摘要 |
A computer system, device, computer software, and/or method performed by a computer system, is provided for determining a user name likely to be asso ciated with an attack, a configuration, or a vulnerability. First data is ob tained which associates user names with individual IP addresses onto which t he user names were logged in. Second data is obtained which associates attac ks, configurations, or vulnerabilities with individual IP addresses on which the attacks occurred or on which the configurations or vulnerabilities exis t. The user names from the first data are associated with the attacks, confi gurations or vulnerabilities from the second data based on having the same I P address during a log-in. An individual user name is indicated as being ass ociated with attacks which occurred while the individual user name was logge d in or with configurations or vulnerabilities for an IP address onto which the user logs in.
|