公开(公告)号：US10380008B2

公开(公告)日：2019-08-13

申请号：US15156223

申请日：2016-05-16

Applicant: Microsoft Technology Licensing, LLC

Inventor： Rui Wang ,  Yuchen Zhou ,  Shuo Chen ,  Shaz Qadeer ,  Yuri Gurevich

IPC: G06F11/36 ,  G06F8/73 ,  G06F21/55 ,  H04L29/06

Abstract: A framework is described herein for identifying implicit assumptions associated with an SDK and its accompanying documentation (e.g., dev guide). An implicit assumption is information that is not expressly stated in the documentation, but which would be useful in assisting an application developer in building an application. The framework also describes a systematic approach for identifying one or more vulnerability patterns based on the identified implicit assumptions. An application developer may run a test on an application that is being developed to ensure that it does not have any deficiency which matches a vulnerability pattern.

公开(公告)号：US20180084001A1

公开(公告)日：2018-03-22

申请号：US15273604

申请日：2016-09-22

Applicant: Microsoft Technology Licensing, LLC.

Inventor： Efim Hudis ,  Michal Braverman-Blumenstyk ,  Daniel Alon ,  Hani Hana Neuvirth ,  Royi Ronen ,  Yuri Gurevich

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04L63/1433 ,  G06F16/9024 ,  G06F21/577 ,  H04L63/14 ,  H04L63/1408

Abstract: Systems and methods for analyzing security alerts within an enterprise are provided. An enterprise graph is generated based on information such as operational intelligence regarding the enterprise. The enterprise graph identifies relationships between entities of the enterprise and a plurality of security alerts are produced by a plurality of security components of the enterprise. One or more significant relationships are identified between two or more of the plurality of security alerts based on a strength of a relationship identified in the enterprise graph. A significant relationship is utilized to identify a potential security incident between two or more of the security alerts.

公开(公告)号：US10771492B2

公开(公告)日：2020-09-08

申请号：US15273604

申请日：2016-09-22

Applicant: Microsoft Technology Licensing, LLC.

Inventor： Efim Hudis ,  Michal Braverman-Blumenstyk ,  Daniel Alon ,  Hani Hana Neuvirth ,  Royi Ronen ,  Yuri Gurevich

IPC: H04L29/06 ,  G06F16/901 ,  G06F21/57

Abstract: Systems and methods for analyzing security alerts within an enterprise are provided. An enterprise graph is generated based on information such as operational intelligence regarding the enterprise. The enterprise graph identifies relationships between entities of the enterprise and a plurality of security alerts are produced by a plurality of security components of the enterprise. One or more significant relationships are identified between two or more of the plurality of security alerts based on a strength of a relationship identified in the enterprise graph. A significant relationship is utilized to identify a potential security incident between two or more of the security alerts.