US 12,141,289 B1
Real time application protection system configuration deficiency prediction
Matthew Thomas McDonald, Callahan, FL (US); Jeremy W. Long, Herndon, VA (US); Mitch Moon, Plymouth, MN (US); and Isaiah Adonu, Oro Valley, AZ (US)
Assigned to Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed by Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed on Dec. 15, 2020, as Appl. No. 17/122,734.
Claims priority of provisional application 62/972,280, filed on Feb. 10, 2020.
Int. Cl. G06F 21/57 (2013.01); G06N 20/00 (2019.01)
CPC G06F 21/577 (2013.01) [G06N 20/00 (2019.01); G06F 2221/033 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
training a first machine learning model with a first configuration setting of application protection systems corresponding to a plurality of applications and a first plurality of known vulnerabilities corresponding to the first configuration setting;
training a second machine learning model with a second configuration setting of application protection systems corresponding to the plurality of applications and a second plurality of known vulnerabilities corresponding to the second configuration setting;
applying each of the first machine learning model and the second machine learning model to a proposed configuration setting to predict one or more potential vulnerabilities of the proposed configuration setting;
wherein applying each of the first machine learning model and the second machine learning model to a proposed configuration setting to predict one or more potential vulnerabilities of the proposed configuration setting comprises:
segmenting the proposed configuration setting into a plurality of sections;
applying each of the first machine learning model and the second machine learning model to each section of the plurality of sections;
predicting, for each section of the plurality of sections, a respective set of potential vulnerabilities;
generating a list of the one or more potential vulnerabilities of the proposed configuration setting based on the respective set of potential vulnerabilities for each section of the plurality of sections of the proposed configuration setting;
identifying one or more configuration changes to the proposed configuration setting to overcome the predicted one or more potential vulnerabilities; and
generating and providing an alert to a user identifying the predicted one or more potential vulnerabilities, wherein the alert includes a section by section list of the plurality of sections, the respective set of potential vulnerabilities from the list of one or more potential vulnerabilities for each of the plurality of sections, and an indication to focus testing of the proposed configuration setting based on the predicted one or more potential vulnerabilities.