The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 05, 2021
Filed:
Feb. 12, 2018
Exabeam, Inc., San Mateo, CA (US);
Derek Lin, San Mateo, CA (US);
Baoming Tang, San Mateo, CA (US);
Qiaona Hu, Emerald Hills, CA (US);
Barry Steiman, San Ramon, CA (US);
Domingo Mihovilovic, Menlo Park, CA (US);
Sylvain Gil, San Francisco, CA (US);
Exabeam, Inc., Foster City, CA (US);
Abstract
The present disclosure describes a system, method, and computer program for determining the cybersecurity risk associated with a first-time access event in a computer network. In response to receiving an alert that a user has accessed a network entity for the first time, a user behavior analytics system uses a factorization machine to determine the affinity between the accessing user and the accessed entity. The affinity measure is based on the accessing user's historical access patterns in the network, as wells as context data for both the accessing user and the accessed entity. The affinity score for an access event may be used to filter first-time access alerts or weight first-time access alerts in performing a risk assessment of the accessing user's network activity. The result is that many false-positive first-time access alerts are suppressed and not factored (or not factored heavily) into cybersecurity risk assessments.