Go to homepage
Shopping cart €0.00
Show all SOLUTIONS
Decision quality: Why companies make suboptimal investment decisions
Use cases
AI optimisation of the selection of the FundE project portfolio in the pharmaceutical industry
AI optimisation of planning to eliminate cyber security vulnerabilities
AI Optimisation of the prioritisation of investments in public infrastructure
AI optimisation of maintenance planning for energy networks
AI optimisation of the digital marketing campaign mix
AI optimisation of venture capital allocation in start-ups
Data protection and StratePlan
AI-powered multi-year CAPEX planning: Why traditional investment planning is reaching its limits
Decision quality in German cities and municipalities: Why municipal investment decisions are structurally mathematically suboptimal
Investment decisions under uncertainty - why traditional methods are not enough
AI-optimised capital allocation EBIT growth and capital structure: How mathematical portfolio optimisation through StratePlan transforms the financial core of a company
Decision quality in ministries and governments: Why government investment and structural decisions can be structurally mathematically suboptimal
Understanding mathematics and optimization: Why better decisions need a different computational logic
Project Portfolio Optimisation AI - Mathematical Foundations and Enterprise Use Cases
Automotive industry: AI optimisation of investments in electromobility platforms, plants, software and supply chains
Aerospace: AI optimisation of development programmes Production capacities Maintenance infrastructure and fleet modernisation
Chemical industry: Mathematical AI optimisation of plant modernisation, energy efficiency, production strategies and location decisions
Logistics and transport: Mathematical AI optimisation of fleet investments Hub locations Automation and infrastructure
Railway and rail infrastructure: Mathematical AI optimisation of network modernisation vehicle fleets and capacity expansion
New AI calculation method in project portfolio management to optimise CAPEX
Project portfolio AI validation - calculate opportunity costs with AI
AI-supported combination solver for investment decisions
Increasing shareholder value through decision intelligence in CAPEX management: An analysis using the example of StratePlan
Maximising shareholder value with AI - how companies turn complexity into measurable value contribution
Rethinking corporate governance: How stakeholder value becomes the strongest driver of shareholder value
For Elon: Space travel, planetary infrastructure and terraforming: Mathematical AI optimisation of interplanetary investment and development portfolios
Quantum computing, combinatorial optimisation and decision intelligence: Why the future of strategic business management is becoming mathematical

AI-driven optimisation of cybersecurity vulnerability remediation planning

Maximum risk reduction through patching – within your operational downtime limits, without simultaneous interference with core systems and taking patch compatibilities into account.

  • Objective : Prioritised patch list with maximum risk reduction
  • Constraint : e.g. ≤ 40 hours of downtime per month
  • Rules : Core systems not in parallel, mutual exclusions, dependencies
  • Framework : CVSS + asset criticality + exploit availability

Why traditional prioritisation often fails

In enterprise environments, patching is a decision-making task subject to constraints. Maintenance windows are limited, downtime is costly, systems are interdependent and not every patch is compatible with other changes.

Simply sorting by CVSS or using a static top-10 list rarely leads to the maximum possible risk reduction within the given time budget. What matters is not the highest individual value, but the optimal combination subject to operational constraints.

Mathematical modelling of the patching decision

StratePlan models patch selection as a 0-1 optimisation problem (knapsack with constraints). Each patch i can either be implemented (xᵢ = 1) or deferred (xᵢ = 0).

Assessment Inputs

  • CVSS Base Score (0–10)
  • Asset Criticality Weight (Business Criticality)
  • Estimated Downtime per Patch (hours)
  • Exploit Availability (Temporal Metric)

Risk Reduction Score

For each vulnerability i, a risk reduction score is defined as:

sᵢ = CVSSᵢ × Criticalityᵢ

Optionally, exploit availability is integrated as an additional factor, depending on your security policy.

