首页>
外国专利>
AUTOMATED ONBOARDING OF DETECTIONS FOR SECURITY OPERATIONS CENTER MONITORING
AUTOMATED ONBOARDING OF DETECTIONS FOR SECURITY OPERATIONS CENTER MONITORING
展开▼
机译:自动进行安全操作中心监控的检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods, systems, apparatuses, and computer program products are provided for evaluating security detections. A detection instance obtainer obtains detection instances from a pool, such as a security detections pool. The detection instances may be obtained for detections that meet a predetermined criterion, such as detections that have not been onboarded or rejected, or detections that have generated detection instances for a threshold time period. The detection may be onboarded or rejected automatically based on a volume thresholder and/or a detection performance evaluator. For instance, the volume thresholder may be configured to automatically onboard the detection if the volume of the detection instances is below a first threshold, and reject the detection if the volume is above a second threshold. The detection performance evaluator may be configured to onboard or reject the detection based on an efficacy of the detection (e.g., based on a true positive rate of the detection instances).
展开▼