公开(公告)号：US11558419B2

公开(公告)日：2023-01-17

申请号：US16898431

申请日：2020-06-10

Applicant: Barracuda Networks, Inc.

Inventor： Christopher B. Black ,  Grayson Carr ,  Jordan A. Petersen ,  Benjamin J. Hildebrand

IPC: H04L29/06 ,  H04L9/40 ,  H04L51/212

Abstract: A new approach is proposed to support autonomous similar and adjacent attack identification. First, an incident is created for a detected suspicious electronic message-borne attack at one user account with one tenant on an electronic communication platform. A plurality of insight events for similar or adjacent attacks are then generated automatically based on the detected attack and inserted into an insights queue. For each of the insight events in the insights queue, a search is conducted in a repository to identify a set of un-remediated attacks against user accounts of the same or different tenants on the electronic communication platform, wherein the set of un-remediated attacks are similar or adjacent to the detected attack. Insights on the identified un-remediated attacks against the user accounts in the same or different tenants that are similar or adjacent to the detected attack are automatically generated for an administrator and are remediated accordingly.

公开(公告)号：US20210136107A1

公开(公告)日：2021-05-06

申请号：US16898431

申请日：2020-06-10

Applicant: Barracuda Networks, Inc.

Inventor： Christopher B. Black ,  Grayson Carr ,  Jordan A. Petersen ,  Benjamin J. Hildebrand

IPC: H04L29/06 ,  H04L12/58

Abstract: A new approach is proposed to support autonomous similar and adjacent attack identification. First, an incident is created for a detected suspicious electronic message-borne attack at one user account with one tenant on an electronic communication platform. A plurality of insight events for similar or adjacent attacks are then generated automatically based on the detected attack and inserted into an insights queue. For each of the insight events in the insights queue, a search is conducted in a repository to identify a set of un-remediated attacks against user accounts of the same or different tenants on the electronic communication platform, wherein the set of un-remediated attacks are similar or adjacent to the detected attack. Insights on the identified un-remediated attacks against the user accounts in the same or different tenants that are similar or adjacent to the detected attack are automatically generated for an administrator and are remediated accordingly.