-
Patent Agency Ranking
公开(公告)号:US20190138718A1
公开(公告)日:2019-05-09
申请号:US16237611
申请日:2018-12-31
Applicant: Splunk Inc.
Inventor: Ravi Iyer , Devendra Badhani , Vijay Chauhan
Abstract: Systems and methods are disclosed for associating an entity with a risk score that may indicate a security threat associated with the entity's activity. An exemplary method may involve monitoring the activity of a subset of the set of entities (e.g., entities included in a watch list) by executing a search query against events indicating the activity of the subset of entities. The events may be associated with timestamps and may include machine data. Executing the search query may produce search results that pertain to activity of a particular entity from the subset. The search results may be evaluated based on a triggering condition corresponding to the statistical baseline. When the triggering condition is met, a risk score for the particular entity may be updated. The updated risk score may be displayed to a user via a graphical user interface (GUI).
-
公开(公告)号:US20180052994A1
公开(公告)日:2018-02-22
申请号:US15799975
申请日:2017-10-31
Applicant: Splunk Inc.
Inventor: Ravi Iyer , Devendra Badhani , Vijay Chauhan
CPC classification number: G06F21/552 , G06F21/566 , G06Q10/00
Abstract: Systems and methods are disclosed for associating an entity with a risk score that may indicate a security threat associated with the entity's activity. An exemplary method may involve monitoring the activity of a subset of the set of entities (e.g., entities included in a watch list) by executing a search query against events indicating the activity of the subset of entities. The events may be associated with timestamps and may include machine data. Executing the search query may produce search results that pertain to activity of a particular entity from the subset. The search results may be evaluated based on a triggering condition corresponding to the statistical baseline. When the triggering condition is met, a risk score for the particular entity may be updated. The updated risk score may be displayed to a user via a graphical user interface (GUI).
-
公开(公告)号:US10185821B2
公开(公告)日:2019-01-22
申请号:US15799975
申请日:2017-10-31
Applicant: Splunk Inc.
Inventor: Ravi Iyer , Devendra Badhani , Vijay Chauhan
Abstract: Systems and methods are disclosed for associating an entity with a risk score that may indicate a security threat associated with the entity's activity. An exemplary method may involve monitoring the activity of a subset of the set of entities (e.g., entities included in a watch list) by executing a search query against events indicating the activity of the subset of entities. The events may be associated with timestamps and may include machine data. Executing the search query may produce search results that pertain to activity of a particular entity from the subset. The search results may be evaluated based on a triggering condition corresponding to the statistical baseline. When the triggering condition is met, a risk score for the particular entity may be updated. The updated risk score may be displayed to a user via a graphical user interface (GUI).
-
公开(公告)号:US09836598B2
公开(公告)日:2017-12-05
申请号:US14691535
申请日:2015-04-20
Applicant: Splunk Inc.
Inventor: Ravi Iyer , Devendra Badhani , Vijay Chauhan
CPC classification number: G06F21/552 , G06F21/566 , G06Q10/00
Abstract: Systems and methods are disclosed for associating an entity with a risk score that may indicate a security threat associated with the entity's activity. An exemplary method may involve monitoring the activity of a subset of the set of entities (e.g., entities included in a watch list) by executing a search query against events indicating the activity of the subset of entities. The events may be associated with timestamps and may include machine data. Executing the search query may produce search results that pertain to activity of a particular entity from the subset. The search results may be evaluated based on a triggering condition corresponding to the statistical baseline. When the triggering condition is met, a risk score for the particular entity may be updated. The updated risk score may be displayed to a user via a graphical user interface (GUI).
-
公开(公告)号:US20160306965A1
公开(公告)日:2016-10-20
申请号:US14691535
申请日:2015-04-20
Applicant: Splunk Inc.
Inventor: Ravi Iyer , Devendra Badhani , Vijay Chauhan
CPC classification number: G06F21/552 , G06F21/566 , G06Q10/00
Abstract: Systems and methods are disclosed for associating an entity with a risk score that may indicate a security threat associated with the entity's activity. An exemplary method may involve monitoring the activity of a subset of the set of entities (e.g., entities included in a watch list) by executing a search query against events indicating the activity of the subset of entities. The events may be associated with timestamps and may include machine data. Executing the search query may produce search results that pertain to activity of a particular entity from the subset. The search results may be evaluated based on a triggering condition corresponding to the statistical baseline. When the triggering condition is met, a risk score for the particular entity may be updated. The updated risk score may be displayed to a user via a graphical user interface (GUI).
Abstract translation: 公开了系统和方法用于将实体与可能指示与实体的活动相关联的安全威胁的风险评分相关联。 示例性方法可以包括通过针对指示实体子集的活动的事件执行搜索查询来监视该组实体(例如,观察列表中包括的实体)的子集的活动。 这些事件可能与时间戳相关联,并且可能包括机器数据。 执行搜索查询可以产生与该子集相关的特定实体的活动的搜索结果。 可以基于与统计基线对应的触发条件来评估搜索结果。 当满足触发条件时,可以更新特定实体的风险分数。 可以经由图形用户界面(GUI)向用户显示更新的风险分数。
-
-
-
-
Search Results
5
records
(took 0.017 seconds)
