Patent · US Active

Enterprise graph method of threat detection

US10771492B2 · kind B2 · utility

32Cited by

17References

18Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Efim Hudis · Bellevue, US
Michal Braverman-Blumenstyk · Hod HaSharon, IL
Daniel Alon · Even Yehuda, IL
Hani Hana Neuvirth · Redmond, US
Royi Ronen · Nes Ziona, IL
Yuri Gurevich · Edmonds, US

Key dates

Filing date	Sep 22, 2016
Grant date	Sep 8, 2020
Priority date	—
Expiry date	Mar 28, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1408
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Systems and methods for analyzing security alerts within an enterprise are provided. An enterprise graph is generated based on information such as operational intelligence regarding the enterprise. The enterprise graph identifies relationships between entities of the enterprise and a plurality of security alerts are produced by a plurality of security components of the enterprise. One or more significant relationships are identified between two or more of the plurality of security alerts based on a strength of a relationship identified in the enterprise graph. A significant relationship is utilized to identify a potential security incident between two or more of the security alerts.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.