| CPC H04L 63/1433 (2013.01) [G06F 9/45558 (2013.01); G06F 18/214 (2023.01); G06N 20/00 (2019.01); H04L 63/1416 (2013.01); H04L 63/1441 (2013.01); H04L 63/20 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01)] | 18 Claims |
|
1. A computing platform, comprising:
at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
monitor data associated with a series of activities from a virtual desktop accessed by a remote computing device;
detect new activity data on the virtual desktop accessed by the remote computing device;
evaluate the new activity data relative to the data associated with the series of activities, wherein evaluating includes applying a machine learning model to the new activity data;
determine if the new activity data is indicative of a potential cyber-attack based on evaluating the new activity data relative to the data associated with series of activities; and
in response to determining that the new activity data is indicative of a potential cyber-attack, initiate one or more security response actions, wherein initiating the one or more security response actions includes transmitting a security response alert to a data loss prevention computing device, and wherein transmitting the security response alert causes a screen mirroring session of the remote computing device to initiate at a display of the data loss prevention computing device.
|