公开(公告)号：US20200322365A1

公开(公告)日：2020-10-08

申请号：US16904944

申请日：2020-06-18

Applicant: Palantir Technologies Inc.

Inventor： Akash Vaswani ,  Asavari Sinha ,  Gautam Punukollu ,  Kyle McLain ,  Vivian Yu

IPC: H04L29/06

Abstract: A computer system is configured to generate alerts related to malicious activity on an audited computing system. The computing system is provided with instructions to receive activity information associated with activity of an entity performed in an audited computing network, access contextual information associated with the entity, determine, based on the contextual information, a set of weights associated with the activity information and combine the weight and the entity activity information to generate a risk score. In response to the risk score satisfying a threshold value, the computer system may generate an alert, and, in response to receiving a user input associated with the alert, update the set of weights. In certain embodiments, the updated weights may be used for determining the risk score of future alerts.

公开(公告)号：US11770390B2

公开(公告)日：2023-09-26

申请号：US17817828

申请日：2022-08-05

Applicant: Palantir Technologies Inc.

Inventor： Akash Vaswani ,  Asavari Sinha ,  Gautam Punukollu ,  Kyle McLain ,  Vivian Yu

IPC: H04L9/40 ,  G06F3/0482

CPC classification number: H04L63/1416 ,  H04L63/1433 ,  G06F3/0482

Abstract: A computer system is configured to generate alerts related to malicious activity on an audited computing system. The computing system is provided with instructions to receive activity information associated with activity of an entity performed in an audited computing network, access contextual information associated with the entity, determine, based on the contextual information, a set of weights associated with the activity information and combine the weight and the entity activity information to generate a risk score. In response to the risk score satisfying a threshold value, the computer system may generate an alert, and, in response to receiving a user input associated with the alert, update the set of weights. In certain embodiments, the updated weights may be used for determining the risk score of future alerts.

公开(公告)号：US10728262B1

公开(公告)日：2020-07-28

申请号：US15796529

申请日：2017-10-27

Applicant: Palantir Technologies Inc.

Inventor： Akash Vaswani ,  Asavari Sinha ,  Gautam Punukollu ,  Kyle McLain ,  Vivian Yu

IPC: H04L29/06 ,  G06F3/0482

Abstract: A computer system is configured to generate alerts related to malicious activity on an audited computing system. The computing system is provided with instructions to receive activity information associated with activity of an entity performed in an audited computing network, access contextual information associated with the entity, determine, based on the contextual information, a set of weights associated with the activity information and combine the weight and the entity activity information to generate a risk score. In response to the risk score satisfying a threshold value, the computer system may generate an alert, and, in response to receiving a user input associated with the alert, update the set of weights. In certain embodiments, the updated weights may be used for determining the risk score of future alerts.

公开(公告)号：US11411971B2

公开(公告)日：2022-08-09

申请号：US16904944

申请日：2020-06-18

Applicant: Palantir Technologies Inc.

Inventor： Akash Vaswani ,  Asavari Sinha ,  Gautam Punukollu ,  Kyle McLain ,  Vivian Yu

IPC: H04L29/06 ,  H04L9/40 ,  G06F3/0482

Abstract: A computer system is configured to generate alerts related to malicious activity on an audited computing system. The computing system is provided with instructions to receive activity information associated with activity of an entity performed in an audited computing network, access contextual information associated with the entity, determine, based on the contextual information, a set of weights associated with the activity information and combine the weight and the entity activity information to generate a risk score. In response to the risk score satisfying a threshold value, the computer system may generate an alert, and, in response to receiving a user input associated with the alert, update the set of weights. In certain embodiments, the updated weights may be used for determining the risk score of future alerts.

公开(公告)号：US20220377090A1

公开(公告)日：2022-11-24

申请号：US17817828

申请日：2022-08-05

Applicant: Palantir Technologies Inc.

Inventor： Akash Vaswani ,  Asavari Sinha ,  Gautam Punukollu ,  Kyle McLain ,  Vivian Yu

IPC: H04L9/40

Abstract: A computer system is configured to generate alerts related to malicious activity on an audited computing system. The computing system is provided with instructions to receive activity information associated with activity of an entity performed in an audited computing network, access contextual information associated with the entity, determine, based on the contextual information, a set of weights associated with the activity information and combine the weight and the entity activity information to generate a risk score. In response to the risk score satisfying a threshold value, the computer system may generate an alert, and, in response to receiving a user input associated with the alert, update the set of weights. In certain embodiments, the updated weights may be used for determining the risk score of future alerts.