COLLABORATIVE SYSTEM FOR CYBER SECURITY ANALYSIS
First Claim
1. A method for collaborative evaluation of cyber security threats, the method comprising:
- receiving information associated with a cyber activity that is indicative of a potential cyber attack;
processing the information at a first server of a collaborative cyber analysis system to at least incorporate share restriction rules with the information, the share restriction rules including one or more of;
rules based on specific regulations promulgated by a government or an international organization, rules based on a enterprise policy or rules that are set by a user of collaborative cyber analysis system that are specific to the information; and
transmitting, to at least a second server of the collaborative cyber analysis system, one or more of;
(a) the information associated with the cyber activity, (b) an enhanced information related to identification or mitigation of the potential cyber security attack, or (c) a cyber security countermeasure, wherein the at least second server is allowed to access at least a portion of the one or more of the information associated with the cyber activity, the enhanced information, or the cyber security countermeasure subject to the share restriction rules.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, devices and computer program products provide a multi-user collaborative environment for malware and security threat analyses and mitigation. One methodology for collaborative evaluation of cyber security threats includes receiving information associated with a cyber activity that is indicative of a potential cyber attack, and processing the information at a first server of the collaborative cyber analysis system to incorporate share restriction rules that include rules based on specific regulations promulgated by a government or an international organization, rules based on a enterprise policy or rules that are set by a user that are specific to the information. The processed information is then transmitted to a second server of the collaborative cyber analysis system, where the second server is allowed to access at least a portion of the information associated with the cyber activity, the enhanced information, or the cyber security countermeasure subject to the share restriction rules.
-
Citations
58 Claims
-
1. A method for collaborative evaluation of cyber security threats, the method comprising:
-
receiving information associated with a cyber activity that is indicative of a potential cyber attack; processing the information at a first server of a collaborative cyber analysis system to at least incorporate share restriction rules with the information, the share restriction rules including one or more of;
rules based on specific regulations promulgated by a government or an international organization, rules based on a enterprise policy or rules that are set by a user of collaborative cyber analysis system that are specific to the information; andtransmitting, to at least a second server of the collaborative cyber analysis system, one or more of;
(a) the information associated with the cyber activity, (b) an enhanced information related to identification or mitigation of the potential cyber security attack, or (c) a cyber security countermeasure, wherein the at least second server is allowed to access at least a portion of the one or more of the information associated with the cyber activity, the enhanced information, or the cyber security countermeasure subject to the share restriction rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A computer program product, stored on one or more non-transitory computer readable media, comprising:
-
program code for receiving information associated with a cyber activity that is indicative of a potential cyber attack; program code for processing the information at a first server of a collaborative cyber analysis system to at least incorporate share restriction rules with the information, the share restriction rules including one or more of;
rules based on specific regulations promulgated by a government or an international organization, rules based on a enterprise policy or rules that are set by a user of collaborative cyber analysis system that are specific to the information; andprogram code for transmitting, to at least a second server of the collaborative cyber analysis system, one or more of;
(a) the information associated with the cyber activity, (b) an enhanced information related to identification or mitigation of the potential cyber security attack, or (c) a cyber security countermeasure, wherein the at least second server is allowed to access at least a portion of the one or more of the information associated with the cyber activity, the enhanced information, or the cyber security countermeasure subject to the share restriction rules. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. A device, comprising:
-
a processor; and a memory comprising processor executable code, the processor executable code, when executed by the processor, configures that device to; receive information associated with a cyber activity that is indicative of a potential cyber attack; process the information at a first server of a collaborative cyber analysis system to at least incorporate share restriction rules with the information, the share restriction rules including one or more of;
rules based on specific regulations promulgated by a government or an international organization, rules based on a enterprise policy or rules that are set by a user of collaborative cyber analysis system that are specific to the information; andtransmit, to at least a second server of the collaborative cyber analysis system, one or more of;
(a) the information associated with the cyber activity, (b) an enhanced information related to identification or mitigation of the potential cyber security attack, or (c) a cyber security countermeasure, wherein the at least second server is allowed to access at least a portion of the one or more of the information associated with a cyber activity, the enhanced information, or the cyber security countermeasure subject to the share restriction rules.
-
-
54. A system for collaborative evaluation of cyber security threats, the comprising:
-
a first server coupled to one or more computing devices of a first enterprise, the first server further coupled to a communication network to receive information associated with a cyber activity that is indicative of a potential cyber attack, the first server further including a processor to process the information to at least incorporate share restriction rules with the information, the share restriction rules including one or more of;
rules based on specific regulations promulgated by a government or an international organization, rules based on a enterprise policy or rules that are set by a user of collaborative cyber analysis system that is specific to the information, and to transmit the processed information to a second server; andthe second server coupled to the communication network to receive one or more of;
(a) the information associated with the cyber activity, (b) an enhanced information related to identification or mitigation of the potential cyber security attack, or (c) a cyber security countermeasure, wherein the second server is allowed to access at least a portion of the one or more of the information associated with the cyber activity, the enhanced information, or the cyber security countermeasure subject to the share restriction rules. - View Dependent Claims (55, 56, 57, 58)
-
Specification