AUTOMATED MITIGATION OF ELECTRONIC MESSAGE BASED SECURITY THREATS

An example embodiment may include a security enforcement point device disposed within a managed network and a security decision point device disposed within a computational instance of a remote network management platform. The security decision point device may be configured to: receive a message by...

Full description

Saved in:
Bibliographic Details
Main Authors BERNAL, Jose, WATSON, Eun-Sook, DiCORPO, Phillip
Format Patent
LanguageEnglish
French
German
Published 03.04.2019
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:An example embodiment may include a security enforcement point device disposed within a managed network and a security decision point device disposed within a computational instance of a remote network management platform. The security decision point device may be configured to: receive a message by way of the managed network; parse the message to identify observable indicators of one or more of the security threats, where the observable indicators include at least one of a network addresses, a hyperlink, or a representation of an attached file; remotely query a security threat database for the observable indicators; receive, from the security threat database, an indication that the observable indicators are associated with a particular security threat, and transmit, to the security enforcement point device, a command to update its associated security policy such that the particular security threat is mitigated.
Bibliography:Application Number: EP20170211047