公开(公告)号：US20220019674A1

公开(公告)日：2022-01-20

申请号：US17162483

申请日：2021-01-29

Applicant: Booz Allen Hamilton Inc.

Inventor： Frederick FREY ,  Timothy NARY

IPC: G06F21/57 ,  G06F3/0482 ,  G06N20/00

Abstract: Disclosed is a cyber threat intelligence platform configured to: a) designate a virtual machine as an attacker machine; b) designate a virtual machine as a victim machine; c) receive cyberattack data representative of a cyberattack executed by the attacker machine against the victim machine; e) receive defense action data representative of a defense action executed by the victim machine against the cyberattack; f) mark a first point in time when the cyberattack is executed, and mark a second point in time when the defense action is initiated; g) compare the first point in time with the second point in time to ascertain an attack-defense time lapse as a performance measure for computer system threat management of cyberattacks or defense actions, and h) view or analyze cyberattack and defense actions for effectiveness, including perspectives derived from the relative timing of the actions as indicated on the time lapse.