Threat intelligence system and method
First Claim
Patent Images
1. A computer-implemented method, executed on a computing device, comprising:
- importing threat data from a plurality of threat data sources, thus generating a plurality of raw threat data definitions, wherein the plurality of threat data sources includes social network trader sources, wherein importing threat data from a plurality of threat data sources includes defining a list of specific keywords and searching the social network trader sources for the specific keywords, wherein the list of keywords concern one or more of a specific type of attack, a specific company/organization targeted for an attack, and a specific known hacker;
processing the plurality of raw threat data definitions, thus generating a plurality of processed threat data definitions, wherein the plurality of raw threat data definitions include a plurality of data pieces with one or more of an age level and a trust level;
processing the plurality of processed threat data definitions to form a master threat data definition; and
providing the master threat data definition to one or more client electronic devices to enable the one or more client electronic devices to detect one or more threats, wherein providing the master threat data definition to one or more client electronic devices includes automatically providing at least a portion of the master threat data definition to the one or more client electronic devices using an Extract, Transform, Load (ETL) script.
4 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method, computer program product and computing system for importing threat data from a plurality of threat data sources, thus generating a plurality of raw threat data definitions. The plurality of raw threat data definitions are processed, thus generating a plurality of processed threat data definitions. The plurality of processed threat data definitions are processed to form a master threat data definition. The master threat data definition is provided to one or more client electronic devices.
-
Citations
18 Claims
-
1. A computer-implemented method, executed on a computing device, comprising:
-
importing threat data from a plurality of threat data sources, thus generating a plurality of raw threat data definitions, wherein the plurality of threat data sources includes social network trader sources, wherein importing threat data from a plurality of threat data sources includes defining a list of specific keywords and searching the social network trader sources for the specific keywords, wherein the list of keywords concern one or more of a specific type of attack, a specific company/organization targeted for an attack, and a specific known hacker; processing the plurality of raw threat data definitions, thus generating a plurality of processed threat data definitions, wherein the plurality of raw threat data definitions include a plurality of data pieces with one or more of an age level and a trust level; processing the plurality of processed threat data definitions to form a master threat data definition; and providing the master threat data definition to one or more client electronic devices to enable the one or more client electronic devices to detect one or more threats, wherein providing the master threat data definition to one or more client electronic devices includes automatically providing at least a portion of the master threat data definition to the one or more client electronic devices using an Extract, Transform, Load (ETL) script. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product residing on a non-transitory computer readable medium having a plurality of instructions stored thereon which, when executed by a processor, cause the processor to perform operations comprising:
-
importing threat data from a plurality of threat data sources, thus generating a plurality of raw threat data definitions, wherein the plurality of threat data sources includes social network trader sources, wherein importing threat data from a plurality of threat data sources includes defining a list of specific keywords and searching the social network trader sources for the specific keywords, wherein the list of keywords concern one or more of a specific type of attack, a specific company/organization targeted for an attack, and a specific known hacker; processing the plurality of raw threat data definitions, thus generating a plurality of processed threat data definitions, wherein the plurality of raw threat data definitions include a plurality of data pieces with one or more of an age level and a trust level; processing the plurality of processed threat data definitions to form a master threat data definition; and providing the master threat data definition to one or more client electronic devices to enable the one or more client electronic devices to detect one or more threats, wherein providing the master threat data definition to one or more client electronic devices includes automatically providing at least a portion of the master threat data definition to the one or more client electronic devices using an Extract, Transform, Load (ETL) script. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computing system including a processor and memory configured to perform operations comprising:
-
importing threat data from a plurality of threat data sources, thus generating a plurality of raw threat data definitions, wherein the plurality of threat data sources includes social network trader sources, wherein importing threat data from a plurality of threat data sources includes defining a list of specific keywords and searching the social network trader sources for the specific keywords, wherein the list of keywords concern one or more of a specific type of attack, a specific company/organization targeted for an attack, and a specific known hacker; processing the plurality of raw threat data definitions, thus generating a plurality of processed threat data definitions, wherein the plurality of raw threat data definitions include a plurality of data pieces with one or more of an age level and a trust level; processing the plurality of processed threat data definitions to form a master threat data definition; and providing the master threat data definition to one or more client electronic devices to enable the one or more client electronic devices to detect one or more threats, wherein providing the master threat data definition to one or more client electronic devices includes automatically providing at least a portion of the master threat data definition to the one or more client electronic devices using an Extract, Transform, Load (ETL) script. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification