The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 14, 2022
Filed:
Jul. 20, 2021
Centripetal Networks, Inc., Portsmouth, NH (US);
John Fenton, Ashburn, VA (US);
Peter Geremia, Portsmouth, NJ (US);
Richard Goodwin, Yorke, ME (US);
Sean Moore, Hollis, NH (US);
Vincent Mutolo, Summit, NJ (US);
Jess Parnell, Herndon, VA (US);
Jonathan R. Rogers, Hampton Falls, NH (US);
Centripetal Networks, Inc., Portsmouth, NH (US);
Abstract
A packet-filtering network appliance protects networks from threats by enforcing policies on in-transit packets crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their flows are sent to cyberanalysis applications located at security operations centers (SOCs). Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, generating a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses. The present disclosure describes incident logging that efficiently incorporates logs of many flows that comprise the incident, potentially reducing resource consumption while improving the informational/cyberanalytical value for cyberanalysis when compared to the component flow logs. Incident logging vs. flow logging can be automatically and adaptively switched on or off.