×

System and method of protecting client computers

  • US 10,572,662 B2
  • Filed: 11/09/2018
  • Issued: 02/25/2020
  • Est. Priority Date: 11/13/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method for threat detection and response, the method comprising:

  • receiving, by a threat response computer from a threat detector running on a client computer in an enterprise computing network wherein the client computer is separate from the threat response computer, an event report identifying a suspicious communication over a network between the client computer and a network device other than the client computer;

    automatically remotely activating, by the threat response computer, a data collector on the client computer, the data collector configured for searching potential indications of compromise (IOCs) on the client computer and sending data identifying the potential IOCs to the threat response computer for evaluation;

    receiving, by the threat response computer from the data collector, the data identifying the potential IOCs on the client computer;

    comparing, by the threat response computer, the potential IOCs on the client computer and IOCs in a database local to the threat response computer;

    based at least in part on the comparing, determining, by the threat response computer, whether the potential IOCs on the client computer indicate evidence of malware on the client computer; and

    responsive to the evidence of malware on the client computer, sending an instruction from the threat response computer to configure a firewall in the enterprise computing network.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×