Endpoint detection and response system with endpoint-based artifact storage
US11528282B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 23, 2020 |
| Grant date | Dec 13, 2022 |
| Priority date | — |
| Expiry date | Sep 23, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/31
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Each of a plurality of endpoint computer systems monitors data relating to a plurality of events occurring within an operating environment of the corresponding endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer systems Thereafter, for each endpoint computer system, artifacts used in connection with the events are stored in a vault maintained on such endpoint computer system. A query is later received by at least a subset of the plurality of endpoint computer systems from a server. Such endpoint computer systems, in response, identify and retrieve artifacts within the corresponding vaults response to the query. Results responsive to the query including or characterizing the identified artifacts is then provided by the endpoint computer systems receiving the query to the server.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.