Method to prevent root level access attack and measurable sla security and compliance platform
US-2024338440-A1 · Oct 10, 2024 · US
Systems and methods for determining individual and group risk scores
US2020287917A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2020287917-A1 |
| Application number | US-202016855502-A |
| Country | US |
| Kind code | A1 |
| Filing date | Apr 22, 2020 |
| Priority date | May 16, 2018 |
| Publication date | Sep 10, 2020 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.
First claim
Opening claim text (preview).
We claim: 1 . A method comprising: identifying, by one or more processers, a first score comprising a first value representing a frequency at which a user is to receive a phishing communication; identifying, by the one or more processors, a second score comprising a second value representing a propensity of the user to interact with the phishing communication; determining, by the one or more processors, a risk score for the user based at least on a function of the first value of the first score and the second value of the second score, the risk score identifying a probability that the user will interact with one or more subsequent phishing communications; and providing, by the one or more processors, the risk score for display via a user interface. 2 . The method of claim 1 , further comprising identifying, by the one or more processors, a third score comprising a third value representing a severity of the user's interaction with the phishing communication. 3 . The method of claim 2 , further comprising determining, by the one or more processors, the risk score comprising the function of the first value of the first score and the second value of the second score and the third value of the third score. 4 . The method of claim 2 , further comprises determining, by the one or more processors, the third value of the third score based at least on individual access of the user. 5 . The method of claim 1 , further comprising determining, by the one or more processors, the risk score comprising the function of applying weights to the first value of the first score and the second value of the second score. 6 . The method of claim 1 , further comprising determining, by the one or more processors, the first value of the first scored based at least on one of a job score value or a breach score value. 7 . The method of claim 6 , wherein the job score value identifies a type of job of the user 8 . The method of claim 6 , wherein the breach score value identifies the user's level of exposure to email. 9 . The method of claim 1 , wherein the phishing communication is a malicious attack 10 . The method of claim 1 , wherein the phishing communication is a simulated phishing communication. 11 . A system comprising: one or more processers, coupled to memory, and configured to: identify a first score comprising a first value representing a frequency at which a user is to receive a phishing communication; identify, a second score comprising a second value representing a propensity of the user to interact with the phishing communication; determine a risk score for the user based at least on a function of the first value of the first score and the second value of the second score, the risk score identifying a probability that the user will interact with one or more subsequent phishing communications; and provide the risk score for display via a user interface. 12 . The system of claim 11 , wherein the one or more processors are further configured to identify a third score comprising a third value representing a severity of the user's interaction with the phishing communication. 13 . The system of claim 12 , wherein the one or more processors are further configured to determine the risk score comprising the function of the first value of the first score and the second value of the second score and the third value of the third score. 14 . The system of claim 12 , wherein the one or more processors are further configured to determine the third value of the third score based at least on individual access of the user. 15 . The system of claim 11 , wherein the one or more processors are further configured to determine the risk score comprising the function of applying weights to the first value of the first score and the second value of the second score. 16 . The system of claim 11 , wherein the one or more processors are further configured to determine the first value of the first scored based at least on one of a job score value or a breach score value. 17 . The system of claim 16 , wherein the job score value identifies a type of job of the user 18 . The system of claim 16 , wherein the breach score value identifies the user's level of exposure to email. 19 . The system of claim 11 , wherein the phishing communication is a malicious attack 20 . The system of claim 11 , wherein the phishing communication is a simulated phishing communication.
Assignees
Inventors
Classifications
- H04L63/1408Primary
by monitoring network traffic (monitoring network traffic per se H04L43/00) · CPC title
for detecting or protecting against malicious traffic · CPC title
Vulnerability analysis · CPC title
- H04L63/1416Primary
Event detection, e.g. attack signature detection · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2020287917A1 cover?
- Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit …
- Who is the assignee on this patent?
- Knowbe4 Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1408. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Sep 10 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).