CPC G06F 21/552 (2013.01) [H04L 63/145 (2013.01)] | 20 Claims |
1. A system, comprising:
a memory; and
a processor communicatively coupled to a first network device via a first network, wherein the processor is configured to:
generate a first notification, wherein the first notification comprises an event detail related to a threat to the first network device, wherein the event detail comprises a property of the first network device;
sanitize the first notification to remove an identity of the first network device, an identity of the first network, or both from the event detail;
transmit the first notification to a central service that determines that both the first notification and a previously received threat notification via a second network from a second network device relates to the property of the first network device and adjusts a threat ranking of the first notification responsive to the determination;
receive the adjusted threat ranking associated with the first notification from the central service; and
perform a remedial action in response to receiving the adjusted threat ranking.
|