ANOMALOUS ACTIVITY DETECTION
First Claim
1. A tangible computer-readable medium comprising computer-executable instructions that when executed by a processor cause a system to perform:
- receiving an indication relating to a plurality of controls being monitored in relation to activity events of a plurality of user accounts;
organizing at least a portion of the plurality of user accounts into a group based upon information relating to the user accounts;
receiving identification information associated with a responsible account that is responsible for a plurality of user accounts;
receiving instructions from a responsible account associated with the monitoring of thresholds for at least a portion of the controls being monitored; and
applying the instructions to at least one group of user accounts to create a dynamic security policy.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosure addresses the detection of anomalous activity. Some embodiments are directed towards a system for receiving an indication relating to a plurality of controls, identification information associated with a responsible account, and instructions from a responsible account associated with the monitoring of thresholds of controls being monitored. The plurality of user account may be organized into groups based upon information relating to the user accounts, and instructions may be applied to the groups to create a dynamic security policy.
-
Citations
20 Claims
-
1. A tangible computer-readable medium comprising computer-executable instructions that when executed by a processor cause a system to perform:
-
receiving an indication relating to a plurality of controls being monitored in relation to activity events of a plurality of user accounts; organizing at least a portion of the plurality of user accounts into a group based upon information relating to the user accounts; receiving identification information associated with a responsible account that is responsible for a plurality of user accounts; receiving instructions from a responsible account associated with the monitoring of thresholds for at least a portion of the controls being monitored; and applying the instructions to at least one group of user accounts to create a dynamic security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system comprising:
a processor in operative communication with at least one memory comprising; a staging module configured to receive from multiple data feeds, information regarding a plurality of activity events associated with a least one user account from a plurality of user accounts and conducted during a first time period; an identification module configured to; identify information relating to the plurality of user accounts; organize at least a portion of the plurality of user accounts into a group based upon information relating to the user accounts; and receive identification information associated with a responsible account that is responsible for a plurality of user accounts; and an output report feeds processing engine configured to store an output of a reports analysis engine. - View Dependent Claims (13, 14, 15, 16, 17)
-
18. A method performed at a staging apparatus, the method comprising:
-
receiving, at an electronic processor of the staging apparatus, an indication relating to a plurality of controls being monitored in relation to activity events of a plurality of user accounts; organizing, using the processor, at least a portion of the plurality of user accounts into a group based upon information relating to the user accounts; receiving, at the processor, identification information associated with a responsible account that is responsible for a plurality of user accounts; receiving, at the processor, instructions from a responsible account associated with the monitoring of thresholds for at least a portion of the controls being monitored; and applying, using the processor, the instructions to at least one group of user accounts to create a dynamic security policy. - View Dependent Claims (19, 20)
-
Specification