公开(公告)号：US10089475B2

公开(公告)日：2018-10-02

申请号：US15361288

申请日：2016-11-25

Applicant: SAP SE

Inventor： Maximilian Adrian ,  Maxym Gerashchenko ,  Juri Frommer ,  Bjoern Brencher

IPC: G06F21/57

Abstract: A virtual testing environment VTE is instantiated for automated measurement of performance of a security monitoring system (SMS). Predefined attacks are executed against a cloned version of a monitored system in the VTE. The predefined attacks are defined at an attack catalog. Based on an execution result of the predefined attacks, a detection rate of the SMS at the VTE and a protection level of the cloned version of the monitored system are measured. Based on the detection rate and the protection level, an action for improving SMS and the protection of the monitored system is determined. Based on the determined action, logic modifications related to SMS and improvement on protection measures for the monitored system are performed.

公开(公告)号：US20180150638A1

公开(公告)日：2018-05-31

申请号：US15361288

申请日：2016-11-25

Applicant: SAP SE

Inventor： Maximilian Adrian ,  Maxym Gerashchenko ,  Juri Frommer ,  Bjoern Brencher

IPC: G06F21/57

CPC classification number: G06F21/577

Abstract: A virtual testing environment VTE is instantiated for automated measurement of performance of a security monitoring system (SMS). Predefined attacks are executed against a cloned version of a monitored system in the VTE. The predefined attacks are defined at an attack catalog. Based on an execution result of the predefined attacks, a detection rate of the SMS at the VTE and a protection level of the cloned version of the monitored system are measured. Based on the detection rate and the protection level, an action for improving SMS and the protection of the monitored system is determined. Based on the determined action, logic modifications related to SMS and improvement on protection measures for the monitored system are performed.

公开(公告)号：US20180121484A1

公开(公告)日：2018-05-03

申请号：US15336481

申请日：2016-10-27

Applicant: SAP SE

Inventor： Maxym Gerashchenko ,  Gordon Muckle

IPC: G06F17/30 ,  G06F9/48

CPC classification number: G06Q10/06314 ,  G06Q10/0639

Abstract: An audit schedule is determined from a database storing a master data set comprising audit events, system parameters, and resources. Audit events are grouped according to information of the master data set, for example shared units (e.g., product, service, organization, risk level, audit type, etc.). Audit groups are prioritized by factors such as unit priority and audit duration. A random audit event within the group is chosen, and then a time slot is selected according to a desired distribution (e.g., left-to-right), determining resource availability for that slot. The procedure may optionally consider additional constraints (e.g., manually added, national holidays, auditor availability) outside the master data set. The procedure shuffles through audit events of the group with the highest priority, and then through audit events of lower priority groups, filling out the audit schedule according to resource availability and constraints. Audit schedule changes are recorded in a change log data object.