Security Incident Handling Method

A technology for security events and processing methods, applied in the field of security event processing, can solve problems such as affecting the running speed of the system, affecting the normal operation of the log correlation analysis engine, and inability to follow up and trace events, so as to reduce the occupation of memory resources and performance impact. Effect

Active Publication Date: 2019-07-26
华青融天(北京)软件股份有限公司
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If there are too many clients, each client will obtain events from the server segment in real time, which will affect other configuration operations by platform maintenance users, greatly affect the running speed of the system, and even affect the normal operation of the log correlation analysis engine
Furthermore, for the multi-client processing events on the SOC platform, due to the huge amount of data, and the mixed storage of original logs and events in the form of files, it is easier to trigger data archiving conditions, so it is impossible to follow up and trace back events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security Incident Handling Method
  • Security Incident Handling Method
  • Security Incident Handling Method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. The components of the embodiments of the invention generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations. Accordingly, the following detailed description of the embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely represents selected embodiments of the invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0019] It should be noted that like numerals and let...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a security event handling method, comprising the following steps: regularly acquiring security events generated in a security operation center; mapping the security events to corresponding security event records; receiving a first investigation request sent by a browser, wherein the first investigation request includes user accounts; and sending the security event records corresponding to the user accounts to the browser. According to the method provided by the invention, a user terminal can directly access the security events of a server side through the browser without installing a client, and because the client does not need to be connected with the server side to implement multi-channel event monitoring, the memory resource occupancy and performance influences of the server side can be greatly reduced, and the problem that events cannot be followed up and traced back due to mixed storage of original logs and the events on an SOC platform can be solved.

Description

technical field [0001] The present invention relates to the field of security operations, in particular to a method for processing security events. Background technique [0002] For SOC platform multi-client processing events, the server must send the events of different filters to the active channel of each client in real time, so that each client can display and respond to the event, which will inevitably greatly increase the resource usage of the server. If there are too many clients, each client will obtain events from the server segment in real time, which will affect other configuration operations by platform maintenance users, greatly affect the running speed of the system, and even affect the normal operation of the log correlation analysis engine. Furthermore, for multi-client processing events on the SOC platform, due to the huge amount of data, and the mixed storage of original logs and events in the form of files, it is easier to trigger data archiving conditions...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/0253H04L63/20
Inventor 林晓东
Owner 华青融天(北京)软件股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap