首页>
外国专利>
System and method to infer investigation steps for security alerts using crowd sourcing
System and method to infer investigation steps for security alerts using crowd sourcing
展开▼
机译:使用人群采购推断安全警报调查步骤的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques are provided to dynamically generate response actions that may be used to investigate and respond to a security alert. Different prediction models are initially trained using a corpus of training data. This training data is obtained by identifying previous security alerts and then grouping together alert clusters. An analysis is performed to identify which steps were used to respond to the alerts in each group. These steps are fed into a prediction model to train the model. After multiple models are trained and after a new security alert is received, one model is selected to operate on the new alert, where the model is selected because it is identified as being most compatible with the new alert. When the selected model is applied to the new alert, the model generates a set of recommended steps that may be followed to investigate and/or respond to the new alert.
展开▼