-
公开(公告)号:US20250133093A1
公开(公告)日:2025-04-24
申请号:US18490643
申请日:2023-10-19
Applicant: VMware, Inc.
Inventor: Jonathan James OLIVER , Raghav BATTA , Ioana Maria ANGHEL
Abstract: A computer system comprises a machine-learning (ML) system at which alerts are received from endpoints, wherein the ML system is configured to: upon receiving a first alert and a second alert, apply an ML model to the first and second alerts; based at least in part on the first alert being determined to belong to a first cluster of the ML system, classify the first alert into one of a plurality of alert groups, wherein alerts classified into a first alert group of the alert groups are assigned a higher priority for security risk evaluation than alerts classified into a second alert group of the alert groups; and based on the second alert being determined to not belong to any cluster of the ML system, analyze a chain of events that triggered the second alert to determine whether there is suspicious activity associated with the second alert.
Search Results
1
records
(took 0.01 seconds)
