REMEDIAL ACTION FOR RELEASE OF THREAT DATA
First Claim
Patent Images
1. A non-transitory machine-readable storage medium storing instructions that, if executed by at least one processor of a computing system, cause the computing system to:
- receive threat information from a respective plurality of threat submitters;
provide data about the respective threat information to a plurality entities based on a set of rules;
determine that one of the data has been released outside of the entities; and
perform a remedial action based on the release of the one data.
8 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments disclosed herein relate to performing a remedial action based on the release of data. Threat information is received from multiple threat submitters. Data about the respective threat information is provided to a plurality of entities based on rules. It is determined that the data has been released outside of the entities. The remedial action is performed based on the release of the data.
-
Citations
15 Claims
-
1. A non-transitory machine-readable storage medium storing instructions that, if executed by at least one processor of a computing system, cause the computing system to:
-
receive threat information from a respective plurality of threat submitters; provide data about the respective threat information to a plurality entities based on a set of rules; determine that one of the data has been released outside of the entities; and perform a remedial action based on the release of the one data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
receiving threat information from a respective plurality of threat submitters; providing data about the respective threat information to a plurality entities based on a set of rules including a rule that indicates that the data is to be shared at least one community, wherein the at least one community includes the entities; determining that one of the data has been released outside of the entities; determining that the one data is part of a pattern of release associated with the at least one community; and performing a remedial action based on the release of the one data and the determination of the pattern. - View Dependent Claims (10, 11, 12)
-
-
13. A threat management platform comprising:
-
a communication engine to receive threat information from a respective plurality of threat submitters, a share engine to provide data about the respective threat information to a plurality entities that are a member of at least one community based on a set of rules including a rule that indicates that the data is to be shared at the least one community, wherein the at least one community includes the entities; a release identification engine to determine that one of the data has been released outside of the entities; a pattern engine to determine that the one data is part of a pattern of release associated with the at least one community; and a remediation engine to perform a remedial action based on the determination of the pattern. - View Dependent Claims (14, 15)
-
Specification