What technology area does this patent fall under?

Primary CPC classification G06Q10/0635. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Feb 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Systems and methods for using artificial intelligence driven agent to automate assessment of organizational vulnerabilities

US12223455B2 · US · B2

Patent metadata
Field	Value
Publication number	US-12223455-B2
Application number	US-202217982473-A
Country	US
Kind code	B2
Filing date	Nov 7, 2022
Priority date	Dec 1, 2017
Publication date	Feb 11, 2025
Grant date	Feb 11, 2025

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The present disclosure describes systems and method for performing a vulnerabilities assessment of an organization. A campaign controller executes one or more simulated phishing campaigns directed to a plurality of users of an organization, using a plurality of models determined by the campaign controller based at least on identification of the organization. The campaign controller stores to a database the results of execution of the one or more simulated phishing campaigns and based on the results, the campaign controller determines one or more vulnerabilities to phishing for the organization. In one embodiment, the campaign controller determines a percentage of the plurality of users of the organization that are phish-prone. In some embodiments, the users of the organization that are phish-prone interacted with a link of a simulated phishing communication.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: selecting, by one or more processors, in advance of a simulated phishing campaign for one or more users, a template to use for the simulated phishing campaign, the template identifying when to start the simulated phishing campaign and a plurality of predetermined stages to progress through the simulated phishing campaign, each predetermined stage of the plurality of predetermined stages comprising a type of simulated phishing communication and a timing of the type of simulated phishing communication; progressing, by a state machine of the one or more processors responsive to the start of the simulated phishing campaign identified by the template, each of the one or more users through each predetermined stage of the plurality of predetermined stages identified by the template, the state machine causing the type of simulated phishing communication to be communicated for each stage according to the timing of each stage; determining, by the state machine, that a first user of the one or more users has failed at a first predetermined stage of the plurality of predetermined stages; and stopping, by the state machine responsive to the determination, the simulated phishing campaign at the first predetermined stage for the first user. 2. The method of claim 1 , further comprising continuing, by the state machine for a second user of the one or more users, to progress to a next predetermined stage of the plurality of predetermined stages of the simulated phishing campaign. 3. The method of claim 2 , further comprising determining, by the state machine, that the second user has failed at a second predetermined stage of the plurality of predetermined stages and stopping the simulated phishing campaign at the second predetermined stage for the second user. 4. The method of claim 1 , further comprising determining, by the state machine, that the first user had failed by interacting with a link of a simulated phishing communicated provided at the first predetermined stage. 5. The method of claim 1 , further comprising stopping, by the state machine, the simulated phishing campaign responsive to a percentage of the one or more users failing. 6. The method of claim 1 , further comprising stopping, by the state machine, the simulated phishing campaign responsive to completion of a fixed period of time identified by the template. 7. The method of claim 1 , wherein the template identifies one or more types of simulated phishing communications comprising one or more of an email, a text or a voice based communication to use for each of the plurality of predetermined stages of the simulated phishing campaign. 8. The method of claim 1 , wherein the plurality of predetermined stages comprises at least two or more types of simulated phishing communications. 9. The method of claim 1 , further comprising causing, by the state machine, performance of one or more actions at each predetermined state stage of the plurality of predetermined stages with timing associated with the template as the state machine progresses through each predetermined stage of the plurality of predetermined stages of the template. 10. The method of claim 1 , wherein the template identifies one or more landing pages to use for users failing the simulated phishing campaign at each predetermined stage of the plurality of predetermined stages. 11. A system comprising: one or more processors, coupled to memory and configured to: select, in advance of a simulated phishing campaign for one or more users, a template to use for the simulated phishing campaign, the template identifying when to start the simulated phishing campaign and a plurality of predetermined stages to progress through the simulated phishing campaign, each predetermined stage of the plurality of predetermined stages comprising a type of simulated phishing communication and a timing of the type of simulated phishing communication; and a state machine of the one or more processors configured to: progress, for each of the one or more users through each predetermined stage of the plurality of predetermined stages identified by the template responsive to the start of the simulated phishing campaign identified by the template, the state machine causing the type of simulated phishing communication for each stage to be communicated according to the timing of each stage; determine that a user of the one or more users has failed at a predetermined stage of the plurality of predetermined stages; and stop responsive to the determination, the simulated phishing campaign at that predetermined stage for that user. 12. The system of claim 11 , wherein the state machine is further configured to continue, for a second user of the one or more users, to progress to a next predetermined stage of the plurality of predetermined stages of the simulated phishing campaign. 13. The system of claim 12 , wherein the state machine is further configured to determinate that the second user has failed at a second predetermined stage of the plurality of predetermined stages and stop the simulated phishing campaign at the second predetermined stage for the second user. 14. The system of claim 11 , wherein the state machine is further configured to determine that the user had failed by interacting with a link of a simulated phishing communicated provided at the first predetermined stage. 15. The system of claim 11 , wherein the state machine is further configured to stop the simulated phishing campaign responsive to a percentage of the one or more users failing. 16. The system of claim 11 , wherein the state machine is further configured to stop the simulated phishing campaign responsive to completion of a fixed period of time identified by the template. 17. The system of claim 11 , wherein the template identifies one or more types of simulated phishing communications comprising one or more of an email, a text or a voice based communication to use for each of the plurality of predetermined stages of the simulated phishing campaign. 18. The system of claim 11 , wherein the plurality of predetermined stages comprises at least two or more types of simulated phishing communications. 19. The system of claim 11 , wherein the state machine is further configured to cause performance of one or more actions at each predetermined stage state of the plurality of predetermined stages with timing associated with the template as the state machine progresses through each predetermined stage of the plurality of predetermined stages of the template. 20. The system of claim 11 , wherein the template identifies one or more landing pages to use for users failing the simulated phishing campaign at each predetermined stage of the plurality of predetermined stages.

Assignees

Knowbe4 Inc

Inventors

Classifications

H04L51/212
using filtering or selective blocking · CPC title
H04L63/1433
Vulnerability analysis · CPC title
H04L63/1491
using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment · CPC title
H04L63/1483
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
G06Q10/0635Primary
Risk analysis of enterprise or organisation activities · CPC title

Patent family

Related publications grouped by family.

View patent family 64901661

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US12223455B2 cover?: The present disclosure describes systems and method for performing a vulnerabilities assessment of an organization. A campaign controller executes one or more simulated phishing campaigns directed to a plurality of users of an organization, using a plurality of models determined by the campaign controller based at least on identification of the organization. The campaign controller stores to a …
Who is the assignee on this patent?: Knowbe4 Inc
What technology area does this patent fall under?: Primary CPC classification G06Q10/0635. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Feb 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).