公开(公告)号：US11265352B2

公开(公告)日：2022-03-01

申请号：US17006310

申请日：2020-08-28

Applicant: International Business Machines Corporation

Inventor： Aankur Bhatia ,  Srinivas B. Tummalapenta ,  Huyanh D. Ngo ,  Carlos E. Aguilera

IPC: G06F9/00 ,  H04L29/06 ,  G06N5/02 ,  G06F40/30

Abstract: A method assigns a particular rule for a previous client to a new client for use in executing a security feature on a computer system used by the new client. One or more processors match a new client profile for the new client to a previous client profile for the previous client. The new client profile is based on types of one or more client assets of the new client and an intrusion detection alert history of the new client. The processor(s) assign the particular rule for the previous client to the new client based on the new client profile matching the previous client profile. The processor(s) receive information indicating that a violation of the particular rule has occurred, and execute a security feature of the computer system used by the new client in order to resolve the violation of the particular rule.

公开(公告)号：US20240427876A1

公开(公告)日：2024-12-26

申请号：US18214088

申请日：2023-06-26

Applicant: International Business Machines Corporation

Inventor： Rick Woodward ,  Carlos E. Aguilera ,  Karl Kakadelis

IPC: G06F21/55 ,  G06F21/57

Abstract: Results of a simulated cybersecurity attack performed against a target computer environment can be received. An analogous computer environment can be identified in a context database that performed better against the simulated cybersecurity attack, where the context database stores information associated with a plurality of computer environments and previously performed cybersecurity attack simulations on the plurality of computer environments, and where the analogous computer environment is identified that exhibits acceptable cybersecurity hardening from types of exploits employed in the simulated cybersecurity attack. Configurations associated with the analogous computer environment can be recommended to the target computer environment.

公开(公告)号：US10771493B2

公开(公告)日：2020-09-08

申请号：US16133877

申请日：2018-09-18

Applicant: International Business Machines Corporation

Inventor： Michael Spisak ,  Steven D. McKay ,  Mariya Ali ,  Rhonda L. Childress ,  Michelle Rivers ,  Carlos E. Aguilera

IPC: H04L29/06 ,  G06F16/2457 ,  G06N7/00 ,  G06F40/20

Abstract: A security vulnerability analysis mechanism is provided that ingests content from a plurality of content source computing devices to identify instances of security vulnerability content in the ingested content. The mechanism performs a security trend analysis on the instances of security vulnerability content to identify a relative ranking of security vulnerabilities. The mechanism identifies computing resources of a specified computing infrastructure and a criticality of the computing resources to an operation of the computing infrastructure. The mechanism generates a prioritized listing of security vulnerabilities associated with the computing infrastructure based on the relative ranking of security vulnerabilities and the criticality of the computing resources in the computing infrastructure. The mechanism outputs a notification to a user via a user computing device, indicating the prioritized listing of security vulnerabilities.

公开(公告)号：US20220100261A1

公开(公告)日：2022-03-31

申请号：US17034353

申请日：2020-09-28

Applicant: International Business Machines Corporation

Inventor： Zachary A. Silverstein ,  Cesar Augusto Rodriguez Bravo ,  Hemant Kumar Sivaswamy ,  Carlos E. Aguilera

IPC: G06F3/01 ,  A63F13/213 ,  A63F13/86

Abstract: A method of generating a virtual reality (“VR”) experience includes detecting, using external sensors, a real-world spectator that is in a spectator space that is adjacent to a user that is wearing a VR headset and experiencing a VR space. The method also includes detecting a real-world physical state of the spectator, and rendering, in response to detecting, the spectator in the VR space as an avatar that reflects the real-world physical state of the spectator.

公开(公告)号：US10834142B2

公开(公告)日：2020-11-10

申请号：US16154773

申请日：2018-10-09

Applicant: International Business Machines Corporation

Inventor： Aankur Bhatia ,  Srinivas B. Tummalapenta ,  Huyanh D. Ngo ,  Carlos E. Aguilera

IPC: G06F21/00 ,  H04L29/06 ,  G06N5/02 ,  G06F40/30

Abstract: A method improves a security of a computer system by building a new set of rules for the computer system. One or more processors input a plurality of client profiles to an artificial intelligence (AI) system, where the plurality of client profiles are based on an analysis of respective client environments comprising client assets and an intrusion detection alert history of a plurality of clients. The processor(s) match a new client profile to a respective client profile from the plurality of client profiles. The processor(s) build a new set of rules for the new client based on a similarity measure of the new client profile to the respective client profile. The processor(s) subsequently receive information indicating that a violation of the new set of rules has occurred and then execute a security feature of the computer system in order to resolve the violation of the new set of rules.

公开(公告)号：US20200092319A1

公开(公告)日：2020-03-19

申请号：US16133877

申请日：2018-09-18

Applicant: International Business Machines Corporation

Inventor： Michael Spisak ,  Steven D. McKay ,  Mariya Ali ,  Rhonda L. Childress ,  Michelle Rivers ,  Carlos E. Aguilera

IPC: H04L29/06 ,  G06F17/30 ,  G06F17/27 ,  G06N7/00

Abstract: A security vulnerability analysis mechanism is provided that ingests content from a plurality of content source computing devices to identify instances of security vulnerability content in the ingested content. The mechanism performs a security trend analysis on the instances of security vulnerability content to identify a relative ranking of security vulnerabilities. The mechanism identifies computing resources of a specified computing infrastructure and a criticality of the computing resources to an operation of the computing infrastructure. The mechanism generates a prioritized listing of security vulnerabilities associated with the computing infrastructure based on the relative ranking of security vulnerabilities and the criticality of the computing resources in the computing infrastructure. The mechanism outputs a notification to a user via a user computing device, indicating the prioritized listing of security vulnerabilities.