×

System and method for verifying a cyberthreat

  • US 10,701,091 B1
  • Filed: 07/23/2018
  • Issued: 06/30/2020
  • Est. Priority Date: 03/15/2013
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method to identify potentially malicious code in a network, the method comprising:

  • analyzing information within a report associated with one or more threats resulting from a prior analysis of a portion of network data received over a network to yield intelligence that includes at least one of instructions or indicators related to the identified one or more threats and determining, based on the intelligence yielded from the information within the report, an endpoint device including an endpoint agent that is to (i) receive at least one of the instructions or the indicators, (ii) conduct an examination of memory of the endpoint device for data corresponding to any of the instructions or the indicators, and (iii) obtain results of the examination;

    gathering and correlating verification information with information gathered from one or more sources to determine whether the verification information corresponds to a verified threat, the verification information includes at least a portion of the results of the examination by the endpoint device and an identifier for the endpoint device; and

    sending a notification including a portion of the verification information to identify the verified threat.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×