SECURITY INFRASTRUCTURE
First Claim
Patent Images
1. A method for operating a security infrastructure, comprising:
- receiving data in response to a first event in the security infrastructure;
formatting the data into an event-message having a common format within the security infrastructure; and
distributing the event-message to at least one processing entity of a plurality processing entities of the security infrastructure, wherein said at least one processing entity is assigned to analyze a topic of the event-message, wherein at least two of the plurality processing entities are assigned to a different security issue, wherein each of the processing entities comprises a computing device and comprises a security agent that uses at least one inference engine for analyzing one or more assigned security issues, wherein said analyzing said one or more assigned security issues comprises identifying a pattern in a plurality of event-messages.
3 Assignments
0 Petitions
Accused Products
Abstract
An automated security infrastructure is disclosed that includes security agents that are designed to analyze security issues. The security agents process events received from event-messages, and records data associated with a security issue in a ticket. Security and management personnel are kept informed based on notification subscription lists. Assigned security personnel'"'"'s progress in resolving outstanding security issues is monitored until those issues are resolved.
23 Citations
20 Claims
-
1. A method for operating a security infrastructure, comprising:
-
receiving data in response to a first event in the security infrastructure; formatting the data into an event-message having a common format within the security infrastructure; and distributing the event-message to at least one processing entity of a plurality processing entities of the security infrastructure, wherein said at least one processing entity is assigned to analyze a topic of the event-message, wherein at least two of the plurality processing entities are assigned to a different security issue, wherein each of the processing entities comprises a computing device and comprises a security agent that uses at least one inference engine for analyzing one or more assigned security issues, wherein said analyzing said one or more assigned security issues comprises identifying a pattern in a plurality of event-messages. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer readable medium comprising a program that when executed by a processor operates a security infrastructure, comprising:
-
an event-message formatter that formats received data generated in response to a first event into an event-message having a common format within the security infrastructure; and an event-message distributor that distributes the event-message to at least one processing entity of a plurality processing entities of the security infrastructure, wherein said at least one processing entity is assigned to analyze a topic of the event-message, wherein at least two of the plurality processing entities are assigned to a different security issue, wherein each of the processing entities comprises a computing device and comprises a security agent that uses at least one inference engine for analyzing one or more assigned security issues, wherein said analyzing said one or more assigned security issues comprises identifying a pattern in a plurality of event-messages. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A security infrastructure, comprising:
-
means for receiving data in response to a first event in the security infrastructure; means for formatting the data into an event-message having a common format within the security infrastructure; and means for distributing the event-message to at least one processing entity of a plurality processing entities of the security infrastructure, wherein said at least one processing entity is assigned to analyze a topic of the event-message, wherein at least two of the plurality processing entities are assigned to a different security issue, wherein each of the processing entities comprises a computing device and comprises a security agent that uses at least one inference engine for analyzing one or more assigned security issues, wherein said analyzing said one or more assigned security issues comprises identifying a pattern in a plurality of event-messages.
-
Specification