Methods, systems and computer program products for monitoring a server application
First Claim
1. A method for monitoring a server application in a computer network, the method comprising:
- (a) monitoring communication data between a server application and a client;
(b) applying at least one detector to the communication data to identify at least one predetermined activity; and
(c) generating a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products are disclosed for monitoring a server application in a computer network. The methods, systems, and computer program products can monitor communication data between a server application and a client. The methods, systems, and computer program products can also include applying one or more detectors to the communication data to identify a variety of predetermined activity. Further, the methods, systems, and computer program products can include generating a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria.
183 Citations
143 Claims
-
1. A method for monitoring a server application in a computer network, the method comprising:
-
(a) monitoring communication data between a server application and a client;
(b) applying at least one detector to the communication data to identify at least one predetermined activity; and
(c) generating a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A system for monitoring a server application in a computer network, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client; and
(b) a detector operable to identify at least one predetermined activity in the monitored communication data, and generate a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring communication data between a server application and a client;
(b) applying at least one detector to the communication data to identify at least one predetermined activity; and
(c) generating a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria. - View Dependent Claims (50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73)
-
-
74. A method for monitoring a server application in a computer network, the method comprising:
-
(a) monitoring communication data between a server application and a client;
(b) applying a plurality of detectors to the communication data, wherein each detector detects different predetermined activity associated with the data communication between the server application and the client;
(c) generating an individual threat score for each detector based upon detection of the predetermined activity by each detector; and
(d) generating an overall threat score for the client by combining the individual threat scores. - View Dependent Claims (75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98)
-
-
99. A system for monitoring a server application in a computer network, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client; and
(b) a plurality of detectors operable to detect different predetermined activity associated with the monitored communication data, generate an individual threat score for each detector based upon detection of the predetermined activity by each detector, and generate an overall threat score for the client by combining the individual threat scores. - View Dependent Claims (100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118)
-
-
119. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring communication data between a server application and a client;
(b) applying a plurality of detectors to the communication data, wherein each detector detects different predetermined activity associated with the data communication between the server application and the client;
(c) generating an individual threat score for each detector based upon detection of the predetermined activity by each detector; and
(d) generating an overall threat score for the client by combining the individual threat scores. - View Dependent Claims (120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143)
-
Specification