Apparatus and methods thereof for inspecting events in a computerized environment respective of a unified index for granular access control
US11489850B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 17, 2020 |
| Grant date | Nov 1, 2022 |
| Priority date | — |
| Expiry date | May 6, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An apparatus collects data from a data network for the purpose of detection and interception of security incidents therein. The apparatus identifies at least one event in the data network. The apparatus then inspects the event to identify its properties and metadata associated therewith. Based on the inspection, the apparatus identifies at least a type of the event, an operation and a resource associated with the event, and a device associated with the event. The metadata is the matched to a unified index stored in a database communicatively coupled to the apparatus via a network. Based on the match the apparatus determines whether the event is potentially a security incident. In case a determination of a potential security incident is made, the apparatus queries a set of set of policy rules to determine a type of action required respective of the metadata. The apparatus then performs the required action.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.