Systems and Methods of Network Security and Threat Management
First Claim
1. A system of managing security threats in a network, the system comprising:
- a detection module to collect information associated with binary network packet data; and
a correlation module to analyze the collected information from the detection module, to identify potential security threats to the network, and to update subordinate applications with information related to the potential security threats.
13 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure generally provides systems and methods of network security and threat management. An exemplary system includes detection and prevention modules (DPM) designed specifically to collect and transmit suspicious binary network packet data. The collected network packets are sent to a behavioral correlation module to perform automatic behavioral correlation: (1) within each DPM, (2) across all DPMs installed on a network, and (3) across all DPMs installed on all networks. The results of the behavioral correlation are sent to a security dashboard module (SDM), which generally acts as a fully integrated Security Event Management system and collects, correlates, and prioritizes global network alerts, local network alerts, posted vendor alerts, and detected network vulnerabilities with enterprise assets. The SDM could display the results in a user-friendly graphical user interface and has the ability to perform geographic mapping of externally generated threats.
120 Citations
20 Claims
-
1. A system of managing security threats in a network, the system comprising:
-
a detection module to collect information associated with binary network packet data; and a correlation module to analyze the collected information from the detection module, to identify potential security threats to the network, and to update subordinate applications with information related to the potential security threats. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of managing security threats in a network, the method comprising:
-
collecting binary network packet data information related to network traffic; comparing any known security threats to the security of the network with the binary network packet data information; and if the comparison is successful, generating a prioritized alert and updating subordinate applications with information associated with the binary network packet data and the prioritized alert. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A multi-network security system comprising:
-
a first detection module to collect information associated with incoming binary network packet data from a first network; a second detection module associated with a second network to collect information associated with incoming binary network packet data from the second network; a correlation module configured to analyze behavioral patterns related to potential security threats from the incoming binary network packet data from the first network and the second network; a remote database to store information associated with the analysis of the behavioral patterns; and a terminal to display information associated with the potential security threats in real-time. - View Dependent Claims (17, 18, 19, 20)
-
Specification