-
公开(公告)号:US20140189775A1
公开(公告)日:2014-07-03
申请号:US13728224
申请日:2012-12-27
申请人: Lloyd Leon Burch , Carolyn B. McClain , Robert Skousen Stilmar , Dipto Chakravarty , Baha Masoud , Michael F. Angelo
发明人: Lloyd Leon Burch , Carolyn B. McClain , Robert Skousen Stilmar , Dipto Chakravarty , Baha Masoud , Michael F. Angelo
IPC分类号: H04L29/06
CPC分类号: H04L63/10 , G01R31/31705 , G06F21/00 , G06F21/606 , H04L63/0428
摘要: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.
摘要翻译: 介绍了安全调试和监控技术。 终端用户请求一个安全的令牌用远程服务记录信息。 安全的监控和调试令牌服务提供了安全令牌。 远程服务验证安全令牌,并配置自身以捕获信息并基于安全令牌报告捕获的信息。
-
公开(公告)号:US09715675B2
公开(公告)日:2017-07-25
申请号:US11643773
申请日:2006-12-22
申请人: Dipto Chakravarty , John Melvin Antony , Usman Choudhary , David Capuano , Srinivasa Phanindra Mallapragada
发明人: Dipto Chakravarty , John Melvin Antony , Usman Choudhary , David Capuano , Srinivasa Phanindra Mallapragada
CPC分类号: G06Q10/10 , G06Q10/06 , G06Q10/063114 , G06Q10/06316 , G06Q10/0633
摘要: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.
-
公开(公告)号:US09047145B2
公开(公告)日:2015-06-02
申请号:US13159927
申请日:2011-06-14
申请人: Dipto Chakravarty , Usman Choudhary , John Paul Gassner , Frank Anthony Pellegrino , William Matthew Weiner , Yuriy Fuksenko , Robert Price
发明人: Dipto Chakravarty , Usman Choudhary , John Paul Gassner , Frank Anthony Pellegrino , William Matthew Weiner , Yuriy Fuksenko , Robert Price
CPC分类号: H04L41/0806 , G06F9/542 , G06F11/3065 , G06F11/3072 , H04L41/046 , H04L41/0613 , H04L41/0869 , H04L41/22 , H04L43/028 , H04L43/045 , H04L43/08 , H04L43/0817 , H04L43/12 , H04L67/10 , H04L67/2823 , H04L67/2828
摘要: The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data.
摘要翻译: 本文描述的系统和方法涉及管理多个网络设备连接,从具有一个或多个收集器的一个或多个网络设备收集事件源数据,过滤事件源数据,连续监视网络设备连接,控制来自该网络设备连接的原始数据收集 或更多的网络设备,将事件源数据解析为归一化数据结构,以及管理收集器的配置等等。 事件源可以是分布在网络上的物理或逻辑网络设备,包括但不限于防火墙,路由器,生物识别设备,大型机,数据库和应用。 网络设备可以是收集器可以从其接收或请求事件源数据的源。
-
公开(公告)号:US07673335B1
公开(公告)日:2010-03-02
申请号:US10975374
申请日:2004-10-29
申请人: Dipto Chakravarty , Ofer Zajicek , Frank Pellegrino , Usman Choudhary , John Gassner , Melvin Antony
发明人: Dipto Chakravarty , Ofer Zajicek , Frank Pellegrino , Usman Choudhary , John Gassner , Melvin Antony
IPC分类号: G06F12/14
CPC分类号: G06F21/554 , G06F21/552
摘要: A system and method for analyzing events from devices relating to network security, includes a device interface(s), for receiving events from devices. One or more processors, responsive to the event received pursuant to the device interfaces, evaluate the event in accordance with rules, wherein the rules define, inter alia, an operation the system is to take to evaluate the event and an action to be taken under specified conditions. Also, the processor can determine, responsive to the received event, whether the event is of interest, and if not, discarding the event. The processor can provide a correlation corresponding to the at least one event, for the rules.
摘要翻译: 用于分析与网络安全有关的设备的事件的系统和方法包括用于从设备接收事件的设备接口。 响应于根据设备接口接收到的事件的一个或多个处理器根据规则来评估事件,其中规则除其他外定义系统要采取的操作以评估事件和要采取的行动 指定条件。 此外,处理器可以响应于所接收的事件来确定事件是否是感兴趣的,如果不是,则丢弃该事件。 对于规则,处理器可以提供对应于至少一个事件的相关性。
-
公开(公告)号:US20120281557A1
公开(公告)日:2012-11-08
申请号:US13100082
申请日:2011-05-03
CPC分类号: H04L45/308 , H04L45/04
摘要: Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.
摘要翻译: 提供特权网路路由技术。 由于在网络骨干供应商环境的网关处接收到流量,所以要询问预定义的标准。 如果流量满足预定义的标准,则信息在网络骨干提供者环境内路由以使用一组预留和受限的资源来为通过网络骨干提供者环境路由的流量提供优质服务。
-
6.发明申请公开(公告)号:US20080040191A1
公开(公告)日:2008-02-14
申请号:US11643773
申请日:2006-12-22
申请人: Dipto Chakravarty , John Melvin Antony , Usman Choudhary , David Capuano , Srinivasa Phanindra Mallapragada
发明人: Dipto Chakravarty , John Melvin Antony , Usman Choudhary , David Capuano , Srinivasa Phanindra Mallapragada
IPC分类号: G06F9/46
CPC分类号: G06Q10/10 , G06Q10/06 , G06Q10/063114 , G06Q10/06316 , G06Q10/0633
摘要: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.
