Patent · US Active

Data augmentation for threat investigation in an enterprise network

US12026276B2 · kind B2 · utility

1Cited by

15References

20Claims

0Family size

Assignee

Sophos Limited · GB

Inventors

Kenneth D. Ray · Seattle, US
Andrew J. Thomas · Woodstock, GB
Karl Ackerman · Topsfield, US

Key dates

Filing date	Jun 9, 2021
Grant date	Jul 2, 2024
Priority date	—
Expiry date	Jun 9, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

An endpoint in an enterprise network is instrumented with sensors to detect security-related events occurring on the endpoint. Event data from these sensors is augmented with contextual information about, e.g., a source of each event in order to facilitate improved correlation, analysis, and visualization at a threat management facility for the enterprise network.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.