US 12,189,791 B2
Distributed digital security system
David F. Diehl, Minneapolis, MN (US); James Robert Plush, Lake Forest, CA (US); and Timothy Jason Berger, Eastvale, CA (US)
Assigned to CrowdStrike, Inc., Sunnyvale, CA (US)
Filed by CrowdStrike, Inc., Sunnyvale, CA (US)
Filed on Apr. 12, 2023, as Appl. No. 18/133,884.
Application 18/133,884 is a continuation of application No. 16/849,543, filed on Apr. 15, 2020, granted, now 11,645,397.
Prior Publication US 2023/0297690 A1, Sep. 21, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/60 (2013.01); G06F 9/54 (2006.01); H04L 9/40 (2022.01)
CPC G06F 21/60 (2013.01) [G06F 9/542 (2013.01); H04L 63/0892 (2013.01); H04L 63/105 (2013.01); H04L 63/1408 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
receiving, by a network storage engine of a security network, and from one or more security agents executing at one or more client devices remote from the network storage engine, first event data associated with one or more events that have occurred at the one or more client devices;
providing, by the network storage engine, a first copy of the first event data to a network compute engine of the security network;
receiving, by the network storage engine at a first time, and from the network compute engine, a claim check for second event data, wherein:
the second event data is related to the first event data, and
the second event data has, at the first time, not been received by the network storage engine or the network compute engine;
receiving, by the network storage engine at a second time, the second event data associated with the claim check;
determining, by the network storage engine, that the claim check has been satisfied based on receipt of the first event data and the second event data; and
providing, by the network storage engine in response to determining that the claim check has been satisfied, the second event data and a second copy of the first event data to the network compute engine.