Security Integration System and Device
First Claim
1. An integration device for exchanging information related to security among different security devices, the device comprising:
- a network interface configured to receive a notification of a security event at a first security device;
a computer memory configured to store a set of rules; and
a processor configured to compare the contents of the notification against the set of rules, select actions to take based on the set of rules at one or more other security devices, establish a connection to the one or more other security devices using the network interface, and take the actions over the connection.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure generally relates to systems and devices that share information related to computer and network security. In an embodiment, an integration device can receive a notification of a security event at a security device. The integration device can compare the contents of the notification against a set of rules, select actions to take based on the set of rules at other security devices, establish a connection to the other security devices, and take the actions over the connection. The integration device can take the actions by sending commands understood by the other security devices over the connection. The other security devices can be of different platforms than the security device or not interoperable with the security device. Additionally, the integration device can receive information related to log entries, security incidents, transaction data, or configuration data, and take actions based on this information at other security devices.
-
Citations
23 Claims
-
1. An integration device for exchanging information related to security among different security devices, the device comprising:
-
a network interface configured to receive a notification of a security event at a first security device; a computer memory configured to store a set of rules; and a processor configured to compare the contents of the notification against the set of rules, select actions to take based on the set of rules at one or more other security devices, establish a connection to the one or more other security devices using the network interface, and take the actions over the connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method of sharing security information among security systems, the method comprising:
-
receiving a message from a security information management system related to a security event at a first security system; parsing contents of the message; and automatically taking an action on a second security system based on the contents of the message; - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A computer readable medium having stored thereon computer executable components, the medium comprising:
-
a rules engine that receives a notification including information related to a security event at a security device, matches the security event against one or more rules, and identifies actions to take at one or more different security devices when the security event matches the one or more rules; and an action engine that takes the actions on the one or more different security devices. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification