The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 23, 2024
Filed:
Sep. 17, 2020
Improving incident classification and enrichment by leveraging context from multiple security agents
Fortinet, Inc., Sunnyvale, CA (US);
Fortinet, Inc., Sunnyvale, CA (US);
Abstract
Systems and methods are described for synergistically combining network security technologies to improve incident classification and enrichment. According to one embodiment, an endpoint protection platform running on an endpoint device receives a request via an event management agent of the endpoint protection platform from an event management service for process information relating to an incident detected by the event management service. The request is caused to be processed by an endpoint detection and response (EDR) service by transmitting the request to an EDR agent of the endpoint protection platform corresponding to the EDR service. A response to the request is received from the EDR service via the EDR agent. The response includes the process information. Enrichment of an alert generated by the event management service based on the process information is facilitated by transmitting the response to the event management service via the event management agent.