Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2011-03-01
2011-03-01
Serrao, Ranodhi N (Department: 2444)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C709S223000, C726S014000, C726S022000
Reexamination Certificate
active
07899901
ABSTRACT:
A selected time interval of previously stored security events generated by a number of computer network devices are replayed and cross-correlated according to rules defining security incidents. Meta-events are generated when the security events satisfy conditions associated with one or more of the rules. The rules used during replay may differ from prior rules used at a time when the security events occurred within a computer network that included the computer network devices. In this way, new rules can be tested against true security event data streams to determine whether or not the rules should be used in a live environment (i.e., the efficacy of the rules can be tested and/or debugged against actual security event data).
REFERENCES:
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5717919 (1998-02-01), Kodavalla et al.
patent: 5850516 (1998-12-01), Schneier
patent: 5956404 (1999-09-01), Schneier et al.
patent: 5978475 (1999-11-01), Schneier et al.
patent: 6070244 (2000-05-01), Orchier et al.
patent: 6134664 (2000-10-01), Walker
patent: 6192034 (2001-02-01), Hsieh et al.
patent: 6275942 (2001-08-01), Bernhard et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6347374 (2002-02-01), Drake et al.
patent: 6408391 (2002-06-01), Huff et al.
patent: 6408404 (2002-06-01), Ladwig
patent: 6453345 (2002-09-01), Trcka et al.
patent: 6484203 (2002-11-01), Porras et al.
patent: 6535728 (2003-03-01), Perfit et al.
patent: 6542075 (2003-04-01), Barker et al.
patent: 6694362 (2004-02-01), Secor et al.
patent: 6704874 (2004-03-01), Porras et al.
patent: 6708212 (2004-03-01), Porras et al.
patent: 6711615 (2004-03-01), Porras et al.
patent: 6839850 (2005-01-01), Campbell et al.
patent: 6928556 (2005-08-01), Black et al.
patent: 6966015 (2005-11-01), Steinberg et al.
patent: 6985920 (2006-01-01), Bhattacharya et al.
patent: 6988208 (2006-01-01), Hrabik et al.
patent: 7039953 (2006-05-01), Black et al.
patent: 7043727 (2006-05-01), Bennett et al.
patent: 7089428 (2006-08-01), Farley et al.
patent: 7127743 (2006-10-01), Khanolkar et al.
patent: 7159237 (2007-01-01), Schneier et al.
patent: 7171689 (2007-01-01), Beavers
patent: 7219239 (2007-05-01), Njemanze et al.
patent: 7260844 (2007-08-01), Tidwell et al.
patent: 7278160 (2007-10-01), Black et al.
patent: 7308689 (2007-12-01), Black et al.
patent: 7333999 (2008-02-01), Njemanze
patent: 7376969 (2008-05-01), Njemanze et al.
patent: 7424742 (2008-09-01), Dash et al.
patent: 7483972 (2009-01-01), Bhattacharya et al.
patent: 7644365 (2010-01-01), Bhattacharya et al.
patent: 2002/0019945 (2002-02-01), Houston et al.
patent: 2002/0099958 (2002-07-01), Hrabik et al.
patent: 2002/0104014 (2002-08-01), Zobel et al.
patent: 2002/0147803 (2002-10-01), Dodd et al.
patent: 2002/0178383 (2002-11-01), Hrabik et al.
patent: 2002/0184532 (2002-12-01), Hackenberger et al.
patent: 2003/0084349 (2003-05-01), Friedrichs et al.
patent: 2003/0093514 (2003-05-01), Valdes et al.
patent: 2003/0093692 (2003-05-01), Porras
patent: 2003/0101358 (2003-05-01), Porras et al.
patent: 2003/0145039 (2003-07-01), Bonney et al.
patent: 2003/0154404 (2003-08-01), Beadles et al.
patent: 2003/0159069 (2003-08-01), Choi et al.
patent: 2003/0188189 (2003-10-01), Desai et al.
patent: 2003/0221123 (2003-11-01), Beavers
patent: 2004/0010718 (2004-01-01), Porras et al.
patent: 2004/0024864 (2004-02-01), Porras et al.
