白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Message platform for automated threat simulation, reporting, detection, and remediation

專利號(hào)
US11997115B1
公開日期
2024-05-28
申請(qǐng)人
Cofense Inc.(US VA Leesburg)
發(fā)明人
Aaron Higbee; David Chamberlain; Vineetha Philip
IPC分類
H04L9/40; G06F16/35; G06F21/00; G06F21/55; H04L51/212; H04L51/08
技術(shù)領(lǐng)域
message,phishing,email,messages,be,or,emails,in,user,cluster
地域: VA VA Leesburg

摘要

Methods, network devices, and machine-readable media for an integrated environment and platform for automated processing of reports of suspicious messages, and further including automated threat simulation, reporting, detection, and remediation, including rapid quarantine and restore functions.

說明書

Both the cluster summary and the message summary may also have a rule creation button (button 1130 and button 1230). The rule creation button 1130 and/or button 1230 allow for the administrator to create a rule from the reported message, as will be discussed in detail below. The cluster summary and the message summary may also have a recipe creation button to create a recipe from the corresponding cluster or message, as will be discussed in further detail below.

Rules Module

The network server can include a rules module for the creation, modification, and application of rules to the messages reported. The rules applied to the messages can identify textual or binary patterns in message data, such as the body, headers, or attachments of a message using wild-cards, case-insensitive strings, regular expressions, special operators, or other operations. In some embodiments, as a non-limiting example, the rules can be YARA rules. The rules can be used to detect malicious messages based on local threat information. In an example process flow, a message is received at the network server and is processed by the rules.

The system rules module can be configured to process the messages received at the network server that have been identified as suspicious by a user. For the received messages, the system can process the messages with a pattern matching tool, according to pattern matching rules provided to the system. As a non-limiting example, YARA can be used as the pattern matching tool.

權(quán)利要求

1
微信群二維碼
意見反饋