| CPC G06F 21/577 (2013.01) [G06F 21/566 (2013.01); G06N 5/04 (2013.01); G06F 2221/034 (2013.01)] | 20 Claims |
|
1. A method, in a data processing system, comprising at least one processor and at least one memory, the memory comprising instructions executed by the processor to cause the processor to execute the method comprising:
training a policy machine learning model using a first training dataset to predict mitigation technique classifications;
training a vulnerability machine learning model using a second training dataset to predict weakness type classifications;
receiving a policy compliance list and a vulnerability list;
predicting, by the policy machine learning model, a set of mitigation technique classifications corresponding to the policy compliance list;
predicting, by the vulnerability machine learning model, a set of weakness type classifications associated with the vulnerability list;
mapping the set of mitigation technique classifications to a first set of attack techniques to produce a policy mapping;
mapping the set of weakness type classifications to a second set of attack techniques to produce a vulnerability mapping; and
producing a risk assessment based on the policy mapping and the vulnerability mapping, wherein the producing the risk assessment comprises comparing the first and second sets of attack techniques.
|