US 12,242,603 B2
System and method for dynamic scoring of incidents
Qi Wang, Champaign, IL (US); Zhichun Li, Santa Clara, CA (US); Jiaping Gui, Shanghai (CN); and Shuchu Han, Princeton Junction, NJ (US)
Assigned to Stellar Cyber, Inc, San Jose, CA (US)
Filed by Stellar Cyber, Inc., San Jose, CA (US)
Filed on Jan. 16, 2023, as Appl. No. 18/155,031.
Prior Publication US 2024/0241949 A1, Jul. 18, 2024
Int. Cl. G06F 21/55 (2013.01)
CPC G06F 21/554 (2013.01) [G06F 2221/034 (2013.01)] 18 Claims
OG exemplary drawing
 
10. A method for dynamic scoring of a plurality of incidents, the method comprising:
retrieving an incident of the plurality of incidents, wherein the incident includes at least one alert, and wherein the incident is associated with a security breach;
generating an enriched alert based on enrichment of the at least one alert, wherein the enrichment is based on security related data of the security breach associated with the retrieved incident;
identifying one or more entities and one or more observables associated with the generated enriched alert;
generating a behavioural entity model based on at least the identified one or more entities and the one or more observables;
determining a score for the retrieved incident based on at least the generated enriched alert and the generated behavioural entity model; and
dynamically updating the determined score for the retrieved incident based on an analysis of at least the retrieved incident and the generated behavioural entity model.