Patent · US Active

Cost prioritized evaluations of indicators of compromise

US10372904B2 · kind B2 · utility

25Cited by

32References

36Claims

0Family size

Assignee

Tanium Inc. · US

Inventors

Christian L. Hunt · Cary, US
Thomas R. Gissel · Apex, US
Thomas Warren Savage · San Jose, US

Key dates

Filing date	Jul 20, 2016
Grant date	Aug 6, 2019
Priority date	—
Expiry date	May 10, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for evaluating indicators of compromise (IOCs) is performed at a device having one or more processors and memory. The method includes receiving respective specifications of a plurality of IOCs, wherein the respective specifications of each IOC of the plurality of IOCs includes a respective cost associated with evaluating the IOC. The method further includes dynamically determining an order for evaluating the plurality of IOCs based on the respective costs associated with the plurality of IOCs, and determining whether a threat is present based on results for evaluating one or more of the plurality of IOCs in accordance with the dynamically determined order, instead of an order by which the plurality of IOCs have been received at the device.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.