ANALYTICS ENGINE
First Claim
1. A method implemented at least in part by a computer, the method comprising:
- receiving an indication that input data related to security has been received at a sensor;
executing the sensor, the sensor producing output data based on the input data;
providing the output data to a rule; and
evaluating the rule to produce a candidate assessment regarding security of a computer-related asset.
2 Assignments
0 Petitions
Accused Products
Abstract
Aspects of the subject matter described herein relate to a mechanism for assessing security. In aspects, an analytics engine is provided that manages execution, information storage, and data passing between various components of a security system. When data is available for analysis, the analytics engine determines which security components to execute and the order in which to execute the security components, where in some instances two or more components may be executed in parallel. The analytics engine then executes the components in the order determined and passes output from component to component as dictated by dependencies between the components. This is repeated until a security assessment is generated or updated. The analytics engine simplifies the work of creating and integrating various security components.
-
Citations
20 Claims
-
1. A method implemented at least in part by a computer, the method comprising:
-
receiving an indication that input data related to security has been received at a sensor; executing the sensor, the sensor producing output data based on the input data; providing the output data to a rule; and evaluating the rule to produce a candidate assessment regarding security of a computer-related asset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer storage medium having computer-executable instructions, which when executed perform actions, comprising:
-
receiving dependency data that indicates dependencies among security components, a security component having a dependency on another security component if the security component uses output data generated by the other security component; receiving an indication that one of the security components has received data; based at least in part on the dependency data, determining a set of the security components to execute and an order in which to execute the security components of the set; and providing output data from a first security component of the set to one or more other security components of the set that depend on the first security component. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. In a computing environment, an apparatus, comprising:
-
a sensor operable to receive input data related to computer security and to provide output data in response thereto; a rule component operable to receive the output data and to generate a candidate assessment based at least in part on the output data; a consolidator operable to determine a second assessment based at least in part on the candidate assessment; and a realizer operable to publish the public assessment to an assessments store. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification