US 12,169,559 B2
Threat-evaluated cyber defense
Daniel John Nunn, Bracknell (GB); Nicole Muryn Clement, Washington, DC (US); Michael Christopher Kosak, Charlotte, NC (US); David Anthony Sheronas, Matthews, NC (US); and Sheenagh Alice Meghen, Camberley (GB)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Sep. 7, 2022, as Appl. No. 17/939,120.
Claims priority of provisional application 63/242,699, filed on Sep. 10, 2021.
Prior Publication US 2023/0090785 A1, Mar. 23, 2023
Int. Cl. G06F 21/55 (2013.01); G06F 21/57 (2013.01)
CPC G06F 21/554 (2013.01) [G06F 21/577 (2013.01); G06F 2221/034 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system for improving data security for a plurality of computing devices, the system comprising:
a memory operable to store a data security threat library comprising predefined data security threats posed to the plurality of computing devices; and
a processor communicatively coupled to the memory and configured to:
receive a data input stream indicating changes to the data security threats posed to the plurality of computing devices, wherein the changes to the data security threats comprise one or more of: newly identified data security threats from one or more existing threat knowledge databases, newly identified or suspected data security vulnerabilities of internally generated software executed by the plurality of computing devices, and newly identified or suspected data security vulnerabilities of third-party software executed by the plurality of computing devices, wherein the data input stream comprises a plurality of predefined categories of threats;
detect, based at least in part on the changes to the data security threats, a new data security threat posed to the plurality of computing devices;
map, from the plurality of predefined categories of threats, one or more predefined categories of threat associated with the new data security threat to one or more known vulnerability IDs, wherein each vulnerability ID is associated with a respective known vulnerability of the computing devices and the one or more vulnerability IDs are mapped to one or more available data security controls comprising security countermeasures associated with the respective known vulnerabilities;
determine, based at least on the one or more known vulnerability IDs, one or more available data security controls that align with the new data security threat, wherein the one or more available data security controls are mapped to the one or more known vulnerability IDs and comprise security countermeasures available to the plurality of computing devices for resolving the new data security threat;
determine, based at least in part on the one or more available data security controls, a security vulnerability rating for the new data security threat;
determine that the security vulnerability rating is greater than a threshold value; and
after determining that the security vulnerability rating is greater than a threshold value, automatically implement at least one of the one or more available data security controls at the plurality of computing devices, thereby improving security of data stored in the plurality of computing devices.