Social sharing of security information in a group

US 9,858,626 B2
Filed: 07/06/2015
Issued: 01/02/2018
Est. Priority Date: 06/29/2012
Status: Active Grant

First Claim

Patent Images

1. One or more tangible computer-readable media storing computer-executable instructions configured to program one or more computing devices of a security service to perform operations comprising:

associating, by the one or more computing devices of the security service, a rating with a client entity that is a member of a group of client entities that transmit or permit access to security information with one another,individual ones of the group of client entities having security agents stored thereon,at least part of the security information being generated by the security agents in response to execution activities observed or taken by the security agents at the individual ones of the group of client entities,the security agents automatically transmitting or permitting access to at least some of the security information, andthe rating being indicative of the client entity'"'"'s contribution of security information generated by a security agent stored on the client entity to the group of client entities; and

performing at least one of;

enabling at least one other client entity in the group of client entities to affect the rating of the client entity;

oradjusting the rating based on actions of the client entity either taken or refrained from with respect to transmitting or permitting access to security information to one or more other client entities in the group of client entities.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.

105 Citations

20 Claims

1. One or more tangible computer-readable media storing computer-executable instructions configured to program one or more computing devices of a security service to perform operations comprising:
- associating, by the one or more computing devices of the security service, a rating with a client entity that is a member of a group of client entities that transmit or permit access to security information with one another,individual ones of the group of client entities having security agents stored thereon,at least part of the security information being generated by the security agents in response to execution activities observed or taken by the security agents at the individual ones of the group of client entities,the security agents automatically transmitting or permitting access to at least some of the security information, andthe rating being indicative of the client entity'"'"'s contribution of security information generated by a security agent stored on the client entity to the group of client entities; and
  
  performing at least one of;
  
  enabling at least one other client entity in the group of client entities to affect the rating of the client entity;
  
  oradjusting the rating based on actions of the client entity either taken or refrained from with respect to transmitting or permitting access to security information to one or more other client entities in the group of client entities.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The one or more tangible computer-readable media of claim 1, wherein the operations further comprise associating one or more of the client entities with merit indicia based at least in part on contributions of the one or more client entities to a security ecosystem of the security service or to the group.
  - 3. The one or more tangible computer-readable media of claim 1, wherein the operations further comprise associating a point currency with a client entity and adjusting that point currency based at least in part on contributing or consuming security information.
  - 4. The one or more tangible computer-readable media of claim 1, wherein the client entities have different ratings for a security ecosystem comprised of multiple groups and for the group.
  - 5. The one or more tangible computer-readable media of claim 1, wherein the operations further comprising increasing the rating of one of the client entities in response to the client entity adding to or completing a client entity profile of the client entity.
  - 6. The one or more tangible computer-readable media of claim 1, wherein the group is associated with at least one of an industry sector of the client entities, a geographic location of the client entities, a size range of the client entities, or interests of the client entities.
  - 7. The one or more tangible computer-readable media of claim 1, wherein the security information includes at least one of threat information, remediation information, policies, attack data, vulnerability information, reverse engineering information, packet data, network flow data, protocol descriptions, victim information, threat attribution information, incident information, proliferation data, user feedback, or information on software or systems.

8. A computer-implemented method comprising:
- associating, by one or more computing devices of a security service, a rating with a client entity, the rating indicative of the client entity'"'"'s participation in a group of client entities that transmit or permit access to security information with one another,at least a part of the security information being generated by security agents stored on individual ones of the group of client entities and being generated by the security agents in response to execution activities observed or taken by the security agents at the individual ones of the group of client entities, andthe security agents automatically transmitting or permitting access to at least some of the security information; and
  
  performing, by one or more computing devices of a security service, at least one of;
  
  enabling at least one other client entity in the group of client entities to affect the rating of the client entity;
  
  oradjusting the rating based on actions of the client entity either taken or refrained from with respect to transmitting or permitting access to security information to security agents stored at one or more other client entities in the group of client entities.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-implemented method of claim 8, further comprising associating one or more of the client entities with merit indicia based at least in part on contributions of the one or more client entities to a security ecosystem of the security service or to the group.
  - 10. The computer-implemented method of claim 8, further comprising associating a point currency with a client entity and adjusting that point currency based at least in part on contributing or consuming security information.
  - 11. The computer-implemented method of claim 8, wherein the client entities have different ratings for a security ecosystem comprised of multiple groups and for the group.
  - 12. The computer-implemented method of claim 8, further comprising increasing the rating of one of the client entities in response to the client entity adding to or completing a client entity profile of the client entity.
  - 13. The computer-implemented method of claim 8, wherein the group is associated with at least one of an industry sector of the client entities, a geographic location of the client entities, a size range of the client entities, or interests of the client entities.
  - 14. The computer-implemented method of claim 8, wherein the security information includes at least one of threat information, remediation information, policies, attack data, vulnerability information, reverse engineering information, packet data, network flow data, protocol descriptions, victim information, threat attribution information, incident information, proliferation data, user feedback, or information on software or systems.

15. A system comprising:
- a processor; and
  
  a security service module configured to be operated by the processor to perform operations comprising;
  
  associating, by the processor, a rating with a client entity, the rating indicative of the client entity'"'"'s participation in a group of client entities that transmit or permit access to security information with one another,at least a part of the security information being generated by security agents stored on individual ones of the group of client entities and being generated by the security agents in response to execution activities observed or taken by the security agents at the individual ones of the group of client entities, andthe security agents automatically transmitting or permitting access to at least some of the security information; and
  
  performing, by the processor, at least one of;
  
  enabling at least one other client entity in the group of client entities to affect the rating of the client entity;
  
  oradjusting the rating based on actions of the client entity either taken or refrained from with respect to transmitting or permitting access to security information to security agents stored at one or more other client entities in the group of client entities.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the operations further comprise associating one or more of the client entities with merit indicia based at least in part on contributions of the one or more client entities to a security ecosystem of the security service or to the group.
  - 17. The system of claim 15, wherein the operations further comprise associating a point currency with a client entity and adjusting that point currency based at least in part on contributing or consuming security information.
  - 18. The system of claim 15, wherein the client entities have different ratings for a security ecosystem comprised of multiple groups and for the group.
  - 19. The system of claim 15, wherein the operations further comprise increasing the rating of one of the client entities in response to the client entity adding to or completing a client entity profile of the client entity.
  - 20. The system of claim 15, wherein the group is associated with at least one of an industry sector of the client entities, a geographic location of the client entities, a size range of the client entities, or interests of the client entities.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Crowdstrike, Inc. (CrowdStrike Holdings Incorporated)
Original Assignee
Crowdstrike, Inc. (CrowdStrike Holdings Incorporated)
Inventors
Alperovitch, Dmitri, Kurtz, George Robert, Diehl, David Frederick, Krasser, Sven, Meyers, Adam S.
Primary Examiner(s)
Truong, Thanhnga B

Application Number

US14/792,177
Publication Number

US 20150326614A1
Time in Patent Office

911 Days
Field of Search

726 1, 726 4, 726 7, 726 33, 726 13, 726 16, 726 26, 726 27, 370338, 370419, 713189, 707999009, 70799901, 710 22, 710 28, 709221, 709225, 709229, 705 72, 705 64
US Class Current
CPC Class Codes

G06Q 10/00   Administration; Management

G06Q 50/01   Social networking

H04L 63/104   Grouping of entities

H04L 63/107   wherein the security polici...

H04L 63/14   for detecting or protecting...

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

Social sharing of security information in a group

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Social sharing of security information in a group

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links