&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12277231.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,277,231 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>System and method for identifying cyberthreats from unstructured social media content</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Daniel Clark Salo,  Sunnyvale, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  PROOFPOINT, INC.,  Sunnyvale, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Proofpoint, Inc.,  Sunnyvale, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Jan.  22, 2024, as Appl. No. 18/419,118.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/419,118 is a continuation of application No. 18/169,627, filed on Feb.  15, 2023, granted, now 11,934,535.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/169,627 is a continuation of application No. 16/823,090, filed on Mar.  18, 2020, granted, now 11,586,739, issued on Feb.  21, 2023.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Claims priority of provisional application 62/955,595, filed on Dec.  31, 2019.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2024/0184893 A1, Jun.  6, 2024</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 16/00</b></i> (2019.01); <i><b>G06F 16/338</b></i> (2019.01); <i><b>G06F 16/355</b></i> (2025.01); <i><b>G06F 16/36</b></i> (2019.01); <i><b>G06F 21/57</b></i> (2013.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 21/577</b></i> (2013.01)&#xa0;[<i><b>G06F 16/338</b></i> (2019.01); <i><b>G06F 16/355</b></i> (2019.01); <i><b>G06F 16/36</b></i> (2019.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12277231-20250415-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method, comprising:<div class="claim_text">monitoring, by a cyberthreat detection system, a target of interest in network communications to and from a digital medium, wherein the cyberthreat detection system comprises a rules database, wherein the monitoring comprises processing unstructured content in the network communications, and wherein the processing comprises:</div>
                <div class="claim_text">determining, from the unstructured content, content items containing combinations of static keywords, dynamic keywords, or regular expressions that represent the target of interest;</div>
                <div class="claim_text">clustering, based on the combinations of the static keywords, the dynamic keywords, or the regular expressions, the content items into clusters;</div>
                <div class="claim_text">determining, from the clusters and utilizing vetted cybersecurity phrases, a cluster containing high precision phrases relating to the target of interest; and</div>
                <div class="claim_text">updating the rules database utilizing the high precision phrases; and</div>
                <div class="claim_text">classifying, utilizing classifier rules stored in the rules database, the unstructured content in the network communications to thereby identify which content items in the unstructured content that refer to the target of interest constitute cyberthreats.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>