DATA AUGMENTATION FOR THREAT INVESTIGATION IN AN ENTERPRISE NETWORK

An endpoint in an enterprise network is instrumented with sensors to detect security-related events occurring on the endpoint. Event data from these sensors is augmented with contextual information about, e.g., a source of each event in order to facilitate improved correlation, analysis, and visuali...

Full description

Saved in:
Bibliographic Details
Main Authors Ackerman, Karl, Thomas, Andrew J, Ray, Kenneth D
Format Patent
LanguageEnglish
Published 23.12.2021
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:An endpoint in an enterprise network is instrumented with sensors to detect security-related events occurring on the endpoint. Event data from these sensors is augmented with contextual information about, e.g., a source of each event in order to facilitate improved correlation, analysis, and visualization at a threat management facility for the enterprise network.
Bibliography:Application Number: US202117343680