×

Security alerting system with network blockade policy based on alert transmission activity

  • US 10,104,104 B1
  • Filed: 06/20/2013
  • Issued: 10/16/2018
  • Est. Priority Date: 06/29/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method performed by a server that is part of a network for processing alert messages from a Security Alerting System executing on a host indicating a potential compromise of a protected resource, comprising:

  • determining if a number of buffer contents comprising said alert messages received from said host within a predefined time interval satisfies a predefined criteria, wherein said alert messages are generated by said Security Alerting System, wherein said number comprises only valid buffer contents received from said host;

    determining whether said received buffer content comprises a replayed buffer content;

    triggering, by said server, in response to said number of buffer contents comprising said alert messages received from said host within said predefined time interval failing to satisfy said predefined criteria, a blocking of access of said host to services of said network except for communications of said Security Alerting System executing on said host with said server; and

    restoring said blocked access of said host to said network when a valid buffer content is received from said host.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×