ALERTING AND TAGGING USING A MALWARE ANALYSIS PLATFORM FOR THREAT INTELLIGENCE MADE ACTIONABLE
First Claim
1. A system, comprising:
- a processor configured to;
receive a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis;
process the log files to extract artifacts associated with the log files;
determine whether a tag matches any of the plurality of samples based on the artifacts; and
perform an action based on whether the tag matches any of the plurality of samples; and
a memory coupled to the processor and configured to provide the processor with instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for alerting and tagging using a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for alerting and tagging using a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples.
56 Citations
20 Claims
-
1. A system, comprising:
-
a processor configured to; receive a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; process the log files to extract artifacts associated with the log files; determine whether a tag matches any of the plurality of samples based on the artifacts; and perform an action based on whether the tag matches any of the plurality of samples; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product, the computer program product being embodied in a tangible computer readable storage medium and comprising computer instructions for:
-
receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification