公开(公告)号：US08719942B2

公开(公告)日：2014-05-06

申请号：US12704391

申请日：2010-02-11

申请人： Igal Figlin ,  Lior Arzi ,  Sterling Reasor ,  Eyal Zangi ,  Ahmad S. Hussain

发明人： Igal Figlin ,  Lior Arzi ,  Sterling Reasor ,  Eyal Zangi ,  Ahmad S. Hussain

IPC分类号： H04L29/06

CPC分类号： H04L63/1433 ,  G06F21/577 ,  H04L63/1408

摘要： Tracking malware state information assigned to computers in an enterprise network is described. A computer may transition from a current malware state to a new malware state in accordance with a plurality of stored rules and detection of an anti-malware event on the computer. Examples of anti-malware events include, but are not limited to, detection of new malware on the computer or cleaning of the computer. The malware state information for computers on the network may be mapped to a risk level representing an amount of risk that infected computers present to other computers on the network. The results of a risk level assessment for the computers on the network may be output via a user interface to enable an administrator of the network to prioritize servicing of computers with detected malware.

摘要翻译： 描述分配给企业网络中计算机的恶意软件状态信息。 计算机可以根据多个存储的规则从计算机上的反恶意软件事件的检测从当前恶意软件状态转换到新的恶意软件状态。 反恶意软件事件的示例包括但不限于检测计算机上的新恶意软件或清洁计算机。 网络上计算机的恶意软件状态信息可能被映射到一个风险级别，该风险级别表示受感染计算机存在于网络上其他计算机的风险。 可以通过用户界面输出网络上计算机的风险级别评估结果，以使网络的管理员可以优先处理检测到恶意软件的计算机的服务。

公开(公告)号：US20110197277A1

公开(公告)日：2011-08-11

申请号：US12704391

申请日：2010-02-11

申请人： Igal Figlin ,  Lior Arzi ,  Sterling Reasor ,  Eyal Zangi ,  Ahmad S. Hussain

发明人： Igal Figlin ,  Lior Arzi ,  Sterling Reasor ,  Eyal Zangi ,  Ahmad S. Hussain

IPC分类号： G06F11/00 ,  G06F15/173 ,  G06F3/048

CPC分类号： H04L63/1433 ,  G06F21/577 ,  H04L63/1408

摘要： Tracking malware state information assigned to computers in an enterprise network is described. A computer may transition from a current malware state to a new malware state in accordance with a plurality of stored rules and detection of an anti-malware event on the computer. Examples of anti-malware events include, but are not limited to, detection of new malware on the computer or cleaning of the computer. The malware state information for computers on the network may be mapped to a risk level representing an amount of risk that infected computers present to other computers on the network. The results of a risk level assessment for the computers on the network may be output via a user interface to enable an administrator of the network to prioritize servicing of computers with detected malware.

摘要翻译： 描述分配给企业网络中计算机的恶意软件状态信息。 计算机可以根据多个存储的规则从计算机上的反恶意软件事件的检测从当前恶意软件状态转换到新的恶意软件状态。 反恶意软件事件的示例包括但不限于检测计算机上的新恶意软件或清洁计算机。 网络上计算机的恶意软件状态信息可能被映射到一个风险级别，该风险级别表示受感染计算机存在于网络上其他计算机的风险。 可以通过用户界面输出网络上计算机的风险级别评估结果，以使网络的管理员可以优先处理检测到恶意软件的计算机的服务。