Invention Grant
US09578045B2 Method and apparatus for providing forensic visibility into systems and networks
有权
用于提供系统和网络的法医可见性的方法和装置
- Patent Title: Method and apparatus for providing forensic visibility into systems and networks
- Patent Title (中): 用于提供系统和网络的法医可见性的方法和装置
-
Application No.: US14270069Application Date: 2014-05-05
-
Publication No.: US09578045B2Publication Date: 2017-02-21
- Inventor: Joseph Jaroch , Jacques Etienne Erasmus , Paul Barnes , Johannes Mayr , Michael Leidesdorff , Marco Giuliani , Christopher Jon Williams , Chad Edward Bacher
- Applicant: Webroot Inc.
- Applicant Address: US CO Broomfield
- Assignee: WEBROOT INC.
- Current Assignee: WEBROOT INC.
- Current Assignee Address: US CO Broomfield
- Agency: Merchant & Gould P.C.
- Main IPC: G06F21/00
- IPC: G06F21/00 ; H04L29/06
Abstract:
Methods and systems for providing forensic visibility into systems and networks are provided. More particularly, a sensor agent may receive events defining an action of a first object acting on a target. The object, the event, and the target are then correlated to at least one originating object such that an audit trail for each individual event is created. A global perspective indicating an age, popularity, a determination as to whether the object may be malware, and IP/URL information associated with the event may then be applied to at least one of the object, the event, the target, and the originating object. A priority may then be determined and assigned to the event based on at least the global perspective. An event line containing event information is then transmitted to an end recipient where the information may be heuristically displayed.
Public/Granted literature
- US20140331322A1 METHOD AND APPARATUS FOR PROVIDING FORENSIC VISIBILITY INTO SYSTEMS AND NETWORKS Public/Granted day:2014-11-06
Information query
