Systems and methods for adversary detection and threat hunting
US11748149B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 13, 2022 |
| Grant date | Sep 5, 2023 |
| Priority date | — |
| Expiry date | Sep 13, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45587
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Disclosed herein are embodiments of systems, methods, and products that provide adversary detection and threat hunting. A server may comprise a user side virtual machine facing the cyber protection users, a collection virtual machine facing the at-risk network, and a data repository. The server may receive user requests requesting status data from the at-risk network via the user side virtual machine. The server may collect status data from the at-risk network via the collection virtual machine and store the collected data into the data repository. Different users may request duplicate information from the at-risk network. The server may retrieve the requested information from the data repository for duplicate requests and return the responses immediately for such requests. Because the server does not query the at-risk network for duplicate requests, the server may reduce the amount of bandwidth needed to acquire and distribute the requested information.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.