Automated mitigation of electronic message based security threats
US10158677B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 29, 2018 |
| Grant date | Dec 18, 2018 |
| Priority date | — |
| Expiry date | Mar 29, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L51/08
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An example embodiment may include a security enforcement point device disposed within a managed network and a security decision point device disposed within a computational instance of a remote network management platform. The security decision point device may be configured to: receive a message by way of the managed network; parse the message to identify observable indicators of one or more of the security threats, where the observable indicators include at least one of a network addresses, a hyperlink, or a representation of an attached file; remotely query a security threat database for the observable indicators; receive, from the security threat database, an indication that the observable indicators are associated with a particular security threat, and transmit, to the security enforcement point device, a command to update its associated security policy such that the particular security threat is mitigated.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.