END USER RISK MANAGEMENT
First Claim
1. A method for calculating a risk score representing a risk posed by a user to information within a computer system, the method comprising:
- determining, by a security agent, a data risk associated with computer system information accessible by a user of the computer system;
determining, by the security agent, an application risk associated with applications executing within the computer system;
calculating, by the security agent, a risk score associated with the user using at least the data risk and the application risk;
analyzing, by the security agent, interactions between the user and the computer system to determine a risk metric for the user interactions; and
updating, by the security agent, the risk score using the determined risk metric.
8 Assignments
0 Petitions
Accused Products
Abstract
A flexible, efficient and easy-to-use computer security management system effectively evaluates and responds to informational risks on a wide variety of computing platforms and in a rapidly changing network environment. An individual computer system dynamically monitors its end user, without regard to network connectivity, in order to calculate a risk score and to ensure that the end user'"'"'s behavior does not put corporate information or other assets at risk. Data regarding such risks and responses are analyzed and stored in real-time.
-
Citations
18 Claims
-
1. A method for calculating a risk score representing a risk posed by a user to information within a computer system, the method comprising:
-
determining, by a security agent, a data risk associated with computer system information accessible by a user of the computer system; determining, by the security agent, an application risk associated with applications executing within the computer system; calculating, by the security agent, a risk score associated with the user using at least the data risk and the application risk; analyzing, by the security agent, interactions between the user and the computer system to determine a risk metric for the user interactions; and updating, by the security agent, the risk score using the determined risk metric. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for calculating a risk score representing a risk posed by a user to information in a computer system, the system comprising:
-
a computer system comprising at least one computer and having information accessible by a user of the computer system; and a security agent executing within the computer system to; determine a data risk associated with the computer system information, determine an application associated with applications executing within the computer system, calculate a risk score associated with the user, using at least the data risk and the application risk, analyze interactions between the user and the computer system to determine a risk metric for the user interactions, and update the risk score user using the determined risk metric. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification