The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 07, 2021
Filed:
Jun. 26, 2019
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Peter A. Thayer, Woodinville, WA (US);
Jagannathan Deepak Manohar, Redmond, WA (US);
Jason Matthew Conradt, Monroe, WA (US);
Karthik Selvaraj, Kirkland, WA (US);
Donald J. Ankney, Seattle, WA (US);
MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US);
Abstract
Embodiments provide for a security information and event management (SIEM) system utilizing distributed agents that can intelligently traverse a network to exfiltrate data in an efficient and secure manner. A plurality of agent devices can dynamically learn behavioral patterns and/or service capabilities of other agent devices in the networking environment, and select optimal routes for exfiltrating event data from within the network. The agent devices can independently, selectively, or collectively pre-process event data for purposes of detecting a suspect event from within the network. When a suspect event is detected, agent devices can select a target device based on the learned service capabilities and networking environment, and communicate the pre-processed event data to the target device. The pre-processed event data is thus traversed through the network along an optimal route until it is exfiltrated from the network and stored on a remote server device for storage and further analysis.