白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Distributed digital security system

專利號(hào)
US11616790B2
公開(kāi)日期
2023-03-28
申請(qǐng)人
CrowdStrike, Inc.(US CA Irvine)
發(fā)明人
David F. Diehl; Michael Edward Lusignan; Thomas Johann Essebier
IPC分類
H04L9/40; G06F16/2455; G06Q50/26
技術(shù)領(lǐng)域
event,data,security,engine,bounding,compute,rally,or,can,client
地域: CA CA Irvine

摘要

A distributed security system can include instances of a compute engine that can execute either locally in security agents on client devices or as cloud instances in a security network. Event data can be processed by elements of the distributed security system according to centrally-defined ontological definitions and/or configurations. Bounding managers of local security agents can control how much event data is sent to the security network. A storage engine in the security network can store event data received from client devices, can route event data to other elements of the security network, including cloud instances of the compute engine. An experimentation engine of the security network can also at least temporarily adjust other elements of the distributed security system during experiments or tests.

說(shuō)明書(shū)

As an example, if cloud elements of the distributed security system 100 are configured to determine how many, and/or how often, files are accessed on one or more client devices 104, the cloud elements many not need detailed event data 122 about every individual file access event that occurs on the client devices 104. As another example, registry events may occur thousands of times per minute, or more, on a client device 104. While it may be inefficient or costly to send event data 122 about each individual registry event to the security network 106, it may be sufficient to simply send the security network 106 a count of how many such registry events occurred over a certain period of time. Accordingly, a configuration 132 may instruct the counting engine 614 to, based on event data 122, generate statistical data 616 including a count of the number of certain types of event occurrences on a client device 104 over a period of time. The security agent 108 can then send the statistical data 616 reflecting the overall count of such event occurrences to the security network 106 as event data 122, or another type of report, instead of sending event data 122 about each individual event occurrence to the security network 106.

權(quán)利要求

1
微信群二維碼
意見(jiàn)反饋