Using a security analytics map to perform forensic analytics
US11902295B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 31, 2020 |
| Grant date | Feb 13, 2024 |
| Priority date | — |
| Expiry date | Oct 5, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes monitoring a plurality of electronically-observable actions of a first entity, the plurality of electronically-observable actions of the first entity corresponding to a respective first plurality of events enacted by the first entity; monitoring a plurality of electronically-observable actions of a second entity, the plurality of electronically-observable actions of the second entity corresponding to a respective second plurality of events enacted by the second entity; determining whether a first event of the respective first plurality of events and a second event of the respective second plurality of events comprise an entity interaction between the first entity and the second entity; generating an entity interaction map, the entity interaction map providing a representation of the entity interaction between the first entity and the second entity; and, using the entity interaction map to perform a forensics analysis.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.