Optimisation objective

max Σ sᵢ · xᵢ

Constraints

  • Downtime budget : Σ dᵢ · xᵢ ≤ 40 hours/month (configurable)
  • Core system rule : No simultaneous patches in defined core systems
  • Compatibility rules : Mutual exclusions and dependencies
  • Extended vector constraints : Resources, locations, maintenance windows

Result: An actionable patch plan with maximum impact

The result is not a list of scores, but a concrete, actionable patch selection that achieves the greatest possible risk reduction within your downtime limit.

  • Transparent decision-making logic
  • Reproducible selection
  • Audit- and governance-ready documentation
  • Measurable risk reduction metrics
Technology

The basis is the CVSS framework for the standardised assessment of vulnerabilities. Selection optimisation is carried out using StratePlan as a 0-1 knapsack model with multiple constraints (vector constraints).

This calculates,

from a multitude of competing patches exactly that subset which, under real operational conditions

enables maximum risk reduction.
Optimise mathematically now

If you need to take downtime, core system rules and compatibilities into account, simple prioritisation by score is not sufficient.

StratePlan delivers a well-founded patch plan, which achieves maximum risk reduction within your operational limits.

Note: The quality of the optimisation depends on the quality of the input data and the defined constraints. StratePlan supports decision-making, but does not replace technical validation by security and operations teams.

Common Patterns Across Cases

Assessment

Qualitative and quantitative factors are converted into comparable scores – using scales, evaluation models or structured expert assessment. The aim is to establish a consistent, decision-ready evaluation basis.

Ranking

Elements are prioritised. However, ranking is rarely the final decision. In complex environments, prioritisation is frequently embedded directly into a combinatorial optimisation process in order to systematically account for interactions and constraints.

Group Selection

The final selection goes beyond a simple ‘Top-k’ approach. StratePlan solves structured selection problems such as knapsack, portfolio or scheduling models and calculates the optimal combination under real-world constraints.

Constraints

Constraints reflect real-world scarcity: capital, time, resources, risk appetite, regulatory requirements, strategic mandates or sustainability requirements. They are an integral part of the decision-making logic.

Technologies

Hybrid use of MCDA methods (e.g. AHP, TOPSIS) for structured evaluation combined with StratePlan for constraint-aware group or portfolio selection.

These cases demonstrate how StratePlan evolves decision-making processes from pure ranking to intelligent, constraint-aware portfolio construction. Evaluation data is translated into actionable, optimised group decisions – aligned with financial, strategic and sustainability-related objectives.

The underlying core logic – structured evaluation → quantitative prioritisation → constrained group selection – scales across different sectors and is adapted in each case to domain-specific success metrics and constraints.

Oil & gas field portfolio development

Under CO² and capital constraints - maximizing the net present value of selected fields while adhering to the investment and emissions budget.
More on the topic

R&D project portfolio

Selection in Pharmaceuticals - Maximizing the expected value of the drug pipeline while staying within budget and risk appetite.
More on the topic

Planning for the elimination of cyber security gaps

Maximize risk mitigation by eliminating vulnerabilities within operational downtime.

More on the topic

Infrastructure portfolio planning

Prioritization of investments in public infrastructure. Maximization of social benefits (e.g. DALYs avoided, jobs created) within the framework of national budget and equality targets.

More on the topic

Finance & Fund Portfolios

Building a sustainable investment fund, maximizing the Sharpe ratio while complying with ESG and diversification rules.

More on the topic

Maintenance planning for energy networks

Objective: Maximum improvement in system reliability over a period of 5 years.
More on the topic

Optimization of the digital marketing campaign mix

Maximize incremental sales within total spend and brand safety limits.

More on the topic

Allocation of venture capital for start-ups

Maximizing the expected portfolio return while balancing risk and sector allocation.

More on the topic

Make decisions based on mathematical optimality

StratePlan calculates the optimal project portfolio under your real framework conditions.

Start StratePlan
This website uses cookies to ensure the best experience possible. More information...