| 发明名称 |
SPACE AND TIME EFFICIENT THREAT DETECTION |
| 摘要 |
A security monitoring system operated by a downstream client continually collects event information indicating events that have occurred within the computing environment of the downstream client. The monitoring system, using software provided by a threat analytics system, aggregates the event information into a secure and space efficient data structure. The monitoring system transmits the data structures storing event information to the threat analytics system for further processing. The threat analytics system also receives threat indicators from intelligence feed data sources. The threat analytics system compares the event information received from each security monitoring system against the threat indicators collected from the intelligence feed data sources to identify red flag events. The threat analytics system processes the event information to synthesize all information related to the red flag event and reports the red flag event to the downstream client. |
| 申请公布号 |
US2016226895(A1) |
申请公布日期 |
2016.08.04 |
| 申请号 |
US201615007131 |
申请日期 |
2016.01.26 |
| 申请人 |
THREAT STREAM, INC. |
发明人 |
HUANG WEI;ZHOU YIZHENG;NJEMANZE HUGH |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for performing threat detection, comprising:
receiving event data from a client system, the event data including an obfuscated representation of entity identifiers associated with different events occurring on the client system; determining that the event data is associated with at least one cyber-threat; and reporting the presence of the at least one cyber-threat to the client system. |
| 地址 |
REDWOOD CITY CA US |
