SYSTEM AND METHOD FOR DETERMINING AND USING LOCAL REPUTATIONS OF USERS AND HOSTS TO PROTECT INFORMATION IN A NETWORK ENVIRONMENT
First Claim
1. A method comprising:
- correlating a first set of event data from a private network;
determining a local reputation score of a host in the private network based on the correlating the first set of event data; and
providing the local reputation score of the host to a security node,wherein the security node applies a policy, based on the local reputation score of the host, to a network communication associated with the host.
10 Assignments
0 Petitions
Accused Products
Abstract
A method in an example embodiment includes correlating a first set of event data from a private network and determining a local reputation score of a host in the private network based on correlating the first set of event data. The method further includes providing the local reputation score of the host to a security node, which applies a policy, based on the local reputation score of the host, to a network communication associated with the host. In specific embodiments, the local reputation score of the host is mapped to a network address of the host. In further embodiments, the first set of event data includes one or more event indicators representing one or more events, respectively, in the private network. In more specific embodiments, the method includes determining a local reputation score of a user and providing the local reputation score of the user to the security node.
234 Citations
24 Claims
-
1. A method comprising:
-
correlating a first set of event data from a private network; determining a local reputation score of a host in the private network based on the correlating the first set of event data; and providing the local reputation score of the host to a security node, wherein the security node applies a policy, based on the local reputation score of the host, to a network communication associated with the host. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
correlating a first set of event data from a private network; determining a local reputation score of a user of the private network based on the correlating the first set of event data; and providing the local reputation score of the user to a security node, wherein the security node applies a policy, based on the local reputation score of the user, to a network communication associated with the user. - View Dependent Claims (14, 15, 16, 17)
-
-
18. An apparatus, comprising:
-
a memory element configured to store data; a processor operable to execute instructions associated with the data; and a risk correlation module configured to interface with the memory element and the processor, wherein the apparatus is configured for; correlating a first set of event data from a private network; determining a local reputation score of a host in the private network based on the correlating the first set of event data; and providing the local reputation score of the host to a security node, wherein the security node applies a policy, based on the local reputation score of the host, to a network communication associated with the host. - View Dependent Claims (19, 20)
-
-
21. A method comprising:
-
correlating a first set of event data from a private network; determining a local reputation score of a host in the private network based on the correlating the first set of event data; and providing the local reputation score of the host to the host, wherein a policy is selected based on the local reputation score of the host, and wherein the policy is applied to a process detected by the host. - View Dependent Claims (22, 23, 24)
-
Specification