×

Management of security actions based on computing asset classification

  • US 10,063,587 B2
  • Filed: 12/02/2015
  • Issued: 08/28/2018
  • Est. Priority Date: 12/03/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method of operating an advisement system to respond to security threats in a computing environment, the method comprising:

  • identifying a security threat for an asset in the computing environment, wherein the asset comprises one of a virtual or physical computing element;

    obtaining supplemental information related to the security threat from one or more websites and/or databases;

    in response to identifying the security threat, identifying one or more classifications for the asset in relation to other assets within the computing environment, wherein a classification of the one or more classifications comprising one of a consumer classification or a provider classification based on incoming and outgoing connections of the asset prior to the identification of the security threat is determined by;

    determining a ratio of incoming connections to outgoing connections for the asset at a time prior to the security threat;

    when the ratio indicates a greater number of incoming connections in comparison to outgoing connections, classifying the asset as a consumer classification; and

    when the ratio indicates a lesser number of incoming connections in comparison to outgoing connections, classifying the asset as a provider classification;

    identifying a criticality rating for the asset;

    determining a rule set for the security threat based on the one or more classifications for the asset, the criticality rating for the asset, and the supplemental information, wherein the rule set defines a response to the security threat, the response comprising an automated action for implementation in the asset; and

    initiating the response to the security threat based on the rule set.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×