公开(公告)号：US20240028745A1

公开(公告)日：2024-01-25

申请号：US18356501

申请日：2023-07-21

Applicant: Booz Allen Hamilton Inc.

Inventor： Hannah Davies ,  Michael Saxton

IPC: G06F21/57 ,  G06F21/55

CPC classification number: G06F21/577 ,  G06F21/554

Abstract: Exemplary systems and methods are directed to endpoint detection and response (EDR) in which a receiver receives streaming data from plural EDR platforms with vendor-specific data formats for the streaming data. An application programming interface converts the streaming data received from each EDR platform to a common data format. A detection engine analyzes the converted streaming data for attributes of malicious activity and generates an alert when malicious activity is detected. A graphical user interface filters and sorts the generated alerts based on at least one of a priority of addressing the malicious activity and a severity of harm caused by the malicious activity. The graphical user interface further generates an interactive display of the filtered and sorted alerts, where each alert includes an active or activatable link which when selected provides additional information obtained from one of the plural EDR platforms associated with the alert.