首页> 外国专利> Enrichment and analysis of cybersecurity threat intelligence and orchestrating application of threat intelligence to selected network security events

Enrichment and analysis of cybersecurity threat intelligence and orchestrating application of threat intelligence to selected network security events

机译：丰富和分析网络安全威胁情报，并将威胁情报编排到选定的网络安全事件中

页面导航

摘要
著录项
相似文献

摘要

Techniques are disclosed which can provide an orchestrated response to a cybersecurity threat. This orchestrated response may be based upon, at least in part, a reputation score. Threat model(s) may be received that identify cybersecurity threat(s). An indication of observations, false positives, and/or page views for the threat may be obtained. Data feeds may be received including known good data feeds, known bad data feeds, and enrichment data feeds. The data feeds may provide information about one or more indicators of compromise (IOC). For each IOC, a weighted criticality score may be determined. The weighted criticality score may be mapped to a corresponding point value. An aggregated score may be determined based upon at least the corresponding point value. A reputation score may be computed, and in some configurations, provided to a user.

机译：公开了可以对网络安全威胁提供协调响应的技术。该精心安排的响应可以至少部分地基于声誉得分。可以接收识别网络安全威胁的威胁模型。可以获得对威胁的观察，错误肯定和/或页面浏览的指示。可以接收数据馈送，包括已知的良好数据馈送，已知的不良数据馈送和充实数据馈送。数据馈送可以提供有关一个或多个危害指标（IOC）的信息。对于每个IOC，可以确定加权的临界得分。加权的重要性得分可以被映射到相应的点值。可以至少基于相应的点值来确定合计得分。信誉分数可以被计算，并且在一些配置中，被提供给用户。

著录项

公开/公告号US10681071B1

专利类型
公开/公告日2020-06-09

原文格式PDF
申请/专利权人 THREATCONNECT INC.;
展开▼

申请/专利号US201715667303
发明设计人 ANDREW PENDERGAST;ANDREW GIDWANI;DANIEL COLE;JASON SPIES;BHASKAR KARAMBELKAR;CHRISTOPHER JOHNSON;DANNY TINEO;
展开▼

申请日2017-08-02
分类号H04L9;H04L29/06;
国家 US
入库时间 2022-08-21 11:26:17

相似文献

专利
外文文献
中文文献