Bank of America Corporation
Dynamic Cyber Event Analysis and Control

Abstract:

Systems for analyzing and controlling cyber events are provided. In some examples, indicator or compromise (IOC) data may be received. The system may parse the data to identify one or more IOC parameters within the IOC data. In some examples, the IOC parameters may be compared to known IOC parameters to determine whether the IOC parameters are known. If not, the newly identified IOC parameters may be stored in a database. The identified IOC parameters may be evaluated to identify one or more linkages associated with the IOC parameters. For instance, each IOC parameters may be evaluated to identify one or more other parameters associated with each parameter. Those linkages may indicate a threat or potential threat. Based on the evaluation, the system may generate, update and/or execute one or more blocks. For instance, access to one or more domain name, email address, or the like, may be locked based on the identified IOC parameters, linkages, and the like.