×

System for tracking data security threats and method for same

  • US 20180063186A1
  • Filed: 10/23/2017
  • Published: 03/01/2018
  • Est. Priority Date: 09/05/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method for tracking data security incidents in an enterprise network, comprising:

  • creating one or more incident objects, wherein at least one incident object includes information for at least one data security incident, and one or more incident artifacts that include information for one or more data resources identified within the incident object, wherein upon a determination that a newly-created incident object includes a data security incident associated with an existing data resource, an existing incident artifact associated with that existing data resource is linked to the newly-created incident object, such that different incident objects can then refer to the same incident artifact;

    looking up an incident artifact in one or more external threat intelligence sources to obtain knowledge information concerning the incident artifact, wherein the knowledge information identifies whether the incident artifact is associated with one or more known threats, and includes associated metadata or usage data;

    augmenting the incident artifact with the knowledge information; and

    executing one or more rules associated with the known threats to provide an incident response to the data security incident.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×