Systems and methods for network flow remediation based on risk correlation
US9027125B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 27, 2012 |
| Grant date | May 5, 2015 |
| Priority date | — |
| Expiry date | Sep 2, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Instrumented networks and platforms having target subjects (devices, transactions, services, users, organizations) are disclosed. A security orchestration service generates runtime operational integrity profiles representing and identifying a level of threat or contextual trustworthiness, at near real time, of subjects and applications on the instrumented target platform. Methods and systems are disclosed for network flow and device/platform remediation in response to reconnaissance-based intelligence correlation based on network monitoring, to accomplish network flow remediation and device/platform remediation. In an embodiment, a system receives system warnings and endpoint threat intelligence. The system correlates risk based on inputs from sensory inputs that monitor network activity, system configuration, resource utilization, and device integrity. The system then performs a calculus of risk on a global security context including endpoint assessment reports and sends system warnings based upon the endpoint threat intelligence. The system includes a remediation engine for receiving real time directives to control the device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.