Distribution of security rules among sensor computers

Assignee

• Area 1 Security, Inc. · US

Inventors

• Chiraag Aval · Menlo Park, US
• Sandeep Mandala · Fremont, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/146
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods for generating rules in a networking environment having one or more sensor computers logically connected to compromised computers are provided. The rules comprise detection data used by a sensor computer to detect a potential security threat and a specified remediation measure that is caused to be performed when the security threat is detected. A security control computer generates the rules from record of series of actions created by the sensor computer, generates a rule, and distributes the rule to the sensor computers. The sensor computers periodically poll a central database for new rules and store a copy of each rule locally. Using the locally stored rules, the sensor computers can more efficiently and accurately respond to security threats.