Automatically computing and improving a cybersecurity risk score
Jason Crabtree, Vienna, VA (US); and Andrew Sellers, Monument, CO (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX LLC, Reston, VA (US)
Filed on May 3, 2024, as Appl. No. 18/653,991.
Application 18/653,991 is a continuation of application No. 17/392,250, filed on Aug. 2, 2021, granted, now 12,003,544.
Application 17/392,250 is a continuation in part of application No. 16/837,551, filed on Apr. 1, 2020, granted, now 11,070,592, issued on Jul. 20, 2021.
Application 16/837,551 is a continuation in part of application No. 16/777,270, filed on Jan. 30, 2020, granted, now 11,025,674, issued on Jun. 1, 2021.
Application 16/777,270 is a continuation in part of application No. 16/720,383, filed on Dec. 19, 2019, granted, now 10,944,795, issued on Mar. 9, 2021.
Application 16/720,383 is a continuation of application No. 15/823,363, filed on Nov. 27, 2017, granted, now 10,560,483, issued on Feb. 11, 2020.
Application 15/823,363 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul. 20, 2017, granted, now 10,735,456, issued on Aug. 4, 2020.
Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/655,113 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/655,113 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/141,752 is a continuation in part of application No. 14/986,536, filed on Dec. 31, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 15/141,752 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 16/837,551 is a continuation in part of application No. 15/818,733, filed on Nov. 20, 2017, granted, now 10,673,887, issued on Jun. 2, 2020.
Application 15/818,733 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Prior Publication US 2024/0291870 A1, Aug. 29, 2024
1. A computing system for automatically computing and improving a cybersecurity risk score, comprising:
one or more hardware processors configured for:
generating a cybersecurity profile for the network via external reconnaissance of the network;
determining a cybersecurity risk score for at least a portion of the network based on the cybersecurity profile and a cyber-physical graph of the network;
providing the cybersecurity risk score and the cyber-physical graph to a distributed computational graph;
analyzing the cyber-physical graph and the cybersecurity risk score on a periodic or event-oriented basis using computations coordinated by the distributed computational graph; and
when the cybersecurity risk score falls below a threshold:
identifying, based on results of the analysis, a change applicable to each of a plurality of target devices within the network;
transmitting instructions to the plurality of target devices to apply or simulate the identified change; and
updating the cyber-physical graph based on the applied or simulated change.
