Assessing security risks of users in a computing network
First Claim
Patent Images
1. A method for assessing security risk for an electronic device user in a computing network, the method comprising:
- by a security system processor;
generating an interaction item, wherein the interaction item comprises a training item or a security item;
transmitting the interaction item to an end user electronic device via a network;
receiving feedback data from the end user electronic device, wherein;
the feedback data includes sensed data relating to an action of a user of the end user electronic device, wherein the action is responsive to the interaction item, andthe feedback data also includes technical information associated with the end user electronic device, wherein the technical information includes at least one of the following;
a network address, a device make, a device model, a software version, an operating system version, firewall data or a platform type;
comparing the feedback data to a plurality of security risk scoring metrics, where the plurality of security risk scoring metrics comprise;
a set of metrics assigning a weight to the action of the user, anda set of metrics assigning a weight to a technical attribute defined for the technical information;
based on the comparing, determining a security risk score, the security risk score quantifying a security risk presented to the computing network by the user of the end user electronic device;
generating a subsequent interaction item based on the security risk score, wherein;
the subsequent interaction item includes a security item or a training item, andthe subsequent interaction item includes a number of fields, each field having an associated value;
assigning a weight to each field of the number of fields based on the field'"'"'s associated value; and
determining a sophistication score for the subsequent interaction item by totaling the weights associated with each field of the number of fields.
9 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user'"'"'s interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.
130 Citations
21 Claims
-
1. A method for assessing security risk for an electronic device user in a computing network, the method comprising:
by a security system processor; generating an interaction item, wherein the interaction item comprises a training item or a security item; transmitting the interaction item to an end user electronic device via a network; receiving feedback data from the end user electronic device, wherein; the feedback data includes sensed data relating to an action of a user of the end user electronic device, wherein the action is responsive to the interaction item, and the feedback data also includes technical information associated with the end user electronic device, wherein the technical information includes at least one of the following;
a network address, a device make, a device model, a software version, an operating system version, firewall data or a platform type;comparing the feedback data to a plurality of security risk scoring metrics, where the plurality of security risk scoring metrics comprise; a set of metrics assigning a weight to the action of the user, and a set of metrics assigning a weight to a technical attribute defined for the technical information; based on the comparing, determining a security risk score, the security risk score quantifying a security risk presented to the computing network by the user of the end user electronic device; generating a subsequent interaction item based on the security risk score, wherein; the subsequent interaction item includes a security item or a training item, and the subsequent interaction item includes a number of fields, each field having an associated value; assigning a weight to each field of the number of fields based on the field'"'"'s associated value; and determining a sophistication score for the subsequent interaction item by totaling the weights associated with each field of the number of fields. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A system for assessing security risk of user of a computing network, the system comprising:
-
a security server having a risk assessment processor; a network connecting the security server and an end user electronic device; a database that stores security items, training items, technical information, and risk metrics; and a non-transitory computer-readable storage medium that stores programming instructions that are configured to cause the risk assessment processor to; generate an interaction item, wherein the interaction item includes a training item or a security item; transmit, via the network, the interaction item to the end user electronic device; receive, via the network, feedback data associated with the interaction item, wherein; the feedback data includes sensed data relating to an action of a user of the end user electronic device, wherein the action is responsive to the interaction item, and the feedback data also includes technical information associated with the end user electronic device, wherein the technical information includes at least one of the following;
a network address, a device make, a device model, a software version, an operating system version, firewall data or a platform type;compare the feedback data to a group of the risk metrics stored in the database, where the group of the risk metrics stored in the database comprises; a set of metrics each assigning a weight to the action of the user, and a set of metrics assigning a weight to a technical attribute defined for the technical information; calculate, based on comparing the feedback data to the group of the risk metrics stored in the database, a security risk score for the user of the end user electronic device, the security risk score quantifying a security risk presented to the computing network by the user of the end user electronic device; generate a subsequent interaction item based on the calculated security risk score, wherein; the subsequent interaction item includes a security item or a training item, and the subsequent interaction item includes a number of fields, each field having an associated value; assign a weight to each field of the number of fields based on the field'"'"'s associated value; and determine a sophistication score for the subsequent interaction item by totaling the weights associated with each field of the number of fields. - View Dependent Claims (12, 13, 14, 15)
-
-
16. One or more non-transitory computer-readable media storing instructions that, when executed by a security system processor, cause the security system processor to perform a method for assessing security risk for an electronic device user in a computing network, the method comprising:
-
generating an interaction item, wherein the interaction item comprises a training item or a security item; transmitting the interaction item to an end user electronic device via a network; receiving feedback data from the end user electronic device, wherein; the feedback data includes sensed data relating to an action of a user of the end user electronic device, wherein the action is responsive to the interaction item, and the feedback data also includes technical information associated with the end user electronic device, wherein the technical information includes at least one of the following;
a network address, a device make, a device model, a software version, an operating system version, firewall data or a platform type;comparing the feedback data to a plurality of security risk scoring metrics, where the plurality of security risk scoring metrics comprise; a set of metrics assigning a weight to the action of the user, and a set of metrics assigning a weight to a technical attribute defined for the technical information; based on the comparing, determining a security risk score, the security risk score quantifying a security risk presented to the computing network by the user of the end user electronic device; generating a subsequent interaction item based on the security risk score, wherein; the subsequent interaction item includes a security item or a training item, and the subsequent interaction item includes a number of fields, each field having an associated value; assigning a weight to each field of the number of fields based on the field'"'"'s associated value; and determining a sophistication score for the subsequent interaction item by totaling the weights associated with each field of the number of fields. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification