公开(公告)号：US09798882B2

公开(公告)日：2017-10-24

申请号：US14297974

申请日：2014-06-06

Applicant: CrowdStrike, Inc.

Inventor： David Frederick Diehl ,  Leif Air Fire Grosch Jackson ,  James Robert Plush

IPC: G06F21/55 ,  G06F21/57

CPC classification number: G06F21/577 ,  G06F21/552 ,  G06F2221/034 ,  G06N5/04 ,  H04L41/0893 ,  H04L41/12 ,  H04L63/1433 ,  H04L63/1441

Abstract: A model representing system components and events of a plurality of monitored devices as data objects is described herein. The model resides on a security service cloud and is updated in substantially real-time, as security-relevant information about the system components and events is received by the security service cloud. Each data object in the model has a scope and different actions are taken by security service cloud modules depending on different data object scopes. Further, the security service cloud maintains a model specific to each monitored device built in substantially real-time as the security-relevant information from that device is received. The security service cloud utilizes these device-specific models to detect security concerns and respond to those concerns in substantially real-time.

公开(公告)号：US09858626B2

公开(公告)日：2018-01-02

申请号：US14792177

申请日：2015-07-06

Applicant: CrowdStrike, Inc.

Inventor： Dmitri Alperovitch ,  George Robert Kurtz ,  David Frederick Diehl ,  Sven Krasser ,  Adam S. Meyers

IPC: H04L29/06 ,  G06Q50/00 ,  G06Q10/00

CPC classification number: G06Q50/01 ,  G06Q10/00 ,  H04L63/104 ,  H04L63/107 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.

公开(公告)号：US20150326614A1

公开(公告)日：2015-11-12

申请号：US14792177

申请日：2015-07-06

Applicant: CrowdStrike, Inc.

Inventor： Dmitri Alperovitch ,  George Robert Kurtz ,  David Frederick Diehl ,  Sven Krasser ,  Adam S. Meyers

IPC: H04L29/06

CPC classification number: G06Q50/01 ,  G06Q10/00 ,  H04L63/104 ,  H04L63/107 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.

Abstract translation: 本文描述了形成组的客户端实体之间的社交共享安全信息的技术。 客户端实体组由安全服务器的结果形成，该安全服务器提供一个或多个安全机制，用于在客户端实体之间形成组，每个属于不同组织的客户实体。 然后，安全服务自动与组中的一个或多个其他客户端实体共享组中的客户端实体的安全信息。

公开(公告)号：US20150356301A1

公开(公告)日：2015-12-10

申请号：US14297974

申请日：2014-06-06

Applicant: CrowdStrike, Inc.

Inventor： David Frederick Diehl ,  Leif Air Fire Grosch Jackson ,  James Robert Plush

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F21/552 ,  G06F2221/034 ,  G06N5/04 ,  H04L41/0893 ,  H04L41/12 ,  H04L63/1433 ,  H04L63/1441

Abstract: A model representing system components and events of a plurality of monitored devices as data objects is described herein. The model resides on a security service cloud and is updated in substantially real-time, as security-relevant information about the system components and events is received by the security service cloud. Each data object in the model has a scope and different actions are taken by security service cloud modules depending on different data object scopes. Further, the security service cloud maintains a model specific to each monitored device built in substantially real-time as the security-relevant information from that device is received. The security service cloud utilizes these device-specific models to detect security concerns and respond to those concerns in substantially real-time.

Abstract translation: 在此描述表示作为数据对象的多个被监视设备的系统组件和事件的模型。 该模型位于安全服务云上，并且基本上实时更新，因为安全服务云接收到有关系统组件和事件的安全相关信息。 模型中的每个数据对象都有一个作用域，根据不同的数据对象作用域，安全服务云模块采取不同的动作。 此外，随着来自该设备的与安全性相关的信息被接收，安全服务云保持基本实时内置的每个被监控设备的特定模型。 安全服务云利用这些特定于设备的模型来检测安全性问题，并基本上实时地回应这些问题。