Cyber intelligence clearinghouse
First Claim
1. A system comprising:
- at least one processor; and
a memory coupled to the at least one processor having instructions stored thereon which, when executed by the at least one processor, causes the at least one processor to perform operations comprising;
determining a source fidelity score associated with a cyber-security intelligence source, wherein the source fidelity score represents a trustworthiness of the cyber-security intelligence source with regard to intelligence provided by the cyber-security intelligence source;
determining to block a new security threat event based on;
new intelligence information received from the cyber-security intelligence source that predicts how an attack of the new security threat event may be performed based on information identified in the new intelligence information, andthe source fidelity score of the cyber-security intelligence source; and
providing, over a network, feedback data to the cyber-security intelligence source, the feedback data comprising an indication that the new security threat event was successfully blocked by a security application based on the new intelligence information.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and computer-readable and executable instructions are provided for providing a cyber intelligence clearinghouse (CIC). Providing a CIC can include generating analysis data from intelligence information collected from a number of sources. In addition, providing a CIC can include calculating a number of fidelity scores from the analysis data, wherein the number of fidelity scores represent a trustworthiness of the number of sources. In addition, providing a CIC can include determining a number of events to block based on the number of fidelity scores. Furthermore, providing a CIC can include providing feedback data to the number of sources based on the number of fidelity scores and the number of events to block.
-
Citations
20 Claims
-
1. A system comprising:
-
at least one processor; and
a memory coupled to the at least one processor having instructions stored thereon which, when executed by the at least one processor, causes the at least one processor to perform operations comprising;determining a source fidelity score associated with a cyber-security intelligence source, wherein the source fidelity score represents a trustworthiness of the cyber-security intelligence source with regard to intelligence provided by the cyber-security intelligence source; determining to block a new security threat event based on; new intelligence information received from the cyber-security intelligence source that predicts how an attack of the new security threat event may be performed based on information identified in the new intelligence information, and the source fidelity score of the cyber-security intelligence source; and providing, over a network, feedback data to the cyber-security intelligence source, the feedback data comprising an indication that the new security threat event was successfully blocked by a security application based on the new intelligence information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer implemented method for providing a cyber intelligence clearinghouse executed by at least one processor, the method comprising:
-
determining, by the at least one processor, a source fidelity score associated with a cyber-security intelligence source, wherein the source fidelity score represents a trustworthiness of the cyber-security intelligence source with regard to intelligence provided by the cyber-security intelligence source; determining, by the at least one processor, to block a new security threat event based on; new intelligence information received from the cyber-security intelligence source that predicts how an attack of the new security threat event may be performed based on information identified in the new intelligence information, and the source fidelity score of the cyber-security intelligence source; and providing, over a network, feedback data to the cyber-security intelligence source, the feedback data comprising an indication that the new security threat event was successfully blocked by a security application based on the new intelligence information. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer readable storage device storing instructions that, when executed by at least one processor, cause the at least one processor to perform operations comprising:
-
determining a source fidelity score associated with a cyber-security intelligence source, wherein the source fidelity score represents a trustworthiness of the cyber-security intelligence source with regard to intelligence provided by the cyber-security intelligence source; determining to block a new security threat event based on; new intelligence information received from the cyber-security intelligence source that predicts how an attack of the new security threat event may be performed based on information identified in the new intelligence information, and the source fidelity score of the cyber-security intelligence source; and providing, over a network, feedback data to the cyber-security intelligence source, the feedback data comprising an indication that the new security threat event was successfully blocked by a security application based on the new intelligence information. - View Dependent Claims (17, 18, 19, 20)
-
Specification