×

Method and apparatus for automatically correlating related incidents of policy violations

  • US 7,996,374 B1
  • Filed: 03/28/2008
  • Issued: 08/09/2011
  • Est. Priority Date: 03/28/2008
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • identifying a plurality of incidents of violations of a policy upon detecting presence of confidential information in a plurality of messages;

    storing the plurality of violation incidents of the policy in a data repository, wherein each of the plurality of violation incidents is associated with a plurality of message attribute values;

    receiving a user request to correlate one of the plurality of violation incidents of the policy stored in the data repository to other incidents of the plurality of violation incidents of the policy based on at least one common message attribute value, the user request specifying the at least one common message attribute value associated with the violation incident to be correlated;

    in response to the user request, automatically correlating a requested violation incident with the other incidents of the plurality of violation incidents of the policy based on the at least one specified common message attribute value, wherein automatically correlating comprises searching the data repository using the at least one common message attribute value and finding other violation incidents of the policy having the at least one message attribute value;

    displaying the at least one message attribute value of the requested violation incident; and

    for each of the at least one message attribute value, displaying a count of the number of other violation incidents of the policy that have in common the message attribute value with the requested violation incident.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×