Malicious software (often referred to as “malware”) is used by an attacker to gather sensitive information, disrupt computer operation and/or gain access to private computer systems. Malware includes computer viruses, Trojan horses, worms and other malicious programs. Malware affects many industries, including finance, healthcare, government, insurance, telecommunications and education. Malware silently captures a wide variety of data and credentials in malware log files from online users, including critical business information. Accordingly, organizations must establish policies and controls to protect enterprise information from malware.
A number of techniques have been proposed or suggested for the collection, monitoring and/or notification of compromised credentials for enterprises. Existing services primarily deal with collecting compromised credential records and presenting them for review by enterprise users. Given the high volume of compromised credential data, however, enterprises are often overwhelmed by the amount of compromised credential information that must be processed and cannot perform a detailed investigation of such records. In addition, the actions that need to be performed in response to such compromises may not be clear.
A need therefore exists for proactive techniques for evaluating compromised credential information based on machine learning and pattern recognition methods to meet the needs of enterprises and/or other users. A further need exists for techniques for identifying the most valuable records (e.g., most vulnerable accounts) for further detailed investigation.