US 11,704,405 B2
Techniques for sharing network security event information
Richard Reybok, Fremont, CA (US); Andreas Seip Haugsnes, Mountain View, CA (US); Kurt Joseph Zettel, II, Nashville, TN (US); Jeffrey Rhines, San Antonio, TX (US); Henry Geddes, Corte Madera, CA (US); Volodymyr Osypov, Mountain View, CA (US); Scott Lewis, Sunnyvale, CA (US); Sean Brady, Bedford, NH (US); and Mark Manning, Redwood City, CA (US)
Assigned to ServiceNow, Inc., Santa Clara, CA (US)
Filed by ServiceNow, Inc., Santa Clara, CA (US)
Filed on Dec. 1, 2021, as Appl. No. 17/457,152.
Application 17/457,152 is a continuation of application No. 16/827,127, filed on Mar. 23, 2020, granted, now 11,222,111.
Application 16/827,127 is a continuation of application No. 16/151,085, filed on Oct. 3, 2018, granted, now 10,628,582, issued on Apr. 21, 2020.
Application 16/151,085 is a continuation of application No. 16/042,918, filed on Jul. 23, 2018, abandoned.
Application 16/042,918 is a continuation of application No. 15/651,924, filed on Jul. 17, 2017, granted, now 10,032,020, issued on Jul. 24, 2018.
Application 15/651,924 is a continuation of application No. 14/615,202, filed on Feb. 5, 2015, granted, now 9,710,644, issued on Jul. 18, 2017.
Application 14/615,202 is a continuation in part of application No. 14/536,386, filed on Nov. 7, 2014, granted, now 9,038,183, issued on May 19, 2015.
Application 14/536,386 is a continuation of application No. 13/556,553, filed on Jul. 24, 2012, granted, now 8,914,406, issued on Dec. 16, 2014.
Application 15/651,924 is a continuation of application No. 13/556,524, filed on Jul. 24, 2012.
Claims priority of provisional application 62/061,111, filed on Oct. 7, 2014.
Claims priority of provisional application 62/046,431, filed on Sep. 5, 2014.
Claims priority of provisional application 61/593,853, filed on Feb. 1, 2012.
Prior Publication US 2022/0083653 A1, Mar. 17, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/55 (2013.01); H04L 9/40 (2022.01)
CPC G06F 21/552 (2013.01) [H04L 63/145 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system, comprising:
a memory; and
a processor communicatively coupled to a first network device via a first network, wherein the processor is configured to:
generate a first notification, wherein the first notification comprises an event detail related to a threat to the first network device, wherein the event detail comprises a property of the first network device;
sanitize the first notification to remove an identity of the first network device, an identity of the first network, or both from the event detail;
transmit the first notification to a central service that determines that both the first notification and a previously received threat notification via a second network from a second network device relates to the property of the first network device and adjusts a threat ranking of the first notification responsive to the determination;
receive the adjusted threat ranking associated with the first notification from the central service; and
perform a remedial action in response to receiving the adjusted threat ranking.