	US 11,991,212 B2
	Creation and optimization of security applications for cyber threats detection, investigation and mitigation
Rami Cohen, Haifa (IL); and Avi Chesla, Tel Aviv (IL)
Assigned to Cybereason Inc., Boston, MA (US)
Filed by Cybereason Inc., Boston, MA (US)
Filed on Oct. 19, 2022, as Appl. No. 18/047,868.
Application 18/047,868 is a continuation of application No. 16/020,287, filed on Jun. 27, 2018, granted, now 11,509,692.
Claims priority of provisional application 62/532,130, filed on Jul. 13, 2017.
Prior Publication US 2023/0057632 A1, Feb. 23, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 41/0823 (2022.01); H04L 41/0893 (2022.01); H04L 41/0816 (2022.01); H04L 41/14 (2022.01)

CPC H04L 63/20 (2013.01) [H04L 41/0823 (2013.01); H04L 41/0893 (2013.01); H04L 63/14 (2013.01); H04L 41/0816 (2013.01); H04L 41/145 (2013.01)]

27 Claims

1. A method for optimizing a defense model using available security capabilities, comprising:

obtaining a defense model, wherein the defense model defines a defense behavior with respect to an identified threat;

evaluating available security capabilities deployed in an enterprise environment to determine a plurality of variant security applications implementing the defense model;

determining a quality score for each variant security application of the plurality of variant security applications, the quality score reflecting a level of protection each variant security application offers against the identified threat;

selecting, from the plurality of variant security applications, a variant security application having a highest quality score; and

executing the selected variant security application to respond to the identified threat.