US 11,985,160 B2
Dynamic adaptive defense for cyber-security threats
Bernard Thomas, Ashburn, VA (US); David Scott, Marietta, GA (US); Fred Brott, Alexandria, VA (US); and Paul Smith, Marietta, GA (US)
Assigned to MUSARUBRA US LLC, San Jose, CA (US)
Filed by FireEye Security Holdings US LLC, Milpitas, CA (US)
Filed on Jan. 23, 2023, as Appl. No. 18/158,350.
Application 18/158,350 is a continuation of application No. 16/841,383, filed on Apr. 6, 2020, granted, now 11,563,769.
Application 16/841,383 is a continuation of application No. 16/185,865, filed on Nov. 9, 2018, granted, now 10,616,265, issued on Apr. 7, 2020.
Application 16/185,865 is a continuation of application No. 15/089,170, filed on Apr. 1, 2016, granted, now 10,129,290, issued on Nov. 13, 2018.
Application 15/089,170 is a continuation of application No. PCT/US2014/058909, filed on Oct. 2, 2014.
Claims priority of provisional application 61/943,990, filed on Feb. 24, 2014.
Claims priority of provisional application 61/944,019, filed on Feb. 24, 2014.
Claims priority of provisional application 61/944,011, filed on Feb. 24, 2014.
Claims priority of provisional application 61/943,977, filed on Feb. 24, 2014.
Claims priority of provisional application 61/943,912, filed on Feb. 24, 2014.
Claims priority of provisional application 61/936,770, filed on Feb. 6, 2014.
Claims priority of provisional application 61/886,056, filed on Oct. 3, 2013.
Prior Publication US 2023/0164175 A1, May 25, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/00 (2022.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/1441 (2013.01) [H04L 9/002 (2013.01); H04L 9/32 (2013.01); H04L 63/0272 (2013.01); H04L 63/1408 (2013.01); H04L 63/1416 (2013.01)] 24 Claims
OG exemplary drawing
 
1. At least one non-transitory computer readable medium comprising instructions that, when executed, cause processor circuitry to at least:
map a security threat to at least one action to remediate the security threat, the at least one action previously identified as authorized for an administrator to initiate;
access information from the administrator that correlates a second network security action with a network security element, the second network security action not correlated with the network security element prior to the accessing of the information from the administrator, the information not instructing the execution of the at least one action; and
send, subsequent to the access of the information, a signal to initiate an execution of the second network security action to the network security element.