	US 12,113,809 B2
	Artificial intelligence corroboration of vendor outputs
Ajay Jose Paul, Davidson, NC (US); Ghada I. Khashab, Allen, TX (US); Sidy Diop, Charlotte, NC (US); Peggy J. Qualls, Oswego, IL (US); Anthony R. Bandos, Clarkston, MI (US); and Lori Mammoser, Charlotte, NC (US)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Jan. 15, 2021, as Appl. No. 17/149,862.
Prior Publication US 2022/0232018 A1, Jul. 21, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/00 (2022.01); G06N 20/00 (2019.01); H04L 9/40 (2022.01)

CPC H04L 63/1416 (2013.01) [G06N 20/00 (2019.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01)]

20 Claims

1. An artificial intelligence (“AI”) method for unifying cybersecurity vulnerabilities detected by disparate software tools deployed across an enterprise organization, the AI method comprising:

receiving, at an AI engine, output from a first vendor tool comprising:

a first cyberthreat detected by the first vendor tool; and

a first set of countermeasures that neutralize the first cyberthreat;

applying, using the AI engine, machine learning techniques to corroborate the first cyberthreat to a known cyberthreat;

receiving, at the AI engine, output from a second vendor tool comprising:

a second cyberthreat detected by the second vendor tool; and

a second set of countermeasures that neutralize the second cyberthreat;

applying, using the AI engine, machine learning techniques to corroborate the second cyberthreat to the known cyberthreat;

when the first and second cyberthreats both corroborate to the known cyberthreat, formulating, by the AI engine, a set of overlapping countermeasures designed to neutralize the known cyberthreat, wherein each member of the set of overlapping countermeasures is included in the first set of countermeasures and included in the second set of countermeasures;

formulating, by the AI engine, a third set of countermeasures including the set of overlapping countermeasures and a combination of countermeasures that is different from countermeasures included in the first and second sets of countermeasures based on the known cyberthreat;

overriding, by the AI engine, the first and second sets of countermeasures output by the first and second vendor tools respectively;

deploying, by the AI engine, the third set of countermeasures against the first cyberthreat detected by the first vendor tool and the second cyberthreat detected by the second vendor tool;

decommissioning, by the AI engine without user intervention, the first vendor tool when a first intersection of a set of first cyberthreats detected by the first vendor tool includes fewer members than a second intersection of a set of second cyberthreats by the second vendor tool; and

decommissioning, by the AI engine without user intervention, the second vendor tool when the second intersection includes fewer members than the first intersection.