	US 11,991,215 B2
	System and method for self-adjusting cybersecurity analysis and score generation
Jason Crabtree, Vienna, VA (US); and Andrew Sellers, Monument, CO (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX, Inc., Tysons, VA (US)
Filed on Apr. 12, 2023, as Appl. No. 18/299,677.
Application 18/299,677 is a continuation of application No. 17/219,833, filed on Mar. 31, 2021, granted, now 11,700,283.
Application 17/219,833 is a continuation of application No. 16/837,551, filed on Apr. 1, 2020, granted, now 11,070,592, issued on Jul. 20, 2021.
Application 16/837,551 is a continuation in part of application No. 16/777,270, filed on Jan. 30, 2020, granted, now 11,025,674, issued on Jun. 1, 2021.
Application 16/777,270 is a continuation in part of application No. 16/720,383, filed on Dec. 19, 2019, granted, now 10,944,795, issued on Mar. 9, 2021.
Application 16/720,383 is a continuation of application No. 15/823,363, filed on Nov. 27, 2017, granted, now 10,560,483, issued on Feb. 11, 2020.
Application 15/823,363 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul. 20, 2017, granted, now 10,735,456, issued on Aug. 4, 2020.
Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/616,427 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/655,113 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/091,563 is a continuation in part of application No. 14/986,536, filed on Dec. 31, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 14/986,536 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 16/837,551 is a continuation in part of application No. 15/818,733, filed on Nov. 20, 2017, granted, now 10,673,887, issued on Jun. 2, 2020.
Application 15/818,733 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Prior Publication US 2023/0300174 A1, Sep. 21, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 16/2458 (2019.01); G06F 16/951 (2019.01)

CPC H04L 63/20 (2013.01) [G06F 16/2477 (2019.01); G06F 16/951 (2019.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01)]

6 Claims

1. A system for self-adjusting cybersecurity analysis and rating based on heterogeneous data and reconnaissance, comprising:

a computing system comprising a memory, a processor, a network interface and a plurality of programming instructions that, when operating on the processor, cause the processor to;

reconnoiter a target network by identifying internet protocol (IP) addresses and subdomains of the target network, verifying domain name system information for each IP address and subdomain of the target network, and computing an Internet reconnaissance score;

collect domain name system leak information by identifying improper network configurations in the IP addresses and subdomains of the target network, and computing a domain name system leak information score;

analyze web applications used by the target network to identify vulnerabilities in the web applications that could allow unauthorized access to the target network, and computing a web application security score;

search social media networks for information of concern related to users identified within the target network, and computing a social network score;

conduct a scan of the IP addresses within the target network for open TCP or UDP ports, and computing an open port score;

identify leaked credentials associated with the target network that are found to be disclosed in previous breach incidents, and computing a credential score;

gather version and update information for hardware and software systems within the boundary of the target network, checking version and update information for the hardware and software systems within the boundary of the target network, and computing a patching frequency score;

identify content of interest contained within the target network, performing an Internet search to identify references to the content of interest, and computing an open-source intelligence score;

assign a weight to each of the computed scores;

combine the weighted scores into a weighted cybersecurity score; and

comparing the weighted cybersecurity score to a score set point; and

recommending changes to network security for the target network to either increase or decrease network security to bring the score into equilibrium with the score set point.