| CPC G06F 21/57 (2013.01) [G06F 16/955 (2019.01); G06F 21/44 (2013.01); G06F 21/53 (2013.01); H04L 41/16 (2013.01); H04L 63/0428 (2013.01); H04L 63/08 (2013.01); H04L 63/083 (2013.01); H04L 63/10 (2013.01); H04L 63/102 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/20 (2013.01); H04L 67/125 (2013.01); H04L 67/55 (2022.05); H04W 12/08 (2013.01)] | 18 Claims |
|
1. A method for providing secure access to digital resources, the method comprising:
accumulating data corresponding to interactions of a plurality of users of an organization with a plurality of websites, wherein the accumulated data was obtained by instances of a web browser;
for each of the plurality of websites,
determining normal behavior based on the accumulated data;
determining website vulnerability features (WVFs) based, at least in part, on the normal behavior and the accumulated data, wherein the
WVFs comprise features which as a result of a user connecting to a website render the organization or a digital resource of the organization vulnerable to cyber damage;
determining a website vulnerability risk feature vector based, at least in part, on the WVFs; and
determining a user risk profile for each of the plurality of users based on the accumulated data, wherein the user risk profile
comprises features that characterize risk of the user browsing behaviour and internet use pattern;
based on detection of a first of the plurality of users attempting to access a first of the plurality of websites, determining a security risk indicator (SRI) value based on the website vulnerability risk feature vector of the first website and the user risk profile of the first user, wherein the SRI value provides an estimate of a cyber damage risk to the organization or a digital resource of the organization resulting from the first user connecting to the first website; and
determining whether or not to permit the first user to access the first website based on the SRI value.
|