- 专利标题: Security actions for computing assets based on enrichment information
-
申请号: US14956615申请日: 2015-12-02
-
公开(公告)号: US09954888B2公开(公告)日: 2018-04-24
- 发明人: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas
- 申请人: Phantom Cyber Corporation
- 申请人地址: US CA Palo Alto
- 专利权人: Phantom Cyber Corporation
- 当前专利权人: Phantom Cyber Corporation
- 当前专利权人地址: US CA Palo Alto
- 主分类号: H04L29/06
- IPC分类号: H04L29/06 ; G06F21/55 ; G06F17/30 ; H04L12/851
摘要:
Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.
公开/授权文献
信息查询