| CPC H04L 63/20 (2013.01) [G06F 16/2477 (2019.01); G06F 16/951 (2019.01); H04L 61/4511 (2022.05); H04L 63/0236 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01); H04L 63/0281 (2013.01); H04L 63/1416 (2013.01); H04L 63/1475 (2013.01)] | 8 Claims |
|
1. A system for cybersecurity analysis and protection employing a cyber decision platform, comprising one or more computers with executable instructions that, when executed, cause the system to:
execute a plurality of Internet search tasks for a domain name comprising searches for, and receipt of search results for, one or more domain name system records;
identify Internet protocol addresses associated with the domain name from the one or more domain name system records;
execute a first plurality of Internet protocol address scanning tasks comprising an open port scan for each Internet protocol address identified and a vulnerability scan for each open port;
receive a list of open ports, associated vulnerabilities, and a baseline and service fingerprint profile for the domain name;
execute a second plurality of Internet protocol address scanning tasks comprising a port scan detection task for each Internet protocol address identified; and
store the received search results and the results of the first and second pluralities of Internet protocol address scanning tasks;
receive a cybersecurity scoring model, the cybersecurity scoring model comprising category weights for the one or more domain name system records, the list of open ports, and associated vulnerabilities and further comprising an algorithm for combining the categories using the category weights;
compute a cybersecurity score by applying the algorithm to the weighted categories; and
generate a cybersecurity portion of a baseline and service fingerprint profile for the domain name based on the cybersecurity score.
|