	US 12,462,106 B2
	Generating security reports
Eric Paul Douglas, Kirkland, WA (US); Mario Davis Goertzel, Kirkland, WA (US); Lloyd Geoffrey Greenwald, Murray Hill, NJ (US); Aditi Kamlesh Shah, Redmond, WA (US); Leo Moreno Betthauser, Kirkland, WA (US); Daniel Lee Mace, Bellevue, WA (US); and Nicholas Becker, Boulder, CO (US)
Assigned to Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Mar. 24, 2023, as Appl. No. 18/126,183.
Claims priority of provisional application 63/441,533, filed on Jan. 27, 2023.
Prior Publication US 2024/0256780 A1, Aug. 1, 2024
Int. Cl. G06F 40/30 (2020.01); G06F 16/3329 (2025.01); G06F 21/57 (2013.01)

CPC G06F 40/30 (2020.01) [G06F 16/3329 (2019.01); G06F 21/577 (2013.01)]

20 Claims

1. A method of generating security reports, the method comprising:

receiving a user query and security data corresponding to one or more security incidents associated with a computing environment;

providing the user query and security data to a semantic model, wherein the semantic model generates one or more first embeddings;

receiving, from a data model, one or more second embeddings, wherein the data model is generated based on historical threat intelligence data;

generating an execution plan based on the one or more first embeddings and the one or more second embeddings;

returning a report corresponding to the execution plan, the report comprising one or more instructions for resolving the one or more security incidents; and

causing the one or more instructions of the report corresponding to the execution plan to be executed, thereby resolving the one or more security incidents associated with the computing environment.