Search International and National Patent Collections

1. (WO2018125903) GATHERING INDICATORS OF COMPROMISE FOR SECURITY THREAT DETECTION

Pub. No.:    WO/2018/125903    International Application No.:    PCT/US2017/068500
Publication Date: Fri Jul 06 01:59:59 CEST 2018 International Filing Date: Thu Dec 28 00:59:59 CET 2017
IPC: H04L 29/06
Applicants: CHRONICLE LLC
Inventors: NACHENBERG, Carey Stover
LAMOTHE-BRASSARD, Maxime
NAGHIBZADEH, Shapor
Title: GATHERING INDICATORS OF COMPROMISE FOR SECURITY THREAT DETECTION
Abstract:
The subject matter of this specification generally relates to computer security. In some implementations, a method includes receiving indicators of compromise from multiple security data providers. Each indicator of compromise can include data specifying one or more characteristics of one or more computer security threats. Each indicator of compromise can be configured to, when processed by a computer, cause the computer to detect the presence of the specified one or more characteristics of the one or more computer security threats. Telemetry data for computing systems of users can be received. The telemetry data can include data describing at least one event detected at the computing system. A determination is made that the telemetry data for a given user includes the one or more characteristics specified by a given indicator of compromise.