PRIVILEGED SESSION ANALYTICS
First Claim
1. A system comprising:
- a processor; and
a memory device including instructions that, when executed by a processor, cause the processor to;
capture metadata related to a privileged session;
generate a first activity pattern for the privileged session based at least in part on the captured metadata, the first activity pattern comprising a sequence of one or more activities performed by a first user during the privileged session;
identify, from a set of stored activity patterns, a second activity pattern, the second activity pattern comprising at least a subset of the one or more activities performed by the first user during the privileged session;
determine an action to be performed for the first activity pattern based at least in part on the identification of the second activity pattern; and
transmit the action to a second user on a client device.
1 Assignment
0 Petitions
Accused Products
Abstract
A privileged account manager is provided for monitoring privileged sessions on target systems of an enterprise. In an embodiment, the privileged account manager is configured to capture metadata related to a privileged session and generate a first activity pattern for the privileged session based on the captured metadata. The first activity pattern may include a sequence of one or more activities performed by a first user during the privileged session. The privileged account manager may be configured to identify a second activity pattern that comprises at least a subset of the one or more activities performed by the first user during the privileged session and determine an appropriate action to be performed for the first activity pattern based on the identification of the second activity pattern. In some embodiments, the privileged account manager may be configured to transmit the action to a second user on a client device.
31 Citations
20 Claims
-
1. A system comprising:
-
a processor; and a memory device including instructions that, when executed by a processor, cause the processor to; capture metadata related to a privileged session; generate a first activity pattern for the privileged session based at least in part on the captured metadata, the first activity pattern comprising a sequence of one or more activities performed by a first user during the privileged session; identify, from a set of stored activity patterns, a second activity pattern, the second activity pattern comprising at least a subset of the one or more activities performed by the first user during the privileged session; determine an action to be performed for the first activity pattern based at least in part on the identification of the second activity pattern; and transmit the action to a second user on a client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method comprising:
-
capturing metadata related to a privileged session; generating a first activity pattern for the privileged session based at least in part on the captured metadata, the first activity pattern comprising a sequence of one or more activities performed by a first user during the privileged session; identifying, from a set of stored activity patterns, a second activity pattern, the second activity pattern comprising at least a subset of the one or more activities performed by the first user during the privileged session; determining an action to be performed for the first activity pattern based at least in part on the identification of the second activity pattern; and transmitting the action to a second user on a client device. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable media storing computer-executable instructions executable by one or more processors, the computer-executable instructions comprising:
-
instructions that cause the one or more processors to capture metadata related to a privileged session; instructions that cause the one or more processors to generate a first activity pattern for the privileged session based at least in part on the captured metadata, the first activity pattern comprising a sequence of one or more activities performed by a first user during the privileged session; instructions that cause the one or more processors to identify, from a set of stored activity patterns, a second activity pattern, the second activity pattern comprising at least a subset of the one or more activities performed by the first user during the privileged session; instructions that cause the one or more processors to determine an action to be performed for the first activity pattern based at least in part on the identification of the second activity pattern; and instructions that cause the one or more processors to transmit the action to a second user on a client device. - View Dependent Claims (17, 18, 19, 20)
-
Specification