-
公开(公告)号:US20200213348A1
公开(公告)日:2020-07-02
申请号:US16699299
申请日:2019-11-29
Applicant: Splunk Inc.
Inventor: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas
Abstract: Systems, methods, and software described herein provide for managing service level agreements (SLAs) for security incidents in a computing environment. In one example, an advisement system identifies a rule set for a security incident based on enrichment information obtained for the security incident, wherein the rule set is associated with action recommendations to be taken against the incident. The advisement system further identifies a default SLA for the security incident based on the rule set, and obtains environmental characteristics related to the security incident. Based on the environmental characteristics, the advisement system determines a modified SLA for the security incident.
-
公开(公告)号:US10567424B2
公开(公告)日:2020-02-18
申请号:US16107979
申请日:2018-08-21
Applicant: Splunk Inc.
Inventor: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas
IPC: H04L29/06 , G06F21/55 , G06F16/28 , H04L12/851
Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.
-
93.发明申请公开(公告)号:US20200007574A1
公开(公告)日:2020-01-02
申请号:US16568949
申请日:2019-09-12
Applicant: Splunk Inc.
Inventor: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas
Abstract: Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.
-
公开(公告)号:US20180332074A1
公开(公告)日:2018-11-15
申请号:US16042283
申请日:2018-07-23
Applicant: Splunk Inc.
Inventor: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas
CPC classification number: H04L63/1441 , G06F17/30598 , G06F21/554 , H04L47/2425 , H04L63/0236 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/20
Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.
-
-
-
Search Results
94
records
(took 0.019 seconds)
