&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
</head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12411950.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,411,950 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Techniques for semantic analysis of cybersecurity event data and remediation of cybersecurity event root causes</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Tomer Schwartz,  Tel Aviv (IL);  Eshel Yaron,  Amsterdam (NL); and  Barak Bercovitz,  Even-Yehuda (IL)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Wiz, Inc.,  New York, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Dazz, Inc.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Feb.  20, 2025, as Appl. No. 19/058,833.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 19/058,833 is a continuation of application No. 17/507,180, filed on Oct.  21, 2021.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2025/0190555 A1, Jun.  12, 2025</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 21/55</b></i> (2013.01); <i><b>G06F 8/70</b></i> (2018.01); <i><b>G06F 16/245</b></i> (2019.01); <i><b>G06F 16/901</b></i> (2019.01); <i><b>G06F 40/242</b></i> (2020.01); <i><b>G06F 40/30</b></i> (2020.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 21/554</b></i> (2013.01)&#xa0;[<i><b>G06F 8/70</b></i> (2013.01); <i><b>G06F 16/245</b></i> (2019.01); <i><b>G06F 16/9024</b></i> (2019.01); <i><b>G06F 40/242</b></i> (2020.01); <i><b>G06F 40/30</b></i> (2020.01); <i>G06F 2221/033</i> (2013.01)]</td>
            <td class="table_data" align="right"><b>19 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12411950-20250909-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method for remediating cybersecurity events, comprising:<div class="claim_text">creating a semantic concepts dictionary, wherein the semantic concepts dictionary defines a plurality of semantic concepts representing characteristics of software components;</div>
                <div class="claim_text">creating an entity graph based on a plurality of correlations between entities among a plurality of entities, wherein the entity graph has a plurality of nodes representing respective entities of the plurality of entities, wherein the plurality of entities includes a plurality of software components of a software infrastructure and a plurality of event logic components of cybersecurity event logic deployed with respect to the software infrastructure;</div>
                <div class="claim_text">building a knowledge base such that the knowledge base includes the semantic concepts dictionary and the entity graph;</div>
                <div class="claim_text">querying the knowledge base using a query generated based on at least one semantic concept and at least one entity-identifying value extracted from cybersecurity event data indicating a cybersecurity event for the software infrastructure, wherein the knowledge base returns at least one query result, wherein the query includes at least one semantic concept and at least one entity-identifying value; and</div>
                <div class="claim_text">performing at least one remedial action based on the at least one query result.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>