The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 14, 2020
Filed:
Feb. 15, 2017
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Shai Kaplan, Tel Aviv, IL;
Yonatan Most, Kfar Saba, IL;
Microsoft Technology Licensing, LLC, Redmond, WA (US);
Abstract
An anomaly detection system is provided and includes a processor, a memory, and a security application that is stored in the memory and includes instructions. The instructions are configured to collect information of behavior data for the users of an organization accessing cloud applications via a distributed network. The behavior data includes one or more parameters tracked over time for the users. The instructions are further configured to: establish baselines for each of the users and for each of the cloud applications or types of cloud applications of the organization; detect anomalies based on the baselines; provide aggregated anomaly data by aggregating anomalies corresponding to two or more of the baselines and a same behavior or corresponding to multiple users of a same cloud application during a same period of time; determine a risk value based on the aggregated anomaly data; and perform a countermeasure based on the risk value.