Security threat reporting in light of local security tools
First Claim
1. A computer implemented method for threat reporting in light of local security tools, comprising:
- using a computer to perform steps comprising;
identifying a network link identifying a web site that is a potential threat source (PTS) for the computer;
determining a plurality of security threats associated with the PTS, wherein the plurality of security threats are associated with characteristics of the web site identified by the network link;
determining an initial threat rating for the PTS based on the plurality of security threats associated with the PTS;
identifying mitigated security threats of the plurality of security threats that are mitigated by local security on the computer and unmitigated security threats of the plurality of security threats that are not mitigated by local security on the computer;
adjusting the initial threat rating for the PTS to account for the mitigated security threats and the unmitigated security threats to produce an adjusted threat rating based on the unmitigated security threats; and
providing the adjusted threat rating to a user of the computer.
5 Assignments
0 Petitions
Accused Products
Abstract
When a client receives a potential threat source (PTS), a user of the client may desire to make an informed decision regarding the PTS. The PTS can be, for example, an email or instant message with an embedded executable, a link to a network destination (e.g., included in search engine results or an email, or webpage), or an executable file (e.g., downloaded from a website). The PTS is identified and characterized to establish a threat rating. The threat rating can then be presented to the user, so as to inform the user as to the PTS riskiness. The threat rating is determined in light of the local security tools available. If there are no local security tools that mitigate the threat of the PTS, then a security tool that is known to mitigate the threat can be identified and recommended to the user.
-
Citations
20 Claims
-
1. A computer implemented method for threat reporting in light of local security tools, comprising:
using a computer to perform steps comprising; identifying a network link identifying a web site that is a potential threat source (PTS) for the computer; determining a plurality of security threats associated with the PTS, wherein the plurality of security threats are associated with characteristics of the web site identified by the network link; determining an initial threat rating for the PTS based on the plurality of security threats associated with the PTS; identifying mitigated security threats of the plurality of security threats that are mitigated by local security on the computer and unmitigated security threats of the plurality of security threats that are not mitigated by local security on the computer; adjusting the initial threat rating for the PTS to account for the mitigated security threats and the unmitigated security threats to produce an adjusted threat rating based on the unmitigated security threats; and providing the adjusted threat rating to a user of the computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A non-transitory computer-readable storage medium encoded with instructions, that when executed by one or more processors, cause the processors to carry out a process for threat reporting in light of local security tools, the process comprising:
-
identifying a network link identifying a web site that is a potential threat source (PTS) for a computer; determining a plurality of security threats associated with the PTS, wherein the plurality of security threats are associated with characteristics of the web site identified by the network link; determining an initial threat rating for the PTS based on the plurality of security threats associated with the PTS; identifying mitigated security threats of the plurality of security threats that are mitigated by local security on the computer and unmitigated security threats of the plurality of security threats that are not mitigated by local security on the computer; adjusting the initial threat rating for the PTS to account for the mitigated security threats and the unmitigated security threats to produce an adjusted threat rating based on the unmitigated security threats; and providing the adjusted threat rating to a user of the computer. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system for threat reporting in light of local security tools, comprising:
-
a non-transitory computer-readable storage medium encoded with executable instructions for; identifying a network link identifying a web site that is a potential threat source (PTS) for a computer; determining a plurality of security threats associated with the PTS, wherein the plurality of security threats are associated with characteristics of the web site identified by the network link; determining an initial threat rating for the PTS based on the plurality of security threats associated with the PTS; identifying mitigated security threats of the plurality of security threats that are mitigated by local security on the computer; identifying unmitigated security threats of the plurality of security threats that are not mitigated by local security on the computer; adjusting the initial threat rating for the PTS to account for the mitigated security threats and the unmitigated security threats to produce an adjusted threat rating based on the unmitigated security threats; and providing the adjusted threat rating to a user of the computer; and a processor for executing the instructions. - View Dependent Claims (17, 18, 19, 20)
-
Specification