-
公开(公告)号:US10896259B2
公开(公告)日:2021-01-19
申请号:US15763253
申请日:2015-09-28
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: In one example in accordance with the present disclosure, a method for threat score determination includes detecting a change in malicious activity for a security object. The method also includes identifying an indicator that provides contextual information for the security object and determining a linked resource that is associated with a database record of the security object. The method also includes determining a first threat score associated with the security object and determining a relationship between the linked resource and the security object. The method also includes determining a second threat score associated with the linked resource based on the indicator, the threat score of the linked object and the relationship between the linked resource and the security object.
-
公开(公告)号:US20180234458A1
公开(公告)日:2018-08-16
申请号:US15737878
申请日:2015-06-26
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Nadav Cohen , Brian Frederik Hosea Che Hein , Ted Ross
Abstract: Examples disclosed herein relate to alerts for communities of a security information sharing platform. Some examples may enable obtaining a security indicator from a user of a first community of a security information sharing platform that enables sharing of security information among a plurality of communities; including the security indicator in community-based security information associated with the first community, the first security indicator comprising a first observable; sharing the first security indicator with the security information sharing platform; obtaining, from the security information sharing platform, information related to sightings of the first observable; and providing a first alert to the first community based on the information related to the sightings of the first observable.
-
公开(公告)号:US10693914B2
公开(公告)日:2020-06-23
申请号:US15737878
申请日:2015-06-26
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Nadav Cohen , Brian Frederik Hosea Che Hein , Ted Ross
Abstract: Examples disclosed herein relate to alerts for communities of a security information sharing platform. Some examples may enable obtaining a security indicator from a user of a first community of a security information sharing platform that enables sharing of security information among a plurality of communities; including the security indicator in community-based security information associated with the first community, the first security indicator comprising a first observable; sharing the first security indicator with the security information sharing platform; obtaining, from the security information sharing platform, information related to sightings of the first observable; and providing a first alert to the first community based on the information related to the sightings of the first observable.
-
4.发明申请公开(公告)号:US20190028516A1
公开(公告)日:2019-01-24
申请号:US16077233
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform, Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.
-
公开(公告)号:US20180314834A1
公开(公告)日:2018-11-01
申请号:US15763253
申请日:2015-09-28
Applicant: ENTIT Software LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
CPC classification number: G06F21/554
Abstract: In one example in accordance with the present disclosure, a method for threat score determination includes detecting a change in malicious activity for a security object. The method also includes identifying an indicator that provides contextual information for the security object and determining a linked resource that is associated with a database record of the security object. The method also includes determining a first threat score associated with the security object and determining a relationship between the linked resource and the security object. The method also includes determining a second threat score associated with the linked resource based on the indicator, the threat score of the linked object and the relationship between the linked resource and the security object.
-
Patent Agency Ranking
公开(公告)号:US20200351292A1
公开(公告)日:2020-11-05
申请号:US16076274
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
IPC: H04L29/06
Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.
-
公开(公告)号:US11962609B2
公开(公告)日:2024-04-16
申请号:US16076274
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
CPC classification number: H04L63/1433 , H04L63/1408 , H04L63/20
Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.
-
公开(公告)号:US11356484B2
公开(公告)日:2022-06-07
申请号:US16077233
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.
-
9.发明授权公开(公告)号:US10956565B2
公开(公告)日:2021-03-23
申请号:US16076948
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
Abstract: Examples disclosed herein relate to visualization of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a first data record comprising a security indicator, and a second data record. Some examples may further enable providing a visual representation of the first data record, the second data record, and the association, wherein the first data record represents a first node in the visual representation, the second data record represents a second node in the visual representation, and the association represents an edge that connects the first node and the second node.
-
10.发明申请公开(公告)号:US20190050563A1
公开(公告)日:2019-02-14
申请号:US16076948
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: Tomas Sander , Brian Frederik Hosea Che Hein , Nadav Cohen , Ted Ross
IPC: G06F21/55
Abstract: Examples disclosed herein relate to visualization of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a first data record comprising a security indicator, and a second data record. Some examples may further enable providing a visual representation of the first data record, the second data record, and the association, wherein the first data record represents a first node in the visual representation, the second data record represents a second node in the visual representation, and the association represents an edge that connects the first node and the second node.
-
-
-
-
-
-
-
-
-
Search Results
11
records
(took 0.018 seconds)
