Patent · US Active

Classification of cyber-alerts into security incidents

US11509680B2 · kind B2 · utility

2Cited by

46References

17Claims

0Family size

Assignee

PALO ALTO NETWORKS (ISRAEL ANALYTICS) LTD. · IL

Inventors

Gal Steimberg · Tel Aviv-Yafo, IL
Dan Cohen · Mountain View, US
Itay Katz · Nes Ziona, IL
Matan Weigert · Tel Aviv-Yafo, IL

Key dates

Filing date	Sep 30, 2020
Grant date	Nov 22, 2022
Priority date	—
Expiry date	Jan 19, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods, apparatuses and computer program products that implement embodiments of the present invention for protecting a computer network, include receiving, in a security server, alerts of multiple different types, indicative of potentially malicious activity in the network, that are detected by multiple different protection appliances deployed in the network. The alerts in the security server are correlated so as to identify a first alert of a first type from a first protection appliance in the network and a second alert of a second type, different from the first type from a second protection appliance in the network that are together indicative of a single attack on the network. Finally, a consolidated alert is issued responsively to the attack.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.