Today’s Patent – Response Activity-Based Security Coverage Management

The said invention (US20230259632A1) was invented by Sarah Ron Moshe MARCIANOMoshe IsraelLilyan COHENMichael GLADISHEVZiv CIZERAmir SassonNetanel COHEN, patented by USPTO on 13-02-2022. Currently, it stands assigned to Microsoft Technology Licensing LLC.

Current cyber security strategies rely on the principle of “defense in depth,” where multiple security mechanisms are layered to counter various attack types. These mechanisms are chosen based on attack likelihood, potential harm, and cost-effectiveness. While cyber security models like MITRE ATT&CK, CYBER KILL CHAIN, and STRIDE help categorize threats, gaps in security coverage and redundant protections often exist. Traditional security assessments rely on product documentation and reviews rather than real-world performance, leading to inefficiencies in cyber security decision-making.

The described innovation enhances cyber security by identifying coverage gaps and redundancies through real-time security activity data from multiple environments, such as cloud systems or data centers. By mapping security responses to known attack models, organizations can make data-driven decisions to optimize defenses, eliminate inefficiencies, and ensure compliance with legal or policy requirements. This approach allows for proactive security management, enabling better configuration, selection, and deployment of security products based on their actual effectiveness rather than theoretical claims.