Item request has been placed! ×
Item request cannot be made. ×
loading  Processing Request

SYSTEM AND METHOD FOR MITIGATING CYBER THREATS USING RISK ANALYSIS

Item request has been placed! ×
Item request cannot be made. ×
loading   Processing Request
Read More Add to Saved list
  • Publication Date:
    February 20, 2025
  • Additional Information
    • Document Number:
      20250063061
    • Appl. No:
      18/450871
    • Application Filed:
      August 16, 2023
    • Abstract:
      A system and method for mitigating cyber-threats. A method includes analyzing data in-memory for at least one software component during execution of each of the at least one software component; generating a base risk score based on the analysis of the data in-memory; analyzing a configuration of each of at least one security control with respect to the at least one software component; generating an applicable score based on the base risk score and the analysis of the configuration of each of the at least one security control; and mitigating at least one cyber-threat with respect to the at least one software component based on the applicable score.
    • Assignees:
      Zafran Security LTD (Tel Aviv, IL)
    • Claim:
      1. A method for mitigating cyber-threats, including: analyzing data in-memory for at least one software component during execution of each of the at least one software component; generating a base risk score based on the analysis of the data in-memory; analyzing a configuration of each of at least one security control with respect to the at least one software component; generating an applicable score based on the base risk score and the analysis of the configuration of each of the at least one security control; and mitigating at least one cyber-threat with respect to the at least one software component based on the applicable score.
    • Claim:
      2. The method of claim 1, wherein analyzing the data in-memory further comprises: identifying at least one library loaded into memory; and identifying the at least one software component corresponding to the at least one library loaded into memory.
    • Claim:
      3. The method of claim 1, further comprising: applying a generative AI model to generate a textual applicable score analysis based on the applicable score and the analysis of the data in-memory, wherein the textual applicable score analysis describes a history of potential vulnerabilities for the at least one software component.
    • Claim:
      4. The method of claim 1, wherein the base risk score is generated with respect to at least one of: exploitability of the at least one software component, and reachability of the at least one software component.
    • Claim:
      5. The method of claim 1, wherein the base risk score is generated with respect to asset criticality of at least one asset accessible via the at least one software component.
    • Claim:
      6. The method of claim 1, further comprising: determining an existence of each of the at least one security control, wherein the applicable score is determined based further on the determined existence of each of the at least one security control.
    • Claim:
      7. The method of claim 1, further comprising: analyzing a plurality of capabilities of each of the at least one security control, wherein the applicable score is also based on the plurality of capabilities of each of the at least one security control.
    • Claim:
      8. The method of claim 7, wherein the plurality of capabilities of each of the security controls are analyzed with respect to at least one of: categories of vulnerabilities, and specific types of vulnerabilities.
    • Claim:
      9. The method of claim 8, wherein the categories of vulnerabilities are determined based on a plurality of probabilities, wherein the plurality of probabilities is divided into at least one probability of being triggered via a network and at least one probability of being triggered via an endpoint.
    • Claim:
      10. A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute a process, the process comprising: analyzing data in-memory for at least one software component during execution of each of the at least one software component; generating a base risk score based on the analysis of the data in-memory; analyzing a configuration of each of at least one security control with respect to the at least one software component; generating an applicable score based on the base risk score and the analysis of the configuration of each of the at least one security control; and mitigating at least one cyber-threat with respect to the at least one software component based on the applicable score.
    • Claim:
      11. A system for mitigating cyber-threats, comprising: a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: analyze data in-memory for at least one software component during execution of each of the at least one software component; generate a base risk score based on the analysis of the data in-memory; analyze a configuration of each of at least one security control with respect to the at least one software component; generate an applicable score based on the base risk score and the analysis of the configuration of each of the at least one security control; and mitigate at least one cyber-threat with respect to the at least one software component based on the applicable score.
    • Claim:
      12. The system of claim 11, wherein the system is further configured to: identify at least one library loaded into memory; and identify the at least one software component corresponding to the at least one library loaded into memory.
    • Claim:
      13. The system of claim 11, wherein the system is further configured to: apply a generative AI model to generate a textual applicable score analysis based on the applicable score and the analysis of the data in-memory, wherein the textual applicable score analysis describes a history of potential vulnerabilities for the at least one software component.
    • Claim:
      14. The system of claim 11, wherein the base risk score is generated with respect to at least one of: exploitability of the at least one software component, and reachability of the at least one software component.
    • Claim:
      15. The system of claim 11, wherein the base risk score is generated with respect to asset criticality of at least one asset accessible via the at least one software component.
    • Claim:
      16. The system of claim 11, wherein the system is further configured to: determine an existence of each of the at least one security control, wherein the applicable score is determined based further on the determined existence of each of the at least one security control.
    • Claim:
      17. The system of claim 11, wherein the system is further configured to: analyze a plurality of capabilities of each of the at least one security control, wherein the applicable score is also based on the plurality of capabilities of each of the at least one security control.
    • Claim:
      18. The system of claim 17, wherein the plurality of capabilities of each of the security controls are analyzed with respect to at least one of: categories of vulnerabilities, and specific types of vulnerabilities.
    • Claim:
      19. The system of claim 18, wherein the categories of vulnerabilities are determined based on a plurality of probabilities, wherein the plurality of probabilities is divided into at least one probability of being triggered via a network and at least one probability of being triggered via an endpoint.
    • Current International Class:
      04
    • Accession Number:
      edspap.20250063061