Phishing training tool
US-9942249-B2 · Apr 10, 2018 · US
Systems and methods for determining individual and group risk scores
US11677767B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11677767-B2 |
| Application number | US-202217688636-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 7, 2022 |
| Priority date | May 16, 2018 |
| Publication date | Jun 13, 2023 |
| Grant date | Jun 13, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.
First claim
Opening claim text (preview).
We claim: 1. A method comprising: receiving, by one or more servers, information related to data breaches associated with a user; identifying, by the one or more servers, whether the user clicks on one or more links of one or more simulated phishing tests; identifying, by the one or more servers, whether the user has completed one or more training courses; determining, by the one or more servers, a risk score of the user as a function of the information related to data breaches associated with the user, whether the user clicks on one or more links of one or more simulated phishing tests and whether the user has completed one or more training courses; and providing, by the one or more servers, the risk score for display via a user interface on a display device. 2. The method of claim 1 , further comprising identifying, by the one or more servers, a training history of the user. 3. The method of claim 2 , further comprising determining, by the one or more servers, the risk score of the user based on the training history of the user. 4. The method of claim 2 , wherein the training history identifies one or more of the following: courses that the user is enrolled in by the one or more servers, courses that the user has chosen to enroll in, courses that the user has started, or courses that the user has completed. 5. The method of claim 2 , wherein the training history identifies one or more time intervals between completions of one or more training courses. 6. The method of claim 2 , wherein the training history is based on a type of training. 7. The method of claim 1 , wherein the function is one of a weighted function or a logarithmic function of information related to data breaches associated with the user, whether the user clicks on one or more links of one or more simulated phishing tests and whether the user has completed one or more training courses. 8. The method of claim 1 , further comprising identifying, by the one or more servers, results of at least one or more user assessment surveys for the user. 9. The method of claim 8 , further comprising determining, by the one or more servers, the risk score of the user as the function of the information related to data breaches associated with the user, whether the user clicks on one or more links of one or more simulated phishing tests, whether the user has completed one or more training courses and the results of the at least one or more user assessment surveys for the user. 10. The method of claim 1 , further comprising aggregating, by the one or more servers, a group risk from risk scores of a plurality of users. 11. The method of claim 1 , further comprising causing, by the one or more servers, a display of a probability that the user will respond to a hit of one or more types of malicious attacks. 12. A system comprising: one or more servers, comprising one or more processors, coupled to memory and configured to: receive information related to data breaches associated with a user; identify whether the user clicks on one or more links of one or more simulated phishing tests; identify whether the user has completed one or more training courses; determine a risk score of the user as a function of the information related to data breaches associated with the user, whether the user clicks on one or more links of one or more simulated phishing tests and whether the user has completed one or more training courses; and provide the risk score for display via a user interface on a display device. 13. The system of claim 12 , wherein the one or more servers are further configured to identify a training history of the user. 14. The system of claim 13 , wherein the one or more servers are further configured to determine the risk score of the user based on the training history of the user. 15. The system of claim 13 , wherein the training history identifies one or more of the following: courses that the user is enrolled in by the one or more servers, courses that the user has chosen to enroll in, courses that the user has started, or courses that the user has completed. 16. The system of claim 13 , wherein the training history identifies one or more time intervals between completions of one or more training courses. 17. The system of claim 13 , wherein the training history is based on a Previously Presented of training. 18. The system of claim 12 , wherein the function is one of a weighted function or a logarithmic function of the information related to data breaches associated with the user, whether the user clicks on one or more links of one or more simulated phishing tests and whether the user has completed one or more training courses. 19. The system of claim 12 , wherein the one or more servers are further configured to identify results of at least one or more user assessment surveys for the user. 20. The system of claim 19 , wherein the one or more servers are further configured to determine the risk score of the user as the function of the information related to data breaches associated with the user, whether the user clicks on one or more links of one or more simulated phishing tests, whether the user has completed one or more training courses and the results of the at least one or more user assessment surveys for the user. 21. The system of claim 12 , wherein the one or more servers are further configured to aggregate a group risk from risk scores of a plurality of users. 22. The system of claim 12 , wherein the one or more servers are further configured to cause a display of a probability that the user will responds to a hit of one or more types of malicious attacks.
Assignees
Inventors
Classifications
- H04L63/1408Primary
by monitoring network traffic (monitoring network traffic per se H04L43/00) · CPC title
Traffic logging, e.g. anomaly detection · CPC title
for detecting or protecting against malicious traffic · CPC title
- H04L63/1416Primary
Event detection, e.g. attack signature detection · CPC title
Vulnerability analysis · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11677767B2 cover?
- Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit …
- Who is the assignee on this patent?
- Knowbe4 Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1408. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 13 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).