Dipto Chakravarty

The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events for advanced persistent threat vectors. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to… Show more

The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events for advanced persistent threat vectors. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking, automating, orchestrating and graphically displaying the status of the workflow process progress, among other things.
Show less

Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token

A system for pluggable event correlation may include an input manager that receives a plurality of events and converts the events into a format compatible with one or more of a plurality of correlation engines. The correlation engines may then evaluate the converted events using various rules and generate correlated events when the evaluated events trigger at least one of the rules. An action manager may execute remedial actions when the correlation engines generate the correlated events… Show more

A system for pluggable event correlation may include an input manager that receives a plurality of events and converts the events into a format compatible with one or more of a plurality of correlation engines. The correlation engines may then evaluate the converted events using various rules and generate correlated events when the evaluated events trigger at least one of the rules. An action manager may execute remedial actions when the correlation engines generate the correlated events. Moreover, extensibility may be provided by enabling a user to define rules to be triggered when events occur in a predetermined pattern, and actions to be executed when a predetermined rule triggers a correlated event. Further, to plug a new correlation engine into the system, adapters may be deployed to handle input and output, while the user-defined rules may be validating according to semantic requirements of the new correlation engine. Show less

[Cited by 2 patents.] A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport… Show more

[Cited by 2 patents.] A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport unit, responsive to the security events in the message bus, to transport the plurality of security events in the message bus to a plurality of subscribers.
Show less

[Cited by 2 patents.] The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things… Show more

[Cited by 2 patents.] The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data. Show less

Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.

[Cited by 5 patents.] The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the… Show more

[Cited by 5 patents.] The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things. Show less

[Cited by 4 patents.] A system and method for analyzing events from devices relating to network security, includes a device interface(s), for receiving events from devices. One or more processors, responsive to the event received pursuant to the device interfaces, evaluate the event in accordance with rules, wherein the rules define, inter alia, an operation the system is to take to evaluate the event and an action to be taken under specified conditions. Also, the processor can determine… Show more

[Cited by 4 patents.] A system and method for analyzing events from devices relating to network security, includes a device interface(s), for receiving events from devices. One or more processors, responsive to the event received pursuant to the device interfaces, evaluate the event in accordance with rules, wherein the rules define, inter alia, an operation the system is to take to evaluate the event and an action to be taken under specified conditions. Also, the processor can determine, responsive to the received event, whether the event is of interest, and if not, discarding the event. The processor can provide a correlation corresponding to the at least one event, for the rules. Show less

[Cited by 7 patents.] A computer-implemented or computer-enabled method and system is provided for working with streaming media, such as digital video clips and entire videos. Clips can be grouped together and snippets of video can be re-ordered into a rough cut assemblage of a video storyboard. Later, the video storyboard and the final video scene may be fine-tuned. The invention is not limited to digital video, and may also be used with other digital assets, including for example audio… Show more

[Cited by 7 patents.] A computer-implemented or computer-enabled method and system is provided for working with streaming media, such as digital video clips and entire videos. Clips can be grouped together and snippets of video can be re-ordered into a rough cut assemblage of a video storyboard. Later, the video storyboard and the final video scene may be fine-tuned. The invention is not limited to digital video, and may also be used with other digital assets, including for example audio, animation, logos, text, etc. Accordingly, computer-enabled storyboarding of digital assets includes providing a storage having digital assets, the digital assets including at least one digital clip, and each digital clip having frames including a key frame corresponding to the digital clip. Digital clips are selected to be included in a storyboard. The storyboard is displayed, including an image for the key frame corresponding to each of the digital clips of the storyboard. Preferably, the image is a low-resolution image representing the key frame for the digital clips. The storyboard may be modified and saved, including adding parts of digital assets to the storyboard, deleting digital clips from the storyboard, and re-ordering the order of the clips in the storyboard. The digital clips can be edited/adjusted, including adjusted the in/or out time of each clip. The storyboard may be played, that is each digital clip in the storyboard is played in sequence. Show less

Systems, methods and mediums are provided for dynamically determining the file type, determining the media format and the player, validating the file type combination, and picking the correct player for the combination. Information is provided representative of a set of candidate video file types corresponding to video files, including candidate media formats and candidate players corresponding to each candidate video file type. Also provided is information representative of a specific video… Show more

Systems, methods and mediums are provided for dynamically determining the file type, determining the media format and the player, validating the file type combination, and picking the correct player for the combination. Information is provided representative of a set of candidate video file types corresponding to video files, including candidate media formats and candidate players corresponding to each candidate video file type. Also provided is information representative of a specific video file to be played. In connection with the video file to be played, a selection is made of at least one corresponding media format from the candidate media formats, and of at least one corresponding media player from the candidate players. Information representative of the selected media format and the selected media player is output, preferably in a HTML file. Optionally, the invention includes launching the selected player for the file. Show less

A method and system for digital asset link management. The system includes information on units of information UOI, information on link types and storage relating to the UOI links. Optionally included is an ancillary metadata lookup table. A source value and a destination value are provided from the UOIs to the UOI links. The link type is obtained from the link types file and provided to the UOI links. Optionally, the source type and destination type are obtained from the metadata lookup table.