| CPC H04L 63/1416 (2013.01) [H04L 63/0236 (2013.01); H04L 63/1433 (2013.01); H04L 63/145 (2013.01); H04L 63/20 (2013.01)] | 30 Claims |
|
1. A system for performing asset-based severity monitoring comprising:
one or more processors in communication with one or more client devices and an analyst device associated with a cybersecurity analyst; and
a memory having programming instructions stored thereon, which, when executed by the one or more processors, causes the system to perform operations comprising:
receive a data structure associated with a process executing on at least one of the one or more client devices;
generate a criticality score for the process;
generate a behavioral score for the process;
cause the behavioral score to be transmitted to the analyst device;
receive at least one user input from the analyst device, the at least one user input comprising an actor attribution value or an information impact value describing information affected by the process;
modify the behavioral score based on the at least one user input;
generate a risk score based on the criticality score and the modified behavioral score;
cause the behavioral score to be displayed on at least one other analyst device;
receive at least one additional user input from the at least one other analyst device;
determine a divergence between the at least one user input and the at least one additional user input;
determine that the divergence is above a pre-defined divergence threshold;
in response to determining that the divergence is above the pre-defined divergence threshold, elevate the risk score; and
cause a remediation action to be performed based on the elevated risk score.
|