Device for Preventing, Detecting and Responding to Security Threats

Device for Preventing, Detecting and Responding to Security Threats
Abstract

A device to prevent, detect and respond to one or more security threats between one or more controlled hosts and one or more services accessible from the controlled host. The device determines the authenticity of a user of a controlled host and activates user specific configurations under which the device monitors and controls all communications between the user, the controlled host and the services. As such, the device ensures the flow of only legitimate and authorized communications. Suspicious communications, such as those with malicious intent, malformed packets, among others, are stopped, reported for analysis and action. Additionally, upon detecting suspicious communication, the device modifies the activated user specific configurations under which the device monitors and controls the communications between the user, the controlled host and the services.

Authors
Steven A. Harp Tom Haigh Johnathan Gohde Richard O'Brien Charles Payne, Jr. Ryan VanRiper
Year of Publication
2011
Source
https://www.uspto.gov/