The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 30, 2015
Filed:
Mar. 29, 2011
Catherine V. Hart, Burlington, MA (US);
Catherine V. Hart, Burlington, MA (US);
EMC Corporation, Hopkinton, MA (US);
Abstract
A security information and event management (SIEM) system includes a data storage sub-system that stores (1) security data pertaining to security-related events and states of a production computer system, (2) security business objects (SBOs) as an abstraction layer over the security data, and (3) workflows which each include a set of the SBOs organized in a workflow-specific manner. Each SBO represents a security-related aspect of the production system and includes data queries to generate output data pertaining to the security-related aspect. Each workflow embodies a complex multi-step security analysis operation. In operation, security users of the SIEM system execute the workflows including the respective security business objects, resulting in a set of result data which identifies security threats and vulnerabilities of the production computer system. A workflow can provide additional contextualization for detected events, including asset data regarding the configuration of hosts in the data processing system which can be used to generate recommendations for remedial action, such as applying certain software patches to address a threat.