白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Distributed digital security system

專(zhuān)利號(hào)
US11616790B2
公開(kāi)日期
2023-03-28
申請(qǐng)人
CrowdStrike, Inc.(US CA Irvine)
發(fā)明人
David F. Diehl; Michael Edward Lusignan; Thomas Johann Essebier
IPC分類(lèi)
H04L9/40; G06F16/2455; G06Q50/26
技術(shù)領(lǐng)域
event,data,security,engine,bounding,compute,rally,or,can,client
地域: CA CA Irvine

摘要

A distributed security system can include instances of a compute engine that can execute either locally in security agents on client devices or as cloud instances in a security network. Event data can be processed by elements of the distributed security system according to centrally-defined ontological definitions and/or configurations. Bounding managers of local security agents can control how much event data is sent to the security network. A storage engine in the security network can store event data received from client devices, can route event data to other elements of the security network, including cloud instances of the compute engine. An experimentation engine of the security network can also at least temporarily adjust other elements of the distributed security system during experiments or tests.

說(shuō)明書(shū)

Events that occur on client devices 104 can be detected or observed by event detectors 124 of security agents 108 on those client devices 104. For example, a security agent 108 may execute at a kernel-level and/or as a driver such that the security agent 108 has visibility into operating system activities from which one or more event detectors 124 of the security agent 108 can observe event occurrences or derive or interpret the occurrences of events. In some examples, the security agent 108 may load at the kernel-level at boot time of the client device 104, before or during loading of an operating system, such that the security agent 108 includes kernel-mode components such as a kernel-mode event detector 124. In some examples, a security agent 108 can also, or alternately, have components that operate on a computing device in a user-mode, such as user-mode event detectors 124 that can detect or observe user actions and/or user-mode events. Examples of kernel-mode and user-mode components of a security agent 108 are described in greater detail in U.S. patent application Ser. No. 13/492,672, entitled “Kernel-Level Security Agent” and filed on Jun. 8, 2012, which issued as U.S. Pat. No. 9,043,903 on May 26, 2015, and which is hereby incorporated by reference.

權(quán)利要求

1
微信群二維碼
意見(jiàn)反饋