary Examiner(s)
Lwin, Maung T

Application Number

US16/215,103
Publication Number

US 20190182287A1
Time in Patent Office

274 Days
Field of Search

None
US Class Current
CPC Class Codes

G06N 20/00   Machine learning

G06N 3/02   Neural networks

G06N 3/08   Learning methods

H04L 63/08   for authentication of entit...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

Systems and methods for intelligently configuring computer security

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

469 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for intelligently configuring computer security

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

469 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links