SYSTEMS AND METHODS FOR MALWARE DETECTION AND MITIGATION
摘要
Systems and methods for monitoring malware events in a computer networking environment are described. The systems and methods including the steps of identifying a plurality of suspect objects comprising data about network transactions or computer operations suspected of being linked to a security risk; transmitting the suspect objects to an inspection service operating on one or more general purpose digital computers; transmitting said digital information to an analytical service operating on one or more general purpose digital computers; transmitting said one or more scores to a correlation facility which aggregates a plurality of scores, optionally with other information about each suspect objects, into the form of aggregate data representing one or more aggregate features of a plurality of suspect objects; and generating an infection verification pack comprising routines which, when run on an end-point machine within the computer networking environment, will mitigate a suspected security threat.