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2004/0221191 (2004-11-01), Porras et al.
patent: 2005/0027845 (2005-02-01), Secor et al.
patent: 2005/0204404 (2005-09-01), Hrabik et al.
patent: 2005/0251568 (2005-11-01), Zavgren, Jr.
patent: 2005/0251860 (2005-11-01), Saurabh et al.
patent: 2006/0069956 (2006-03-01), Steinberg et al.
patent: 2006/0095587 (2006-05-01), Bhattacharya et al.
patent: 2006/0212932 (2006-09-01), Patrick et al.
patent: 2007/0118905 (2007-05-01), Morin et al.
patent: 2007/0136437 (2007-06-01), Shankar et al.
patent: 2007/0150579 (2007-06-01), Morin et al.
patent: 2007/0162973 (2007-07-01), Schneier et al.
patent: 2007/0169038 (2007-07-01), Shankar et al.
patent: 2007/0234426 (2007-10-01), Khanolkar et al.
patent: 2007/0260931 (2007-11-01), Aguilar-Macias et al.
patent: 2008/0104046 (2008-05-01), Singla et al.
patent: 2008/0104276 (2008-05-01), Lahoti et al.
patent: 2008/0162592 (2008-07-01), Huang et al.
patent: 2008/0165000 (2008-07-01), Morin et al.
patent: 2010/0058165 (2010-03-01), Bhattacharya et al.
patent: WO 02/45315 (2002-06-01), None
patent: WO 02/060117 (2002-08-01), None
patent: WO 02/078262 (2002-10-01), None
patent: WO 02/101988 (2002-12-01), None
patent: WO 03/009531 (2003-01-01), None
patent: WO 2004/019186 (2004-03-01), None
patent: WO 2005/001655 (2005-01-01), None
patent: WO 2005/026900 (2005-03-01), None
ARCSIGHT, “About ArcSight Team,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http:/www.arcsight.com/about—team.htm>.
ARCSIGHT, “About Overview,” Oct. 14, 2002, [online] [Retrieved on Apr. 21, 2006] Retrieved from the Internet <URL: http://web.archive.org/web/20021014041614/http://www.arcsight.com/about.htm>.
ARCSIGHT, “Contact Info,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http://www.arcsight.com/contact.htm>.
ARCSIGHT, “Enterprise Coverage: Technology Architecture,” date unknown, [online] Retrieved from the Internet <URL: http://www.snaiso.com/Documentation/Arcsight/arcsight—archdta.pdf>.
ARCSIGHT, “Managed Process: ArcSight Reporting System,” date unknown, [online] Retrieved from the Internet <URL: http://www.snaiso.com/Documentation/Arcsight/arcsight—reportsys.pdf>.
ARCSIGHT, “Managed Process: Console-Based Management,” date unknown, [online] Retrieved from the Internet <URL: http://www.snaiso.com/Documentation/Arcsight/arcsight—console.pdf >.
ARCSIGHT, “Precision Intelligence: SmartRules™ and Cross-Correlation,” date unknown, [online] Retrieved from the Internet <URL: http:/www.snaiso.com/Documentation/Arcsight/arcsight—correlation.pdf>.
ARCSIGHT, “Precision Intelligence: SmartAgent™,” date unknown, [online] Retrieved from the Internet <URL: http://www.ossmanagement.com/SmartAgent.pdf>.
ARCSIGHT, “Product Info: Product Overview and Architecture,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http://www.arcsight.com/product.htm>.
ARCSIGHT, “Product Info: 360° Intelligence Yields Precision Risk Management,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http://www.arcsight.com/product—Info0l.htm>.
ARCSIGHT, “Product Info: ArcSight SmartAgents,” Oct. 10, 2002, [online] [Retrieved on Apr. 21, 2006] Retrieved from the Internet <URL:http://web.archive.org/web/20021010135236/http://www.arcsight.com/product—info02.htm>.
ARCSIGHT, “Product Info: ArcSight Cross-Device Correlation,” date unknown, [online] [Retrieved on Oct. 25, 2005] Retrieved from the Internet <URL: http://www.arcsight.com/product—info03.htm>.
ARCSIGHT, “Product Info: ArcSight Manager,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http://www.arcsight.com/product—info04.htm>.
ARCSIGHT, “Product Info: ArcSight Console” date unknown, [online] [Retrieved on Nov. 15, 2002] Retrieved from the Internet <URL: http:www.arcsight.com/product—info05.htm>.
ARCSIGHT, “Product Info: ArcSight Reporting System,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http:www.arcsight.com/product—info06.htm>.
ARCSIGHT, “Product Info: Enterprise Scaling,” date unknown, [online] [Retrieved on Oct. 25, 2002] Retrieved from the Internet <URL: http://www.arcsight.com/prod
Dash Debabrata
Njemanze Hugh S.
Wang Shijie
ArcSight, Inc.
Fenwick & West LLP
Serrao Ranodhi N
LandOfFree
Method and apparatus for exercising and debugging... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for exercising and debugging..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for exercising and debugging... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2668767