System and method for verifying a cyberthreat
US10701091B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 23, 2018 |
| Grant date | Jun 30, 2020 |
| Priority date | — |
| Expiry date | Jul 23, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1408
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computerized method to identify potentially malicious code in a network is described. Herein, information associated with a threat is analyzed to yield intelligence that includes instructions or indicators related to the threat. Based on the intelligence, a determination is made as to an endpoint device, which includes an endpoint agent, is to (i) receive at least one of the instructions or the indicators, (ii) conduct an examination of memory of the endpoint device for data corresponding to any of the instructions or the indicators, and (iii) obtain results of the examination. Verification information, including at least a portion of the results of the examination by the endpoint device and an identifier for the endpoint device, is gathered and correlated to determine whether such information corresponds to a verified threat. Thereafter, a notification, including a portion of the verification information, is sent to identify the verified threat.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.