| 摘要 |
Systems and methods for detecting vulnerabilities and/or privileged access are disclosed. In some embodiments, a computerized method comprises receiving asset state information and asset user behavior information for each of a plurality of assets, each of the assets connected to a network; clustering the assets into a plurality of cluster nodes based on the asset state information and the asset user behavior information, each of the assets being clustered in one of the cluster nodes, at least a first asset being clustered in a particular one of the cluster nodes; calculating a node value of the particular one of the cluster nodes, the node value based on the number of assets clustered in the particular one of the cluster nodes; comparing the node value with a threshold node value; and triggering one or more actions based on the comparison of the node value with the threshold node value. |
| 主权项 |
1. A computerized method comprising:
receiving, at a security system, state information and user behavior information for each of a plurality of assets, the security system and the plurality of assets connected to a communication network; clustering, at the security system, the plurality of assets into a plurality of cluster nodes based on the state information and the user behavior information, each of the plurality of assets being clustered in one of the plurality of cluster nodes, at least a first asset of the plurality of assets being clustered in a particular one of the plurality of cluster nodes; calculating, at the security system, a node value of the particular one of the plurality of cluster nodes, the node value based on the number of assets clustered in the particular one of the plurality of cluster nodes; comparing, at the security system, the node value with a threshold node value; and triggering, at the security system, one or more actions based on the comparison of the node value with the threshold node value. |
