AUTOMATED MITIGATION OF ELECTRONIC MESSAGE BASED SECURITY THREATS
An example embodiment may include a security enforcement point device disposed within a managed network and a security decision point device disposed within a computational instance of a remote network management platform. The security decision point device may be configured to: receive a message by...
Saved in:
Main Authors | , , |
---|---|
Format | Patent |
Language | English French German |
Published |
03.04.2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | An example embodiment may include a security enforcement point device disposed within a managed network and a security decision point device disposed within a computational instance of a remote network management platform. The security decision point device may be configured to: receive a message by way of the managed network; parse the message to identify observable indicators of one or more of the security threats, where the observable indicators include at least one of a network addresses, a hyperlink, or a representation of an attached file; remotely query a security threat database for the observable indicators; receive, from the security threat database, an indication that the observable indicators are associated with a particular security threat, and transmit, to the security enforcement point device, a command to update its associated security policy such that the particular security threat is mitigated. |
---|---|
Bibliography: | Application Number: EP20170211047 |