公开(公告)号：US11188397B2

公开(公告)日：2021-11-30

申请号：US16658070

申请日：2019-10-19

Applicant: Splunk Inc.

Inventor： Maryann Cristofi ,  Jeff Roecks ,  Kavita Varadarajan

IPC: G06F3/00 ,  G06F9/54 ,  G06F9/44 ,  G06F21/62 ,  G06F3/0482

Abstract: Techniques are described for providing an IT and security operations mobile application for managing IT and security operations instances of an IT and security operations application via a mobile device. The IT and security operations mobile application can be linked to the IT and security operations application to enable the IT and security operations application to send messages (e.g., notifications, alerts, action requests, etc.) related the occurrences of incidents/events in an IT environment, such as security-related incident, that can impact the operation of the IT environment. The IT and security operations mobile application enables a user to respond to the messages by initiating actions that are sent to the IT and security operations application for executing within the IT environment.

公开(公告)号：US11922232B2

公开(公告)日：2024-03-05

申请号：US17506358

申请日：2021-10-20

Applicant: Splunk Inc.

Inventor： Maryann Cristofi ,  Jeff Roecks ,  Kavita Varadarajan

IPC: G06F3/00 ,  G06F3/0482 ,  G06F9/44 ,  G06F9/54 ,  G06F21/62

CPC classification number: G06F9/542 ,  G06F3/0482 ,  G06F9/44 ,  G06F21/62 ,  G06F2221/2113

Abstract: Techniques are described for providing an IT and security operations mobile application for managing IT and security operations instances of an IT and security operations application via a mobile device. The IT and security operations mobile application can be linked to the IT and security operations application to enable the IT and security operations application to send messages (e.g., notifications, alerts, action requests, etc.) related the occurrences of incidents/events in an IT environment, such as security-related incident, that can impact the operation of the IT environment. The IT and security operations mobile application enables a user to respond to the messages by initiating actions that are sent to the IT and security operations application for executing within the IT environment.

公开(公告)号：US11924284B1

公开(公告)日：2024-03-05

申请号：US18326830

申请日：2023-05-31

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Jacob Davis ,  Zhi Peng Zhou ,  James Harris ,  Jacob Andrew Edward Moore ,  Austin Tyler Hariri ,  Shiying Tu ,  Daniel Trenkner ,  Kavita Varadarajan

IPC: H04L67/133

CPC classification number: H04L67/133

Abstract: Described herein are techniques are provided for enabling a security orchestration, automation, and response (SOAR) service to automatically manage apps used to interface with an integrated security operations service and other related devices and services. Further described herein is a SOAR app generator service or application used to automate the creation of apps for a SOAR service based on application programming interfaces (API) specifications for related devices or services, as well as visual playbook editor interfaces for a SOAR service that enable the configuration of complex action input parameters including arrays and objects.

公开(公告)号：US11853367B1

公开(公告)日：2023-12-26

申请号：US17869693

申请日：2022-07-20

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  David Wayman ,  Kavita Varadarajan

IPC: G06F16/906 ,  H04L9/40 ,  G06F16/9038 ,  G06F16/11 ,  G06F3/0482 ,  G06F16/907

CPC classification number: G06F16/906 ,  G06F3/0482 ,  G06F16/125 ,  G06F16/907 ,  G06F16/9038 ,  H04L63/105 ,  H04L63/1416 ,  H04L63/1425

Abstract: Techniques are described for enabling analysts and other users of an IT operations platform to identify certain data objects managed by the platform (for example, events, files, notes, actions results, etc.) as “evidence” when such data objects are believed to be of particular significance to an investigation or other matter. For example, an event generated based on data ingested from an anti-virus service and representing a security-related incident might include artifacts indicating an asset identifier, a hash value of a suspected malicious file, a file path on the infected endpoint, and so forth. An analyst can use various interfaces and interface elements of an IT operations platform to indicate which of such events and/or artifacts, if any, represent evidence in the context of the investigation that the analyst is conducting. In response, the IT operations platform can perform various automated actions.

公开(公告)号：US11416561B1

公开(公告)日：2022-08-16

申请号：US16429044

申请日：2019-06-02

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  David Wayman ,  Kavita Varadarajan

IPC: G06F16/906 ,  H04L9/40 ,  G06F16/907 ,  G06F16/9038 ,  G06F16/11 ,  G06F3/0482

Abstract: Techniques are described for enabling analysts and other users of an IT operations platform to identify certain data objects managed by the platform (for example, events, files, notes, actions results, etc.) as “evidence” when such data objects are believed to be of particular significance to an investigation or other matter. For example, an event generated based on data ingested from an anti-virus service and representing a security-related incident might include artifacts indicating an asset identifier, a hash value of a suspected malicious file, a file path on the infected endpoint, and so forth. An analyst can use various interfaces and interface elements of an IT operations platform to indicate which of such events and/or artifacts, if any, represent evidence in the context of the investigation that the analyst is conducting. In response, the IT operations platform can perform various automated actions.

公开(公告)号：USD946037S1

公开(公告)日：2022-03-15

申请号：US29755304

申请日：2020-10-19

Applicant: SPLUNK Inc.

Designer： Daniel Trenkner ,  Allison Drake ,  Kavita Varadarajan