Human-assisted entity mapping
First Claim
1. A method comprising:
- generating a map between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets, at least part of the generating of the map being done automatically;
enabling a user to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities; and
invoking external crowd-sourced services to aid in generating the map.
3 Assignments
0 Petitions
Accused Products
Abstract
Among other things, traces are received of activities of an online user who is associated with an entity. By analysis of the traces a security state of the entity is inferred. Also, a map is generated between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets. At least part of the generating of the map is done automatically. A user can be engaged to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities.
53 Citations
22 Claims
-
1. A method comprising:
-
generating a map between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets, at least part of the generating of the map being done automatically; enabling a user to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities; and invoking external crowd-sourced services to aid in generating the map.
-
-
2. A method comprising:
-
generating a map between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets, at least part of the generating of the map being done automatically; enabling a user to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities; and enabling a separate review and approval of entities proposed to be included in the map.
-
-
3. A method comprising:
-
generating a map between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets, at least part of the generating of the map being done automatically; enabling a user to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities; and providing the map to an application for joining to event data or scoring a security state of the entities.
-
-
4. A method comprising:
-
generating graphs of relationships among entities based on their association with technical assets; generating a map between (a) technical assets that contribute to security characteristics of respective entities and (b) the identities of the entities that are associated with the respective technical assets, at least part of the generating of the map being done automatically; and enabling a user to assist in the generating of the map by presenting to the user through a user interface (a) data about the technical assets of entities and (b) an interactive tool for associating the technical assets with the identities of the entities. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. The method 18 wherein sending the first passive DNS query to identify first name servers for the first domain name comprises:
sending, by the analysis system to a DNS server, the first passive DNS query to identify first name servers for the first domain name. - View Dependent Claims (20, 21, 22)
Specification