ENTERPRISE NETWORK THREAT DETECTION

In a threat management platform, a number of endpoints log events in an event data recorder. A local agent filters this data and feeds a filtered data stream to a central threat management facility. The central threat management facility can locally or globally tune filtering by local agents based o...

Full description

Saved in:
Bibliographic Details
Main Authors Smith, Andrew G. P, Thomas, Andrew J, Ladnai, Beata, Harris, Mark D, Ray, Kenneth D, Humphries, Russell
Format Patent
LanguageEnglish
Published 04.04.2024
Subjects
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

Abstract In a threat management platform, a number of endpoints log events in an event data recorder. A local agent filters this data and feeds a filtered data stream to a central threat management facility. The central threat management facility can locally or globally tune filtering by local agents based on the current data stream, and can query local event data recorders for additional information where necessary or helpful in threat detection or forensic analysis. The central threat management facility also stores and deploys a number of security tools such as a web-based user interface supported by machine learning models to identify potential threats requiring human intervention and other models to provide human-readable context for evaluating potential threats.
AbstractList In a threat management platform, a number of endpoints log events in an event data recorder. A local agent filters this data and feeds a filtered data stream to a central threat management facility. The central threat management facility can locally or globally tune filtering by local agents based on the current data stream, and can query local event data recorders for additional information where necessary or helpful in threat detection or forensic analysis. The central threat management facility also stores and deploys a number of security tools such as a web-based user interface supported by machine learning models to identify potential threats requiring human intervention and other models to provide human-readable context for evaluating potential threats.
Author Ladnai, Beata
Humphries, Russell
Ray, Kenneth D
Harris, Mark D
Smith, Andrew G. P
Thomas, Andrew J
Author_xml – fullname: Smith, Andrew G. P
– fullname: Thomas, Andrew J
– fullname: Ladnai, Beata
– fullname: Harris, Mark D
– fullname: Ray, Kenneth D
– fullname: Humphries, Russell
BookMark eNrjYmDJy89L5WRQdvULcQ0KCPIMdlXwcw0J9w_yVgjxCHJ1DFFwcQ1xdQ7x9PfjYWBNS8wpTuWF0twMym6uIc4euqkF-fGpxQWJyal5qSXxocFGBkYmhoZGhoamjobGxKkCAOq5JZQ
ContentType Patent
DBID EVB
DatabaseName esp@cenet
DatabaseTitleList
Database_xml – sequence: 1
  dbid: EVB
  name: esp@cenet
  url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP
  sourceTypes: Open Access Repository
DeliveryMethod fulltext_linktorsrc
Discipline Medicine
Chemistry
Sciences
Physics
ExternalDocumentID US2024112115A1
GroupedDBID EVB
ID FETCH-epo_espacenet_US2024112115A13
IEDL.DBID EVB
IngestDate Fri Jul 19 13:06:31 EDT 2024
IsOpenAccess true
IsPeerReviewed false
IsScholarly false
Language English
LinkModel DirectLink
MergedId FETCHMERGED-epo_espacenet_US2024112115A13
Notes Application Number: US202318364938
OpenAccessLink https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240404&DB=EPODOC&CC=US&NR=2024112115A1
ParticipantIDs epo_espacenet_US2024112115A1
PublicationCentury 2000
PublicationDate 20240404
PublicationDateYYYYMMDD 2024-04-04
PublicationDate_xml – month: 04
  year: 2024
  text: 20240404
  day: 04
PublicationDecade 2020
PublicationYear 2024
RelatedCompanies Sophos Limited
RelatedCompanies_xml – name: Sophos Limited
Score 3.5327806
Snippet In a threat management platform, a number of endpoints log events in an event data recorder. A local agent filters this data and feeds a filtered data stream...
SourceID epo
SourceType Open Access Repository
SubjectTerms CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Title ENTERPRISE NETWORK THREAT DETECTION
URI https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240404&DB=EPODOC&locale=&CC=US&NR=2024112115A1
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dS8MwED_G_HzTqvgxpTDpW3FrU2sfhmxtxlTWljbVvY2mNiBIN1zFf99L6HRPI0-5QL7g7pdL7n4BuM09IUr7gZikyC2TEC7MXAjH9CzEQ2GXiMkyd3ga3k8y8jxzZi34XOfCKJ7QH0WOiBpVoL7Xyl4v_y-xAhVbubrjHyhaPI7ZIDAa7xjhCYsRjAY0joLIN3x_kKVGmKi2vqQzc4boK-3gQdqV-kBfRzIvZbkJKuMj2I2xv6o-hlZZaXDgr_9e02B_2jx5a7CnYjSLFQobPVydQJdKJts4eUqpHlL2FiUvOpskdMj0gDKqAkNOoTumzJ-YOO78b5nzLN2cpH0G7WpRleegc_4u0Ayg_-j1SSEp_twe94hwbdHjuWddQGdbT5fbm6_gUFZVNArpQLv--i6vEWhrfqP25xfyanx3
link.rule.ids 230,309,783,888,25576,76876
linkProvider European Patent Office
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dT8IwEL8Q_MA3nRo_UJdg9rYIWxH3sBjYSoawQUZR3sg618TEDCIz_vtem6E8kb71kutHcvfrtXe_AtwnjhCZ_URMkiaWSQgXZiJE23QsxENhZ4jJsnY4jB6DGXmZt-cV-NzUwiie0B9FjogWlaK9F8pfr_4vsXyVW7l-4B_YtXzuM9c3yugY4Qmb4fdcOhn7Y8_wPHc2NaJYyVqSzqzdxVhpDw_ZHWkP9LUn61JW26DSP4b9CerLixOoZLkGNW_z95oGh2H55K3BgcrRTNfYWdrh-hQaVDLZTuLBlOoRZW_jeKizIKZdpvuUUZUYcgaNPmVeYOK4i79lLmbT7Una51DNl3l2ATrn7wLdAMaPToukkuKv0-QOER1bNHniWJdQ36Xparf4DmoBC0eL0SAaXsORFKnMFFKHavH1nd0g6Bb8Vu3VL_QGf2o
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=ENTERPRISE+NETWORK+THREAT+DETECTION&rft.inventor=Smith%2C+Andrew+G.+P&rft.inventor=Thomas%2C+Andrew+J&rft.inventor=Ladnai%2C+Beata&rft.inventor=Harris%2C+Mark+D&rft.inventor=Ray%2C+Kenneth+D&rft.inventor=Humphries%2C+Russell&rft.date=2024-04-04&rft.externalDBID=A1&rft.externalDocID=US2024112115A1