Distributed detection of security threats in a remote network management platform
US11240271B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 14, 2018 |
| Grant date | Feb 1, 2022 |
| Priority date | — |
| Expiry date | Jun 28, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N20/10
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system may include a plurality of computational instances dedicated to different managed networks and a central instance communicatively coupled to the plurality of computational instances. A first computing device disposed within a first computational instance may be configured to: obtain a profile of a software application operational within a first managed network to which the first computational instance is dedicated, calculate a threat level of the software application based on the profile, determine that the threat level exceeds a pre-determined threshold, and transmit, to the central instance, an indication that the threat level exceeds the pre-determined threshold. A second computing device disposed within the central instance may be configured to: receive the indication, determine that the software application is also operational within a second managed network to which a second computational instance, and transmit, to the second computational instance, an indication that the threat level exceeds the pre-determined threshold.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.