Using indicators of behavior to identify a security persona of an entity

Using indicators of behavior to identify a security persona of an entity

A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity to identify a behavior enacted by the entity, the monitoring observing at least one electronically-observable data source; deriving an observable ba...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Marty, Raffael, Fischbach, Nicolas Christian
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity to identify a behavior enacted by the entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the behavior enacted by the entity, the observable comprising event information corresponding to a behavior enacted by the entity; identifying an indicator of behavior from the event information corresponding to the behavior enacted by the entity, the indicator of behavior providing an abstracted description of an inferred intent associated with the behavior enacted by the entity; associating a security persona with the entity based upon the indicator of behavior, the security persona comprising a group of entity behaviors associated with a particular security risk use case; and, performing the security operation, the security operation using the security persona associated with the entity.