-
公开(公告)号:US20240020381A1
公开(公告)日:2024-01-18
申请号:US17867478
申请日:2022-07-18
Applicant: VMware, Inc.
Inventor: Alexander Julian THOMAS , Taruj GOYAL , Xiaosheng WU , Deepak Chowdary METTEM , Anjali MANGAL , Amit CHOPRA
CPC classification number: G06F21/552 , G06F21/53 , G06F2221/031
Abstract: An example method of classifying alerts generated by endpoints in a virtualized computing system includes: receiving, at an alert processing engine executing in the virtualized computing system, a stream of the alerts generated by security agents executing in the endpoints; extracting fields from the alerts at the alert processing engine; computing, at the alert processing engine, features from the alerts based on the fields; computing, at the alert processing engine, a plurality of model scores for each alert using the features as parametric input to a plurality of models; aggregating, by the alert processing engine, the plurality of model scores into a final score for each alert; and annotating each of the alerts with a respective final score.
Search Results
1
records
(took 0.009 seconds)
