Systems and methods for predicting security incidents triggered by security software

Assignee

• Symantec Corporation · US

Inventors

• Shang-Tse Chen · Atlanta, US
• Chris Gates · Santa Monica, US
• Yufei Han · Antibes, FR
• Michael Hart · Farmington, US
• Kevin Roundy · El Segundo, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/552
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A computer-implemented method for predicting security incidents triggered by security software may include (i) collecting, by a computing device, telemetry data from a set of security products deployed by a set of client machines, (ii) identifying, by the computing device, a selected security product within the set of security products that is missing telemetry data for a target client machine, (iii) building a classifier, by the computing device using the telemetry data, that predicts information about security incidents triggered by the selected security product, (iv) determining, by the computing device and based on the classifier, that the selected security product triggers a new security incident on the target client machine, and (v) performing a security action, by the computing device, to secure the target client machine against the new security incident. Various other methods, systems, and computer-readable media are also disclosed.