MANAGING SECURITY CONFIGURATION THROUGH MACHINE LEARNING, COMBINATORIAL OPTIMIZATION AND ATTACK GRAPHS

摘要

The claimed subject matter provides systems and/or methods that combat identity follow-on attacks. The system can include components for receiving a plurality of security configuration changes, selecting which of the changes included in the plurality of security changes to approve or disapprove, and based on which of the changes are approved or disapproved by an administrator, generating a further plurality of security configuration changes that the administrator can once again approve or disapprove until the administrator is satisfied with the security configuration changes.