FIELD: computer equipment.
SUBSTANCE: invention relates to the computer equipment. Computer-implemented method of automated incident response comprises stages, when receiving from at least one incident from third-party systems, by means of interface module, wherein the incident information comprises at least an incident category, an incident threat level, a host name or address on which the incident occurred and a degree of assurance that the incident is not a false actuation; information on the incident is transmitted to the analytical module, where it is determined whether the incident was previously prevented, and if not, then determining the level of danger of the incident, and if the hazard level exceeds a predetermined threshold, an automated incident response is performed by means of an analytical module and a response module.
EFFECT: technical result consists in implementation of automated response to incident.
19 cl, 4 dwg
Title | Year | Author | Number |
---|---|---|---|
SYSTEM AND METHOD OF SPEEDING UP PROBLEM SOLVING BY ACCUMULATING STATISTICAL INFORMATION | 2010 |
|
RU2444056C1 |
METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS | 2020 |
|
RU2763115C1 |
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS | 2020 |
|
RU2762528C1 |
SYSTEM AND METHOD FOR OUTSIDE CONTROL OF THE CYBERATTACK SURFACE | 2021 |
|
RU2778635C1 |
METHOD AND SYSTEM FOR DETECTING THE INFRASTRUCTURE OF A MALICIOUS SOFTWARE OR A CYBERCRIMINAL | 2020 |
|
RU2722693C1 |
METHOD AND SYSTEM FOR DETERMINING MALICIOUS ACTIVITY BY ANALYZING THE BEHAVIOUR OF OBJECTS IN NON-INSULATED ENVIRONMENT | 2020 |
|
RU2743620C1 |
SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD | 2018 |
|
RU2697954C2 |
METHOD OF COMPUTER SECURITY DISTRIBUTED EVENTS INVESTIGATION | 2015 |
|
RU2610395C1 |
METHOD FOR IDENTIFYING INFORMATION SECURITY THREATS (OPTIONS) | 2023 |
|
RU2802539C1 |
SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT | 2019 |
|
RU2739864C1 |
Authors
Dates
2020-12-11—Published
2020-03-25—Filed