INTEGRATING SECURITY POLICY AND EVENT MANAGEMENT
11 Assignments
0 Petitions
Accused Products
Abstract
A plurality of security events is detected in a computing system, each security event based on at least one policy in a plurality of security policies. Respective interactive graphical representations are presented in a graphical user interface (GUI) of either or both of the security events or security policies. The representations include interactive graphical elements representing the respective security events or security policies. User selection of a particular event element via the interactive GUI causes a subset of the security policies to be identified, each security policy in the subset serving as a basis for at least one particular security event represented by the particular event element. User selection of a particular policy element via the interactive GUI causes a subset of the security policies to be identified, each security event in the subset based at least in part on a particular security policy represented by the particular policy element.
-
Citations
42 Claims
-
1-22. -22. (canceled)
-
23. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
identify a plurality of security events detected in a computing system; present a representation of the plurality of security events in an interactive graphical user interface, wherein the representation comprises a plurality of graphical elements, each graphical element represents a respective subset of the plurality of security events corresponding to an intersection of at least two respective event attributes. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A method comprising:
-
identifying a plurality of security events detected in a computing system, wherein each security event in the plurality of security events based on at least one policy in a plurality of security policies defined for the computing system; and presenting a representation of the plurality of security events in an interactive graphical user interface, wherein the representation comprises a plurality of graphical elements, each graphical element represents a respective subset of the plurality of security events corresponding to an intersection of at least two respective event attributes.
-
-
41. A system comprising:
-
at least one processor device; at least one memory element; and a security event user interface engine, comprising logic when executed by the at least one processor device to; identify a plurality of security events detected in a computing system, each security event in the plurality of security events based on at least one policy in a plurality of security policies defined for the computing system; present a representation of the plurality of security events in an interactive graphical user interface, wherein the representation comprises a plurality of graphical elements, each graphical element represents a respective subset of the plurality of security events corresponding to an intersection of at least two respective event attributes. - View Dependent Claims (42)
-
Specification