-
公开(公告)号:US11223646B2
公开(公告)日:2022-01-11
申请号:US16863804
申请日:2020-04-30
申请人: Forcepoint, LLC
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source, the security related activity comprising a concerning behavior, the concerning behavior comprising a security related activity of analytic utility; analyzing the security related activity, the analyzing the security related activity being based upon the concerning behavior; and, performing a security operation in response to the analyzing the security related activity.
-
公开(公告)号:US20210112075A1
公开(公告)日:2021-04-15
申请号:US17119812
申请日:2020-12-11
申请人: Forcepoint, LLC
IPC分类号: H04L29/06
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; the security related activity comprising a concerning behavior, the security related activity being enacted during an activity session; associating the security related activity enacted during an activity session with a security risk persona; analyzing the security related activity, the analyzing the security related activity using the security risk persona; and, performing a security operation in response to the analyzing the security related activity.
-
公开(公告)号:US11838298B2
公开(公告)日:2023-12-05
申请号:US17119800
申请日:2020-12-11
申请人: Forcepoint, LLC
IPC分类号: H04L9/40 , G06F21/56 , G06F21/57 , H04L67/306
CPC分类号: H04L63/04 , G06F21/566 , G06F21/577 , H04L63/102 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/205 , H04L67/306 , G06F2221/034
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; analyzing the security related activity, the analyzing the security related activity using a security risk persona; and, performing a security operation in response to the analyzing the security related activity.
-
公开(公告)号:US11570197B2
公开(公告)日:2023-01-31
申请号:US16863803
申请日:2020-04-30
申请人: Forcepoint, LLC
摘要: A system, method, and computer-readable medium are disclosed for performing a security risk modeling operation. The security risk modeling operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; analyzing the security related activity, the analyzing the security related activity using a human-centric risk modeling framework; and, performing a security operation in response to the analyzing the security related activity.
-
公开(公告)号:US11843613B2
公开(公告)日:2023-12-12
申请号:US17119808
申请日:2020-12-11
申请人: Forcepoint, LLC
IPC分类号: H04L9/40 , G06F21/56 , G06F21/57 , H04L67/306
CPC分类号: H04L63/14 , G06F21/566 , G06F21/577 , H04L63/102 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/205 , H04L67/306 , G06F2221/034
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source, the security related activity comprising a concerning behavior; generating a contextual modifier relating to the security related activity; analyzing the security related activity, the analyzing the security related activity being based upon the contextual modifier; and, performing a security operation in response to the analyzing the security related activity.
-
公开(公告)号:US20210226971A1
公开(公告)日:2021-07-22
申请号:US16863808
申请日:2020-04-30
申请人: Forcepoint, LLC
IPC分类号: H04L29/06
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity of the entity, the security related activity being based upon the observable derived from the electronic data source, the security related activity being of analytic utility; associating the security related activity with a phase of a cyber kill chain; and, performing a security operation on the security related activity via a security system, the security operation disrupting performance of the phase of the cyber kill chain.
-
公开(公告)号:US20210112074A1
公开(公告)日:2021-04-15
申请号:US17119808
申请日:2020-12-11
申请人: Forcepoint, LLC
IPC分类号: H04L29/06
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source, the security related activity comprising a concerning behavior; generating a contextual modifier relating to the security related activity; analyzing the security related activity, the analyzing the security related activity being based upon the contextual modifier; and, performing a security operation in response to the analyzing the security related activity.
-
8.发明公开公开(公告)号:US20240171590A1
公开(公告)日:2024-05-23
申请号:US18425915
申请日:2024-01-29
申请人: Forcepoint LLC
IPC分类号: H04L9/40 , G06F21/56 , G06F21/57 , H04L67/306
CPC分类号: H04L63/14 , G06F21/566 , G06F21/577 , H04L63/04 , H04L63/102 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/205 , H04L67/306 , G06F2221/034
摘要: A system, method, and computer-readable medium for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; identifying a security related activity, the security related activity being of analytic utility; accessing an entity behavior profile based upon the security related activity, the entity behavior profile comprising a collection of information uniquely describing an identity and behavior of the entity; identifying a risk associated with the entity using a human-centric risk modeling framework, the human-centric risk modeling framework enabling quantification of a human-centric factor associated with the entity, the human-centric factor comprising a motivation factor, a stressor factor and an organizational dynamics stressor factor, the human-centric factor having an associated effect on the entity, the motivation factor representing a motivation for enacting an entity behavior, the stressor factor representing an issue influencing the user entity behavior, the organizational stressor factor representing an event occurring within an organization affecting the entity behavior; and, performing a security operation based upon the risk associated with the entity, the security operation using the human-centric risk modeling framework and the entity behavior profile, the security operation being performed by at least one of an endpoint device and a security analytics system, the endpoint device executing the security operation on a hardware processor associated with the endpoint device, the security analytics system executing the security operation on a hardware processor associated with the security analytics system.
-
公开(公告)号:US20220006818A1
公开(公告)日:2022-01-06
申请号:US17119803
申请日:2020-12-11
申请人: Forcepoint, LLC
IPC分类号: H04L29/06
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; analyzing the security related activity, the analyzing the security related activity using a security risk persona; associating the security risk persona with a phase of a cyber kill chain; and, performing a security operation on the security related activity via a security system, the security operation disrupting performance of the phase of the cyber kill chain.
-
公开(公告)号:US20210144153A1
公开(公告)日:2021-05-13
申请号:US17119800
申请日:2020-12-11
申请人: Forcepoint, LLC
IPC分类号: H04L29/06
摘要: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; analyzing the security related activity, the analyzing the security related activity using a security risk persona; and, performing a security operation in response to the analyzing the security related activity.
-
-
-
-
-
-
-
-
-
搜索结果
19 条记录 (耗时 0.026 秒)
