Geo-mapping system security events
First Claim
1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- identifying a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system;
identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device;
identifying a source of the particular security event, wherein the source is associated with at least one second computing device;
associating the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and
generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including;
a geographical map background element representing geographic locations;
a plurality of graphical background elements representing each of the plurality of asset groupings, wherein each of the plurality of graphical background elements are to be presented outside the geographical map in the graphical representation;
a first graphical element representing the particular computing device, wherein the first graphical element is overlaid on a particular one of the graphical background elements to represent the particular computing device as included in the particular grouping of assets, anda second graphical element representing the source, wherein the second graphical element is overlaid on one of the geographical map background element or one of the plurality of graphical elements to respectively represent the source as associated with the geographic location or one of the groupings of assets included in the plurality of asset groupings.
9 Assignments
0 Petitions
Accused Products
Abstract
A particular security event is identified that has been detected as targeting a particular computing device included in a particular computing system. A particular grouping of assets in a plurality of asset groupings within the particular computing system is identified as including the particular computing device. A source of the particular security event is also identified and at least one of a geographic location and a grouping of assets in the plurality of asset groupings is associated with the identified source. Data is generated that is adapted to cause a presentation of a graphical representation of the particular security event on a display device, the graphical representation including a first graphical element representing the particular computing device as included in the particular grouping of assets and a second graphical element representing the source associated with the at least one of a geographic location and a grouping of assets.
26 Citations
20 Claims
-
1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
identifying a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system; identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; identifying a source of the particular security event, wherein the source is associated with at least one second computing device; associating the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including; a geographical map background element representing geographic locations; a plurality of graphical background elements representing each of the plurality of asset groupings, wherein each of the plurality of graphical background elements are to be presented outside the geographical map in the graphical representation; a first graphical element representing the particular computing device, wherein the first graphical element is overlaid on a particular one of the graphical background elements to represent the particular computing device as included in the particular grouping of assets, and a second graphical element representing the source, wherein the second graphical element is overlaid on one of the geographical map background element or one of the plurality of graphical elements to respectively represent the source as associated with the geographic location or one of the groupings of assets included in the plurality of asset groupings. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
identifying a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system; identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; identifying a source of the particular security event, wherein the source is associated with at least one second computing device; associating the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including; a geographical map background element representing geographic locations; a plurality of graphical background elements representing each of the plurality of asset groupings, wherein each of the plurality of graphical background elements are to be presented outside the geographical map in the graphical representation; a first graphical element representing the particular computing device, wherein the first graphical element is overlaid on a particular one of the graphical background elements to represent the particular computing device as included in the particular grouping of assets, and a second graphical element representing the source, wherein the second graphical element is overlaid on one of the geographical map background element or one of the plurality of graphical elements to respectively represent the source as associated with the geographic location or one of the groupings of assets included in the plurality of asset groupings.
-
-
20. A system comprising:
-
at least one processor device; at least one memory element; and a geo-mapping engine, adapted when executed by the at least one processor device to; identify a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system; identify a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; identify a source of the particular security event, wherein the source is associated with at least one second computing device; associate the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and generate data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including; a geographical map background element representing geographic locations; a plurality of graphical background elements representing each of the plurality of asset groupings, wherein each of the plurality of graphical background elements are to be presented outside the geographical map in the graphical representation; a first graphical element representing the particular computing device, wherein the first graphical element is overlaid on a particular one of the graphical background elements to represent the particular computing device as included in the particular grouping of assets, and a second graphical element representing the source, wherein the second graphical element is overlaid on one of the geographical map background element or one of the plurality of graphical elements to respectively represent the source as associated with the geographic location or one of the groupings of assets included in the plurality of asset groupings.
-
Specification