| CPC H04L 63/1441 (2013.01) [H04L 63/1425 (2013.01)] | 17 Claims |
|
1. A computer-implemented method for mitigating cyber security risk of an enterprise network, the computer-implemented method comprising:
receiving an analytical attack graph (AAG) representing paths within the enterprise network with respect to at least one target asset, the AAG at least partially defining a digital twin of the enterprise network and comprising a set of rule nodes, each rule node of the set of rule nodes representing an attack tactic of a plurality of attack tactics that is used to move along a path of the AAG;
integrating the AAG with a knowledge graph (KG) comprising a set of asset nodes and a set of tactic nodes, each asset node of the set of asset nodes representing a digital asset that is affected by one or more of the plurality of attack tactics and each tactic node of the set of tactic nodes representing a tactic for attacking the digital asset of the enterprise network, wherein integrating the AAG with the KG comprises mapping each rule node of the set of rule nodes to a respective tactic node of the set of tactic nodes of the KG;
determining, based on integrating the AAG with the KG, a plurality of security controls, each security control of the plurality of security controls having an assigned priority value; and
selectively implementing one or more security controls of the plurality of security controls in the enterprise network based at least partially on the assigned priority values of the plurality of security controls.
|