| CPC H04L 63/1433 (2013.01) | 20 Claims |
|
1. A system comprising:
a processor; and
a memory that stores computer-executable instructions that, when executed by the processor, cause the processor to perform operations comprising
obtaining threat data from a plurality of publicly available data sources, wherein the plurality of publicly available data sources comprise a social networking service, and wherein the threat data comprises a plurality of social networking messages,
determining, based on the threat data, a threat that is predicted to exploit a vulnerability, wherein the threat has a name that identifies the threat,
storing filtered threat data that is generated by filtering the threat data using the name that identifies the threat, wherein the filtered threat data comprises a further plurality of social networking messages, wherein the further plurality of social networking messages mention the name that identifies the threat,
analyzing the filtered threat data to determine, based on time and date information included in the further plurality of social networking messages, a mention trend for the threat, a severity score for the threat, an exploitation history for the threat, and a patch availability of the threat,
determining, based on the mention trend, the severity score, the exploitation history, and the patch availability, a predicted threat level for the threat, wherein the predicted threat level is generated without machine learning and without artificial intelligence that predicts seriousness of the threat based on historical data, and
in response to determining, based on the predicted threat level, that an alert should be sent to a subscriber device, generating the alert and sending, directed to the subscriber device, the alert.
|