摘要翻译: 本发明涉及一种用于定制和存储用于诸如安全事件的修复事件中的工作流程的系统和方法。 本发明的一个方面涉及提供工具,以便能够创建用于事件驱动的事件修复,监视和分析系统活动的自定义工作流过程以识别事件的发生,向事件分配工作流程,应用所分配的工作流程以修复事件 ,并跟踪和图形显示工作流过程的状态等等。
-
公开(公告)号:US08693327B2
公开(公告)日:2014-04-08
申请号:US13100082
申请日:2011-05-03
IPC分类号: H04L1/00
CPC分类号: H04L45/308 , H04L45/04
摘要: Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.
摘要翻译: 提供特权网路路由技术。 由于在网络骨干供应商环境的网关处接收到流量,所以要询问预定义的标准。 如果流量满足预定义的标准,则信息在网络骨干提供者环境内路由以使用一组预留和受限的资源来为通过网络骨干提供者环境路由的流量提供优质服务。
-
公开(公告)号:US20110296015A1
公开(公告)日:2011-12-01
申请号:US13159927
申请日:2011-06-14
申请人: Dipto Chakravarty , Usman Choudhary , John Paul Gassner , Frank Anthony Pellegrino , William Matthew Weiner , Yuriy Fuksenko , Robert Price
发明人: Dipto Chakravarty , Usman Choudhary , John Paul Gassner , Frank Anthony Pellegrino , William Matthew Weiner , Yuriy Fuksenko , Robert Price
IPC分类号: G06F15/16
CPC分类号: H04L41/0806 , G06F9/542 , G06F11/3065 , G06F11/3072 , H04L41/046 , H04L41/0613 , H04L41/0869 , H04L41/22 , H04L43/028 , H04L43/045 , H04L43/08 , H04L43/0817 , H04L43/12 , H04L67/10 , H04L67/2823 , H04L67/2828
摘要: The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data.
摘要翻译: 本文描述的系统和方法涉及管理多个网络设备连接,从具有一个或多个收集器的一个或多个网络设备收集事件源数据,过滤事件源数据,连续监视网络设备连接,控制来自该网络设备连接的原始数据收集 或更多的网络设备,将事件源数据解析为归一化数据结构,以及管理收集器的配置等等。 事件源可以是分布在网络上的物理或逻辑网络设备,包括但不限于防火墙,路由器,生物识别设备,大型机,数据库和应用。 网络设备可以是收集器可以从其接收或请求事件源数据的源。
-
公开(公告)号:US07984452B2
公开(公告)日:2011-07-19
申请号:US11730493
申请日:2007-04-02
申请人: Dipto Chakravarty , Usman Choudhary , John Paul Gassner , Frank Anthony Pellegrino , William Matthew Weiner , Yuriy Fuksenko , Robert Price
发明人: Dipto Chakravarty , Usman Choudhary , John Paul Gassner , Frank Anthony Pellegrino , William Matthew Weiner , Yuriy Fuksenko , Robert Price
CPC分类号: H04L41/0806 , G06F9/542 , G06F11/3065 , G06F11/3072 , H04L41/046 , H04L41/0613 , H04L41/0869 , H04L41/22 , H04L43/028 , H04L43/045 , H04L43/08 , H04L43/0817 , H04L43/12 , H04L67/10 , H04L67/2823 , H04L67/2828
摘要: The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data.
摘要翻译: 本文描述的系统和方法涉及管理多个网络设备连接,从具有一个或多个收集器的一个或多个网络设备收集事件源数据,过滤事件源数据,连续监视网络设备连接,控制来自该网络设备连接的原始数据收集 或更多的网络设备,将事件源数据解析为归一化数据结构,以及管理收集器的配置等等。 事件源可以是分布在网络上的物理或逻辑网络设备,包括但不限于防火墙,路由器,生物识别设备,大型机,数据库和应用。 网络设备可以是收集器可以从其接收或请求事件源数据的源。
-
10.发明授权System and method for correlating events in a pluggable correlation architecture 有权在可插拔相关架构中关联事件的系统和方法公开(公告)号:US08185488B2
公开(公告)日:2012-05-22
申请号:US12081540
申请日:2008-04-17
申请人: Dipto Chakravarty , Usman Choudhary , John Melvin Antony , Michael Howard Cooper , Jason Lee Arrington , Cheryl Witt
发明人: Dipto Chakravarty , Usman Choudhary , John Melvin Antony , Michael Howard Cooper , Jason Lee Arrington , Cheryl Witt
CPC分类号: G06N5/022
摘要: A system for pluggable event correlation may include an input manager that receives a plurality of events and converts the events into a format compatible with one or more of a plurality of correlation engines. The correlation engines may then evaluate the converted events using various rules and generate correlated events when the evaluated events trigger at least one of the rules. An action manager may execute remedial actions when the correlation engines generate the correlated events. Moreover, extensibility may be provided by enabling a user to define rules to be triggered when events occur in a predetermined pattern, and actions to be executed when a predetermined rule triggers a correlated event. Further, to plug a new correlation engine into the system, adapters may be deployed to handle input and output, while the user-defined rules may be validating according to semantic requirements of the new correlation engine.
摘要翻译: 用于可插拔事件相关的系统可以包括输入管理器,其接收多个事件并将事件转换成与多个相关引擎中的一个或多个相兼容的格式。 然后,相关引擎可以使用各种规则评估转换的事件,并且当评估的事件触发至少一个规则时产生相关事件。 当相关引擎产生相关事件时,动作管理器可以执行补救动作。 此外,可以通过使用户能够定义当事件以预定模式发生时要触发的规则以及当预定规则触发相关事件时要执行的动作来提供可扩展性。 此外,为了将新的相关引擎插入到系统中,可以部署适配器来处理输入和输出,而用户定义的规则可以根据新的相关引擎的语义要求进行验证。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.037 秒)
