WO2021243321A1 - Système et procédés de notation de cybersécurité - Google Patents
Système et procédés de notation de cybersécurité Download PDFInfo
- Publication number
- WO2021243321A1 WO2021243321A1 PCT/US2021/035071 US2021035071W WO2021243321A1 WO 2021243321 A1 WO2021243321 A1 WO 2021243321A1 US 2021035071 W US2021035071 W US 2021035071W WO 2021243321 A1 WO2021243321 A1 WO 2021243321A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- domain name
- data
- records
- cybersecurity
- search
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
Un système et un procédé de reconnaissance, d'analyse et de notation de cybersécurité qui utilisent des services informatiques distribués en nuage pour fournir une extensibilité suffisante pour l'analyse de réseaux informatiques d'entreprise à l'aide uniquement de caractérisations disponibles publiquement. Le système et le procédé comprennent un réseau associatif dans la mémoire qui gère une file d'attente de tâches de recherche de vulnérabilité par l'intermédiaire d'un réseau proxy orienté public. Le réseau proxy orienté public comporte des nœuds de recherche configurables pour présenter le réseau à des outils de recherche d'une manière souhaitée pour commander certains aspects de la recherche afin d'obtenir les résultats souhaités. Un moteur de traitement de données distribué et un stockage en nuage sont utilisés pour fournir une puissance de calcul et un stockage extensible. Chacun des services informatiques en nuage est conteneurisé et orchestré à des fins de gestion et d'extensibilité efficace.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/887,304 US11297109B2 (en) | 2015-10-28 | 2020-05-29 | System and method for cybersecurity reconnaissance, analysis, and score generation using distributed systems |
US16/887,304 | 2020-05-29 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021243321A1 true WO2021243321A1 (fr) | 2021-12-02 |
Family
ID=78722942
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2021/035071 WO2021243321A1 (fr) | 2020-05-29 | 2021-05-31 | Système et procédés de notation de cybersécurité |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2021243321A1 (fr) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11706241B1 (en) | 2020-04-08 | 2023-07-18 | Wells Fargo Bank, N.A. | Security model utilizing multi-channel data |
US11720686B1 (en) | 2020-04-08 | 2023-08-08 | Wells Fargo Bank, N.A. | Security model utilizing multi-channel data with risk-entity facing cybersecurity alert engine and portal |
US11777992B1 (en) * | 2020-04-08 | 2023-10-03 | Wells Fargo Bank, N.A. | Security model utilizing multi-channel data |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120232679A1 (en) * | 2008-05-12 | 2012-09-13 | Abercrombie Robert K | Cyberspace security system |
US20170124464A1 (en) * | 2015-10-28 | 2017-05-04 | Fractal Industries, Inc. | Rapid predictive analysis of very large data sets using the distributed computational graph |
US20180219919A1 (en) * | 2015-10-28 | 2018-08-02 | Fractal Industries, Inc. | Rating organization cybersecurity using active and passive external reconnaissance |
US20180241767A1 (en) * | 2015-10-28 | 2018-08-23 | Fractal Industries, Inc. | System and method for cybersecurity analysis and score generation for insurance purposes |
KR20180105688A (ko) * | 2016-01-24 | 2018-09-28 | 사이드 캄란 하산 | 인공 지능을 기반으로 한 컴퓨터 보안 |
US20180295154A1 (en) * | 2015-10-28 | 2018-10-11 | Fractal Industries, Inc. | Application of advanced cybersecurity threat mitigation to rogue devices, privilege escalation, and risk-based vulnerability and patch management |
-
2021
- 2021-05-31 WO PCT/US2021/035071 patent/WO2021243321A1/fr active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120232679A1 (en) * | 2008-05-12 | 2012-09-13 | Abercrombie Robert K | Cyberspace security system |
US20170124464A1 (en) * | 2015-10-28 | 2017-05-04 | Fractal Industries, Inc. | Rapid predictive analysis of very large data sets using the distributed computational graph |
US20180219919A1 (en) * | 2015-10-28 | 2018-08-02 | Fractal Industries, Inc. | Rating organization cybersecurity using active and passive external reconnaissance |
US20180241767A1 (en) * | 2015-10-28 | 2018-08-23 | Fractal Industries, Inc. | System and method for cybersecurity analysis and score generation for insurance purposes |
US20180295154A1 (en) * | 2015-10-28 | 2018-10-11 | Fractal Industries, Inc. | Application of advanced cybersecurity threat mitigation to rogue devices, privilege escalation, and risk-based vulnerability and patch management |
KR20180105688A (ko) * | 2016-01-24 | 2018-09-28 | 사이드 캄란 하산 | 인공 지능을 기반으로 한 컴퓨터 보안 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11706241B1 (en) | 2020-04-08 | 2023-07-18 | Wells Fargo Bank, N.A. | Security model utilizing multi-channel data |
US11720686B1 (en) | 2020-04-08 | 2023-08-08 | Wells Fargo Bank, N.A. | Security model utilizing multi-channel data with risk-entity facing cybersecurity alert engine and portal |
US11777992B1 (en) * | 2020-04-08 | 2023-10-03 | Wells Fargo Bank, N.A. | Security model utilizing multi-channel data |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11924251B2 (en) | System and method for cybersecurity reconnaissance, analysis, and score generation using distributed systems | |
US11757945B2 (en) | Collaborative database and reputation management in adversarial information environments | |
US11483332B2 (en) | System and method for cybersecurity analysis and score generation for insurance purposes | |
US11637869B2 (en) | System and method for self-adjusting cybersecurity analysis and score generation | |
US11750659B2 (en) | Cybersecurity profiling and rating using active and passive external reconnaissance | |
US11222111B2 (en) | Techniques for sharing network security event information | |
US11601475B2 (en) | Rating organization cybersecurity using active and passive external reconnaissance | |
US20220014560A1 (en) | Correlating network event anomalies using active and passive external reconnaissance to identify attack information | |
US20220060512A1 (en) | System and methods for automatically assessing and improving a cybersecurity risk score | |
US11968239B2 (en) | System and method for detection and mitigation of data source compromises in adversarial information environments | |
US9003023B2 (en) | Systems and methods for interactive analytics of internet traffic | |
US20210360032A1 (en) | Cybersecurity risk analysis and anomaly detection using active and passive external reconnaissance | |
US20220263852A1 (en) | System and method for cybersecurity analysis and score generation for insurance purposes | |
WO2021243321A1 (fr) | Système et procédés de notation de cybersécurité | |
US20220014561A1 (en) | System and methods for automated internet-scale web application vulnerability scanning and enhanced security profiling | |
WO2021202833A1 (fr) | Système et procédé d'auto-ajustement d'analyse de cybersécurité et de génération de score | |
US20230362200A1 (en) | Dynamic cybersecurity scoring and operational risk reduction assessment | |
US20220368726A1 (en) | Privilege assurance of computer network environments | |
US20210281609A1 (en) | Rating organization cybersecurity using probe-based network reconnaissance techniques | |
US20230283641A1 (en) | Dynamic cybersecurity scoring using traffic fingerprinting and risk score improvement | |
US11968235B2 (en) | System and method for cybersecurity analysis and protection using distributed systems | |
WO2021154460A1 (fr) | Profilage et évaluation de cybersécurité à l'aide d'une reconnaissance externe active et passive |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21814593 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21814593 Country of ref document: EP Kind code of ref document: A1 |