Alerts based on entities in security information and event management products

Invention Grant

US10534908B2 Alerts based on entities in security information and event management products 有权

Please log in to see more content

Patent Title: Alerts based on entities in security information and event management products
Application No.: US15370084

Application Date: 2016-12-06
Publication No.: US10534908B2

Publication Date: 2020-01-14
Inventor: Kathrin Nos
Applicant: SAP SE
Applicant Address: DE Walldorf
Assignee: SAP SE
Current Assignee: SAP SE
Current Assignee Address: DE Walldorf
Agency: Fish & Richardson P.C.
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F21/55

Alerts based on entities in security information and event management products

Abstract:

An enterprise threat detection (ETD) pattern is executed against received log event data from one or more computing systems. Using the ETD pattern, an event threshold is determined to have been exceeded. Entities associated with an alert created based on the exceeded threshold are determined and, at runtime, a severity value is calculated for each determined entity associated with the alert. A selection is received of a determined entity on which to perform mitigation action activities. Mitigation action activities associated with the determined entity are written into an activity record data record. A mitigation action activity is closed on the determined entity and a determination performed that all mitigation action activities associated with all entities related to the created alert have been closed. The created alert is closed.

Public/Granted literature

US20180157835A1 ALERTS BASED ON ENTITIES IN SECURITY INFORMATION AND EVENT MANAGEMENT PRODUCTS Public/Granted day:2018-06-07

Information query

Espacenet