	US 12,335,280 B2
	Systems and methods for automated anomalous behavior detection and risk-scoring individuals
Daniel Fricano, San Francisco, CA (US); and Peter A. Makohon, San Francisco, CA (US)
Assigned to Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed by Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed on May 9, 2023, as Appl. No. 18/195,315.
Application 18/195,315 is a continuation of application No. 17/146,180, filed on Jan. 11, 2021, granted, now 11,652,828.
Prior Publication US 2023/0291754 A1, Sep. 14, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06Q 10/0639 (2023.01)

CPC H04L 63/1416 (2013.01) [G06Q 10/06398 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01)]

20 Claims

1. A computing system comprising one or more processors configured to:

receive, via a data channel from an agentless monitoring data source, user activity data associated with a first computing device of a first user;

determine a policy violation based on the user activity data;

compare employee-related information associated with the first user to a threshold;

determine a baseline level of risk based on the employee-related information exceeding the threshold;

determine a user score based on an impact dimension and at least one of a threat dimension or an exposure dimension, wherein the impact dimension comprises a permissions component defining a number of active accounts accessible by the first user and an access component defining a number of inactive accounts associated with the first user, the threat dimension comprises a relative component, and the exposure dimension comprises a technical component;

determine a probability of an adverse event based on the baseline level of risk and the user score;

generate a user-interactive electronic notification comprising an indication of the probability of the adverse event; and

transmit the user-interactive electronic notification to a second computing device.