Patent · US Active

Determining false positives of file change events detected by file integrity monitoring tools

US12287877B1 · kind B1 · utility

0Cited by

9References

20Claims

0Family size

Assignee

Wells Fargo Bank, N.A. · US

Inventors

Christopher Sean Michael Stamp · Austin, US
Daniel Fricano · San Francisco, US
Kevin Michael Wurzer · San Francisco, US

Key dates

Filing date	Oct 20, 2022
Grant date	Apr 29, 2025
Priority date	—
Expiry date	Jun 30, 2043

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A system comprises a memory and one or more processors in communication with the memory. The one or more processors may be configured to obtain information associated with one or more authorized file changes and store the information associated with one or more authorized file changes in a first index. The processors may be further configured to obtain one or more file change events and enrich the one or more file change events with the information associated with one or more authorized file changes from the first index. The processors may also be configured to store the one or more file change events enriched with the information associated with one or more authorized file changes in a second index, and based on the enriched data stored in the second index, output an indication that the one or more file change events are false positives.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.