公开(公告)号：US20240356936A1

公开(公告)日：2024-10-24

申请号：US18368413

申请日：2023-09-14

Applicant: Cisco Technology, Inc.

Inventor： Jaroslav Hlavac ,  Tomas Jirsik ,  Benjamin Paterek

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1433

Abstract: Techniques and architecture are described for dynamically assigning a final risk score to security alerts from network devices. A first security alert from a first network device and a second security alert from a second network device are received. The first and second security alerts are generated by different security products. The first security alert and the second security alert are evaluated, using, for example, device risk scores and alert risk scores, and based at least in part on the evaluating (i) a first final risk score related to the first security alert and (ii) a second final risk score related to the second security alert are generated. The first and second final risk scores are provided to a prioritized alert queue, wherein the first security alert and the second security alert are prioritized based on values of the first final risk score and the second final risk score.