	US 11,757,921 B2
	Leveraging attack graphs of agile security platform
Dani Grabois, Tel Aviv-Jaffa (IL); Eitan Hadar, Nesher (IL); and Asher Genachowski, Shoham (IL)
Assigned to Accenture Global Solutions Limited, Dublin (IE)
Filed by Accenture Global Solutions Limited, Dublin (IE)
Filed on Dec. 13, 2021, as Appl. No. 17/549,437.
Application 17/549,437 is a continuation of application No. 16/375,965, filed on Apr. 5, 2019, granted, now 11,283,825.
Claims priority of provisional application 62/774,516, filed on Dec. 3, 2018.
Prior Publication US 2022/0124115 A1, Apr. 21, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/57 (2013.01); G06F 21/55 (2013.01)

CPC H04L 63/1433 (2013.01) [G06F 21/577 (2013.01); G06F 2221/034 (2013.01)]

20 Claims

1. A computer-implemented method for security of enterprise networks, the method being executed by one or more processors and comprising:

receiving, by a security platform, event data representing one or more events occurring within an enterprise network;

processing, by the security platform, the event data using attack graph data representative of an attack graph representing one or more lateral paths within the enterprise network, the attack graph including a plurality of nodes representing assets within the enterprise network, a first node of the plurality of nodes representing a target asset within the enterprise network, including:

identifying critical paths in the attack graph, wherein traversal along a critical path leads to the first node representing the target asset; and

assigning, to each event of the one or more events, a priority based on whether the event is associated with an asset represented by a node included in any of the critical paths of the attack graph; and

based on the respective priorities assigned to each of the one or more events, generating, by the security platform, one or more alerts representing at least one event of the one or more events.