×

Correlating threat information across multiple levels of distributed computing systems

  • US 10,178,119 B1
  • Filed: 03/30/2016
  • Issued: 01/08/2019
  • Est. Priority Date: 03/30/2016
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • under the control of one or more computer systems configured with executable instructions,prompting a customer for access to a first set of logs generated by a first set of computing resources operated by the customer and provided to the customer by a computing resource service provider, where the first set of logs are generated by a first set of applications executing at an operating system level and above;

    obtaining a second set of logs generated by a second set of computing resources operated by the computing resource service provider, where the second set of logs are generated by a second set of applications executing at a hypervisor level and below;

    generating correlated threat information by at least correlating at least a first portion of the first set of logs and at least a second portion of the second set of logs using a clustering algorithm; and

    providing the correlated threat information to the customer.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×