×

Incident response automation engine

  • US 9,762,607 B2
  • Filed: 04/17/2015
  • Issued: 09/12/2017
  • Est. Priority Date: 12/03/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method of operating a processing system of an advisement system to implement security actions for a computing environment comprising a plurality of computing assets, the method comprising:

  • providing security incident information to an administrator associated with the computing environment, wherein the security incident information comprises asset identifiers for assets related to a security incident and enrichment information for the security incident obtained from internal or external sources;

    in response to providing the security incident information, identifying a user generated security action in a command language for the computing environment;

    identifying one or more computing assets related to the security action;

    obtaining hardware and software characteristics for the one or more computing assets;

    translating the security action in the command language to one or more action procedures based on the hardware and software characteristics; and

    initiating implementation of the one or more action procedures in the one or more computing assets.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×