| CPC G06F 21/54 (2013.01) [G06F 2221/033 (2013.01)] | 10 Claims |
|
1. A method for automatically generating parameters of security controls in the production environment for an element of an information system (IS) using stored historical data about configurations of an element of the IS which have been marked safe in the test management system (TMS) and parameters of security test scenarios corresponding to these configurations, the method comprising the steps of:
a. collecting information about the configurations of the element of IS marked as safe in the TMS and corresponding security controls resulting in the safe state of the element during the security testing;
b. generating M-embeddings of the configurations of the element of IS of fixed length M and N-embedding of the parameters of security controls of fixed length N;
c. training a neural network NN with input layer of size M and output layer of size N using the embeddings of collected information, wherein the AI is configured take as an input embedding EE of the configuration of the element of IS and to output an embedding of the set of security controls of fixed length N;
d. obtaining information about a new configuration of the element of IS in the production environment;
e. generating an M-embedding of the new configuration of the element of IS in the production environment;
f. calculating an N-embedding of the parameters of security controls of fixed length N by inputting M-embedding of the new configuration of the element of IS in the production environment into NN;
g. generating new parameters of security controls corresponding to the N-embedding output by NN; and
h. setting the parameters of the set of security controls of the element of IS in the production environment to the values generated by the NN.
|