DATA AUGMENTATION FOR THREAT INVESTIGATION IN AN ENTERPRISE NETWORK
An endpoint in an enterprise network is instrumented with sensors to detect security-related events occurring on the endpoint. Event data from these sensors is augmented with contextual information about, e.g., a source of each event in order to facilitate improved correlation, analysis, and visuali...
Saved in:
Main Authors | , , |
---|---|
Format | Patent |
Language | English |
Published |
23.12.2021
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | An endpoint in an enterprise network is instrumented with sensors to detect security-related events occurring on the endpoint. Event data from these sensors is augmented with contextual information about, e.g., a source of each event in order to facilitate improved correlation, analysis, and visualization at a threat management facility for the enterprise network. |
---|---|
Bibliography: | Application Number: US202117343680 |