GEO-MAPPING SYSTEM SECURITY EVENTS
First Claim
1. A method comprising:
- identifying a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system;
identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device;
identifying a source of the particular security event, wherein the source is associated with at least one second computing device;
associating the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and
generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including;
a first graphical element representing the particular computing device as included in the particular grouping of assets and a second graphical element representing the source associated with the at least one of a geographic location and a grouping of assets included in the plurality of asset groupings.
9 Assignments
0 Petitions
Accused Products
Abstract
A particular security event is identified that has been detected as targeting a particular computing device included in a particular computing system. A particular grouping of assets in a plurality of asset groupings within the particular computing system is identified as including the particular computing device. A source of the particular security event is also identified and at least one of a geographic location and a grouping of assets in the plurality of asset groupings is associated with the identified source. Data is generated that is adapted to cause a presentation of a graphical representation of the particular security event on a display device, the graphical representation including a first graphical element representing the particular computing device as included in the particular grouping of assets and a second graphical element representing the source associated with the at least one of a geographic location and a grouping of assets.
8 Citations
22 Claims
-
1. A method comprising:
-
identifying a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system; identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; identifying a source of the particular security event, wherein the source is associated with at least one second computing device; associating the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including;
a first graphical element representing the particular computing device as included in the particular grouping of assets and a second graphical element representing the source associated with the at least one of a geographic location and a grouping of assets included in the plurality of asset groupings. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
identifying a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system; identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; identifying a source of the particular security event, wherein the source is associated with at least one second computing device; associating the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including;
a first graphical element representing the particular computing device as included in the particular grouping of assets and a second graphical element representing the source associated with the at least one of a geographic location and a grouping of assets included in the plurality of asset groupings.
-
-
21. A system comprising:
-
at least one processor device; at least one memory element; and a geo-mapping engine, adapted when executed by the at least one processor device to; identify a particular security event detected in a particular computing system, the particular security event detected as targeting a particular computing device included in the particular computing system; identify a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; identify a source of the particular security event, wherein the source is associated with at least one second computing device; associate the source with at least one of a geographic location and a grouping of assets included in the plurality of asset groupings; and generate data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including;
a first graphical element representing the particular computing device as included in the particular grouping of assets and a second graphical element representing the source associated with the at least one of a geographic location and a grouping of assets included in the plurality of asset groupings.
-
-
22. A method comprising:
-
identifying a particular security event detected in a particular computing system, the particular security event detected as involving a particular computing device included in the particular computing system and targeting at least one second computing device outside the computing system; identifying a particular grouping of assets in a plurality of asset groupings defined for devices within the particular computing system as including the particular computing device; associating the second computing device with a geographic location; and generating data adapted to cause a graphical representation of the particular security event to be presented on a display device, the graphical representation including;
a first graphical element representing the particular computing device as a source of the particular security event and included in the particular grouping of assets, and a second graphical element representing the second computing device associated with the geographic location and overlaid on a portion of a representation of a geographical map corresponding to the geographic location.
-
Specification