公开(公告)号：US20230139000A1

公开(公告)日：2023-05-04

申请号：US17515328

申请日：2021-10-29

Applicant: Splunk Inc.

Inventor： James Apger ,  Allison Lindsey Drake ,  James Irwin Ebeling ,  Orville Esoy ,  Bhooshan Kulkarni ,  Marquis L. Montgomery ,  Daniel Trenkner

IPC: G06F21/55 ,  G06F21/57 ,  G06F3/0482

Abstract: A graphical user interface (GUI) for presentation of network security risk and threat information is disclosed. A listing is generated of incidents identified by use of event data obtained from a networked computing environment. A particular incident is determined to be associated with a risk object, wherein a risk object is a component of the networked computing environment. The listing is populated with a name associated with the risk object. Risk events associated with the incident are determined, wherein each risk event contributes to a risk score for the incident. The risk score indicates a potential security issue associated with the risk object. The listing is populated with the risk score and a summary of the events. An action is associated with the listing, for triggering display of additional information associated with the risk object. The listing can be displayed in a first display screen of the GUI.

公开(公告)号：US11558412B1

公开(公告)日：2023-01-17

申请号：US17216471

申请日：2021-03-29

Applicant: Splunk Inc.

Inventor： Allison Lindsey Drake ,  James Irwin Ebeling ,  Marios Iliofotou ,  Lucas Keith Murphey ,  Mihir Randhir Parikh ,  Amarendra Pendala ,  Krishna Prasanna Sankaran ,  Sourabh Satish

IPC: G06F3/0482 ,  H04L9/40 ,  G06F16/26 ,  G06F16/2457 ,  G06T11/20 ,  G06T11/00 ,  G06F16/248

Abstract: Security related anomalies in the data related to network entities are identified, and a risk score is assigned to each entity based on the anomalies. Visualization data is generated for a color-coded interactive visualization. Generating the visualization data includes assigning each entity to a separate polygon to be displayed concurrently on a display screen; selecting a size of each polygon to indicate one of: a number of security related anomalies associated with the entity, or a risk level assigned to the entity, where the risk level is based on the risk score of the entity, and selecting a color of each polygon to indicate the other one of: the number of security related anomalies associated with the entity, or the risk level assigned to the entity; and causing, the color-coded interactive visualization to be displayed on a display device based on the visualization data.

公开(公告)号：US20240354401A1

公开(公告)日：2024-10-24

申请号：US18761554

申请日：2024-07-02

Applicant: Splunk Inc.

Inventor： James Apger ,  Allison Lindsey Drake ,  James Irwin Ebeling ,  Orville Esoy ,  Bhooshan Kulkarni ,  Marquis L. Montgomery ,  Daniel Trenkner

IPC: G06F21/55 ,  G06F3/0482 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F3/0482 ,  G06F21/577 ,  G06F2221/2101

Abstract: A graphical user interface (GUI) for presentation of network security risk and threat information is disclosed. A listing is generated of incidents identified by use of event data obtained from a networked computing environment. A particular incident is determined to be associated with a risk object, wherein a risk object is a component of the networked computing environment. The listing is populated with a name associated with the risk object. Risk events associated with the incident are determined, wherein each risk event contributes to a risk score for the incident. The risk score indicates a potential security issue associated with the risk object. The listing is populated with the risk score and a summary of the events. An action is associated with the listing, for triggering display of additional information associated with the risk object. The listing can be displayed in a first display screen of the GUI.

公开(公告)号：US12061691B2

公开(公告)日：2024-08-13

申请号：US17515328

申请日：2021-10-29

Applicant: Splunk Inc.

Inventor： James Apger ,  Allison Lindsey Drake ,  James Irwin Ebeling ,  Orville Esoy ,  Bhooshan Kulkarni ,  Marquis L. Montgomery ,  Daniel Trenkner

IPC: G06F21/55 ,  G06F3/0482 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F3/0482 ,  G06F21/577 ,  G06F2221/2101

Abstract: A graphical user interface (GUI) for presentation of network security risk and threat information is disclosed. A listing is generated of incidents identified by use of event data obtained from a networked computing environment. A particular incident is determined to be associated with a risk object, wherein a risk object is a component of the networked computing environment. The listing is populated with a name associated with the risk object. Risk events associated with the incident are determined, wherein each risk event contributes to a risk score for the incident. The risk score indicates a potential security issue associated with the risk object. The listing is populated with the risk score and a summary of the events. An action is associated with the listing, for triggering display of additional information associated with the risk object. The listing can be displayed in a first display screen of the GUI.

公开(公告)号：US11805144B1

公开(公告)日：2023-10-31

申请号：US18061364

申请日：2022-12-02

Applicant: Splunk Inc.

Inventor： Allison Lindsey Drake ,  James Irwin Ebeling ,  Marios Iliofotou ,  Lucas Keith Murphey ,  Mihir Randhir Parikh ,  Amarendra Pendala ,  Krishna Prasanna Sankaran ,  Sourabh Satish

IPC: G06F3/0482 ,  H04L9/40 ,  G06T11/20 ,  G06F16/26 ,  G06F16/2457 ,  G06T11/00 ,  G06F16/248

CPC classification number: H04L63/1425 ,  G06F16/248 ,  G06F16/24578 ,  G06F16/26 ,  G06T11/001 ,  G06T11/206 ,  H04L63/1433 ,  G06F3/0482 ,  G06T2200/24

Abstract: Security related anomalies in the data related to network entities are identified, and a risk score is assigned to each entity based on the anomalies. Visualization data is generated for a color-coded interactive visualization. Generating the visualization data includes assigning each entity to a separate polygon to be displayed concurrently on a display screen; selecting a size of each polygon to indicate one of: a number of security related anomalies associated with the entity, or a risk level assigned to the entity, where the risk level is based on the risk score of the entity, and selecting a color of each polygon to indicate the other one of: the number of security related anomalies associated with the entity, or the risk level assigned to the entity; and causing, the color-coded interactive visualization to be displayed on a display device based on the visualization data.