首页>
外国专利>
Detection of security incidents with low confidence security events
Detection of security incidents with low confidence security events
展开▼
机译:使用低置信度安全事件检测安全事件
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques are disclosed for detecting security incidents based on low confidence security events. A security management server aggregates a collection of security events received from logs from one or more devices. The security management server evaluates the collection of security events based on a confidence score assigned to each distinct type of security event. Each confidence score indicates a likelihood that a security incident has occurred. The security management server determines, based on the confidence scores, at least one threshold for determining when to report an occurrence of a security incident from the collection of security events. Upon determining that at least one security event of the collection has crossed the at least one threshold, the security management server reports the occurrence of the security incident to an analyst.
展开▼