Assigning workflow network security investigation actions to investigation timelines
US11132111B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 31, 2019 |
| Grant date | Sep 28, 2021 |
| Priority date | — |
| Expiry date | Mar 18, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1425
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Techniques and mechanisms are disclosed that enable network security analysts and other users to efficiently conduct network security investigations and to produce useful representations of investigation results. As used herein, a network security investigation generally refers to an analysis by an analyst (or team of analysts) of one or more detected network events that may pose internal and/or external threats to a computer network under management. A network security application provides various interfaces that enable users to create investigation timelines, where the investigation timelines display a collection of events related to a particular network security investigation. A network security application further provides functionality to monitor and log user interactions with the network security application, where particular logged user interactions may also be added to one or more investigation timelines.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.