公开(公告)号：US11895126B1

公开(公告)日：2024-02-06

申请号：US16657964

申请日：2019-10-18

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Robert John Truesdell

IPC: H04L29/06 ,  H04L9/40 ,  G06F9/451

CPC classification number: H04L63/1416 ,  G06F9/451 ,  H04L63/0281 ,  H04L63/1441

Abstract: An information technology (IT) and security operations application is described that enables cross-tenant analyses of data to derive insights that can be used to provide actionable information across the application including, for example, action recommendations, threat confidence scores, and other incident data enrichments. The generation and presentation of such information to users of an IT and security operations application can enable analyst teams to more efficiently and accurately respond to various types of incidents in IT environments, thereby improving the overall operation and security of the IT environments. Furthermore, because of the shared use of an IT and security operations application concurrently by any number of separate tenants, such cross-tenant analyses can be performed in near real-time and on an ongoing basis to deliver relevant insights.

公开(公告)号：US11218357B1

公开(公告)日：2022-01-04

申请号：US16120010

申请日：2018-08-31

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: H04L12/24 ,  H04L12/26 ,  H04L29/06

Abstract: Described herein are systems, methods, and software to enhance incident response for an information technology (IT) environment. In one implementation, an incident service identifies an incident in the IT environment and determines a correlation between the incident and other incidents in the IT environment. Once correlated, the incident service aggregates incident data of the incident with incident data of the other incidents and generates a summary using the aggregated incident data.

公开(公告)号：US11658863B1

公开(公告)日：2023-05-23

申请号：US17497760

申请日：2021-10-08

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: H04L41/0631 ,  H04L43/0817 ,  H04L9/40

CPC classification number: H04L41/0631 ,  H04L43/0817 ,  H04L63/1441

Abstract: Described herein are systems, methods, and software to enhance incident response for an information technology (IT) environment. In one implementation, an incident service identifies an incident in the IT environment and determines a correlation between the incident and other incidents in the IT environment. Once correlated, the incident service aggregates incident data of the incident with incident data of the other incidents and generates a summary using the aggregated incident data.

公开(公告)号：US20210081523A1

公开(公告)日：2021-03-18

申请号：US17106001

申请日：2020-11-27

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: G06F21/45 ,  G06F21/60 ,  H04L29/06

Abstract: Described herein are improvements for responding to incidents in an information technology (IT) environment. In one example, a method includes, in an incident response system, receiving authentication information for use by a first component for responding to an incident in an information technology (IT) environment. The method further includes encrypting the authentication information and storing the authentication information in the incident response system along with encrypted parameters for operating the first component. In the incident response system, upon determining that the first component requires the authentication information for an interaction, the method provides retrieving the authentication information and providing the authentication information to the first component.

公开(公告)号：US11784996B2

公开(公告)日：2023-10-10

申请号：US16934915

申请日：2020-07-21

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: H04L9/40

CPC classification number: H04L63/083 ,  H04L63/105

Abstract: Described herein are systems, methods, and software to enhance incident response in an information technology (IT) environment. In one example, an incident service identifies a course of action to respond to an incident in the IT environment. The incident service further identifies a particular step in the course of action associated with a credential requirement based on traits associated with the particular step, and generates a credential request to obtain credentials to support the credential requirement.

公开(公告)号：US10853478B1

公开(公告)日：2020-12-01

申请号：US16119911

申请日：2018-08-31

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: G06F21/45 ,  G06F21/60 ,  H04L29/06

Abstract: Described herein are improvements for responding to incidents in an information technology (IT) environment. In one example, a method includes, in an incident response system, receiving authentication information for use by a first component for responding to an incident in an information technology (IT) environment. The method further includes encrypting the authentication information and storing the authentication information in the incident response system along with encrypted parameters for operating the first component. In the incident response system, upon determining that the first component requires the authentication information for an interaction, the method provides retrieving the authentication information and providing the authentication information to the first component.

公开(公告)号：US11586722B2

公开(公告)日：2023-02-21

申请号：US17106001

申请日：2020-11-27

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: G06F21/45 ,  G06F21/60 ,  H04L9/40 ,  G06F21/44

Abstract: Described herein are improvements for responding to incidents in an information technology (IT) environment. In one example, a method includes, in an incident response system, receiving authentication information for use by a first component for responding to an incident in an information technology (IT) environment. The method further includes encrypting the authentication information and storing the authentication information in the incident response system along with encrypted parameters for operating the first component. In the incident response system, upon determining that the first component requires the authentication information for an interaction, the method provides retrieving the authentication information and providing the authentication information to the first component.

公开(公告)号：US20200351259A1

公开(公告)日：2020-11-05

申请号：US16934915

申请日：2020-07-21

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: H04L29/06

Abstract: Described herein are systems, methods, and software to enhance incident response in an information technology (IT) environment. In one example, an incident service identifies a course of action to respond to an incident in the IT environment. The incident service further identifies a particular step in the course of action associated with a credential requirement based on traits associated with the particular step, and generates a credential request to obtain credentials to support the credential requirement.

公开(公告)号：US10757093B1

公开(公告)日：2020-08-25

申请号：US16119984

申请日：2018-08-31

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: H04L29/06

Abstract: Described herein are systems, methods, and software to enhance incident response in an information technology (IT) environment. In one example, an incident service identifies a course of action to respond to an incident in the IT environment. The incident service further identifies a particular step in the course of action associated with a credential requirement based on traits associated with the particular step, and generates a credential request to obtain credentials to support the credential requirement.