-
公开(公告)号:US10764329B2
公开(公告)日:2020-09-01
申请号:US15760983
申请日:2015-09-25
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Nadav Cohen , Brian Frederik Hosea Che Hein , Ted Ross
IPC: H04L29/06 , H04L29/08 , G06F21/57 , G06F21/62 , G06F16/951
Abstract: Examples disclosed herein relate to associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform that enables sharing of security information among a plurality of users, an association between a first security indicator comprising a first observable and a first data record based on sightings of the first observable by at least one source entity associated with the first data record. Some examples may further enable obtaining a search query that specifies the first security indicator, and identifying a set of data records that satisfy the search query. The set of data records may include the first data record.
-
公开(公告)号:US10715534B2
公开(公告)日:2020-07-14
申请号:US15544343
申请日:2015-01-30
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Prasad V. Rao , Brian Frederik Hosea Che Hein
IPC: H04L29/06
Abstract: Examples relate to collaborative security lists. The examples disclosed herein enable obtaining a first candidate entry suggested by a first user of a community to be included in a collaborative security list. The collaborative security list may comprise a list of entries known to be secure or a list of entries known to be insecure. The examples disclosed herein further enable providing a candidate security list comprising at least the first candidate entry to the community and obtaining, from a second user of the community, a first score indicating how confident the second user is that the first candidate entry is secure. The examples disclosed herein further enable determining whether to include the first candidate entry in the collaborative security list based on the first score.
-
公开(公告)号:US20200351292A1
公开(公告)日:2020-11-05
申请号:US16076274
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
IPC: H04L29/06
Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.
-
公开(公告)号:US10896259B2
公开(公告)日:2021-01-19
申请号:US15763253
申请日:2015-09-28
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: In one example in accordance with the present disclosure, a method for threat score determination includes detecting a change in malicious activity for a security object. The method also includes identifying an indicator that provides contextual information for the security object and determining a linked resource that is associated with a database record of the security object. The method also includes determining a first threat score associated with the security object and determining a relationship between the linked resource and the security object. The method also includes determining a second threat score associated with the linked resource based on the indicator, the threat score of the linked object and the relationship between the linked resource and the security object.
-
公开(公告)号:US20180234458A1
公开(公告)日:2018-08-16
申请号:US15737878
申请日:2015-06-26
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Nadav Cohen , Brian Frederik Hosea Che Hein , Ted Ross
Abstract: Examples disclosed herein relate to alerts for communities of a security information sharing platform. Some examples may enable obtaining a security indicator from a user of a first community of a security information sharing platform that enables sharing of security information among a plurality of communities; including the security indicator in community-based security information associated with the first community, the first security indicator comprising a first observable; sharing the first security indicator with the security information sharing platform; obtaining, from the security information sharing platform, information related to sightings of the first observable; and providing a first alert to the first community based on the information related to the sightings of the first observable.
-
Patent Agency Ranking
公开(公告)号:US10693914B2
公开(公告)日:2020-06-23
申请号:US15737878
申请日:2015-06-26
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Nadav Cohen , Brian Frederik Hosea Che Hein , Ted Ross
Abstract: Examples disclosed herein relate to alerts for communities of a security information sharing platform. Some examples may enable obtaining a security indicator from a user of a first community of a security information sharing platform that enables sharing of security information among a plurality of communities; including the security indicator in community-based security information associated with the first community, the first security indicator comprising a first observable; sharing the first security indicator with the security information sharing platform; obtaining, from the security information sharing platform, information related to sightings of the first observable; and providing a first alert to the first community based on the information related to the sightings of the first observable.
-
7.发明申请公开(公告)号:US20190028516A1
公开(公告)日:2019-01-24
申请号:US16077233
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform, Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.
-
公开(公告)号:US20180314834A1
公开(公告)日:2018-11-01
申请号:US15763253
申请日:2015-09-28
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
CPC classification number: G06F21/554
Abstract: In one example in accordance with the present disclosure, a method for threat score determination includes detecting a change in malicious activity for a security object. The method also includes identifying an indicator that provides contextual information for the security object and determining a linked resource that is associated with a database record of the security object. The method also includes determining a first threat score associated with the security object and determining a relationship between the linked resource and the security object. The method also includes determining a second threat score associated with the linked resource based on the indicator, the threat score of the linked object and the relationship between the linked resource and the security object.
-
公开(公告)号:US11962609B2
公开(公告)日:2024-04-16
申请号:US16076274
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
CPC classification number: H04L63/1433 , H04L63/1408 , H04L63/20
Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.
-
公开(公告)号:US11356484B2
公开(公告)日:2022-06-07
申请号:US16077233
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.02 seconds)
