The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 01, 2011
Filed:
Dec. 02, 2002
Hugh S. Njemanze, Los Altos, CA (US);
Debabrata Dash, Sunnyvale, CA (US);
Shijie Wang, San Jose, CA (US);
Hugh S. Njemanze, Los Altos, CA (US);
Debabrata Dash, Sunnyvale, CA (US);
Shijie Wang, San Jose, CA (US);
ArcSight, Inc., Cupertino, CA (US);
Abstract
A selected time interval of previously stored security events generated by a number of computer network devices are replayed and cross-correlated according to rules defining security incidents. Meta-events are generated when the security events satisfy conditions associated with one or more of the rules. The rules used during replay may differ from prior rules used at a time when the security events occurred within a computer network that included the computer network devices. In this way, new rules can be tested against true security event data streams to determine whether or not the rules should be used in a live environment (i.e., the efficacy of the rules can be tested and/or debugged against actual security event data).