	US 12,189,783 B2
	Security analytics system for performing a risk analysis operation taking into account social behavior peer grouping
Margaret Cunningham, Austin, TX (US); and Peter Lochlan Stewart, Rowlett, TX (US)
Assigned to Forcepoint Federal Holdings LLC, Austin, TX (US)
Filed by Forcepoint LLC, Austin, TX (US)
Filed on Nov. 21, 2022, as Appl. No. 17/991,022.
Claims priority of provisional application 63/294,991, filed on Dec. 30, 2021.
Prior Publication US 2023/0214497 A1, Jul. 6, 2023
Int. Cl. G06F 21/57 (2013.01); G06F 21/55 (2013.01)

CPC G06F 21/577 (2013.01) [G06F 2221/034 (2013.01)]

20 Claims

1. A computer-implementable method for performing an entity interaction risk analysis operation, comprising:

monitoring an entity, the monitoring observing an electronically-observable data source;

identifying a security related activity associated with the entity, the security related activity comprising a concerning behavior, the concerning behavior comprising a corresponding concerning behavior score,

identifying an interaction between the entity and another entity based upon the monitoring;

analyzing the interaction between the entity and the another entity;

generating a user behavior score based upon the corresponding concerning behavior score and the analyzing the interaction between the entity and the another entity; and,

performing a security operation via a security analytics system based upon the user behavior score, the security operation being performed by at least one of an endpoint device and the security analytics system, the endpoint device executing the security operation on a hardware processor associated with the endpoint device, the security analytics system executing the security operation on a hardware processor associated with the security analytics system.