US 11,704,406 B2
Deriving and surfacing insights regarding security threats
Yu Zhou Lee, San Francisco, CA (US); Kai Jiang, San Francisco, CA (US); Su Li Debbie Tan, San Francisco, CA (US); Geng Sng, San Francisco, CA (US); Cheng-Lin Yeh, San Francisco, CA (US); Lawrence Stockton Moore, San Francisco, CA (US); Sanny Xiao Lang Liao, San Francisco, CA (US); Joey Esteban Cerquera, San Francisco, CA (US); Jeshua Alexis Bratman, New York, NY (US); Sanjay Jeyakumar, Berkeley, CA (US); and Nishant Bhalchandra Karandikar, San Francisco, CA (US)
Assigned to Abnormal Security Corporation, San Francisco, CA (US)
Filed by Abnormal Security Corporation, San Francisco, CA (US)
Filed on Sep. 12, 2022, as Appl. No. 17/942,931.
Application 17/942,931 is a continuation of application No. 17/547,141, filed on Dec. 9, 2021.
Claims priority of provisional application 63/123,865, filed on Dec. 10, 2020.
Prior Publication US 2023/0020623 A1, Jan. 19, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/55 (2013.01)
CPC G06F 21/552 (2013.01) [G06F 2221/034 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A system, comprising:
a processor configured to:
establish, via an application programming interface, a connection with a storage medium that includes a series of communications received by an employee of an enterprise and obtain an email that is addressed to the employee;
determine a plurality of features associated with the obtained email;
use a plurality of facet models to analyze the determined plurality of features;
determine, based at least in part on the analysis, that the obtained email poses a security threat;
determine a prioritized set of information to provide as output in a report, wherein the prioritized set of information is representative of why the email was determined to pose a security threat; and
provide at least a portion of the prioritized set of information as output in an interface; and
a memory coupled to the processor and configured to provide the processor with instructions.