| CPC H04L 63/20 (2013.01) [G06F 21/577 (2013.01); H04L 63/1408 (2013.01); H04L 63/1441 (2013.01)] | 17 Claims |
|
1. A method comprising:
receiving, at a central processor, first network security data from at least one first network security application configured to monitor a first network communication layer in a computer network, wherein the first network communication layer is one of a physical layer, a data link layer, a network layer, a transport layer, a session layer, a presentation layer, or an application layer, and second network security data from at least one second network security application configured to monitor a second network communication layer in the computer network, wherein the second network communication layer is a different one of the physical layer, the data link layer, the network layer, the transport layer, the session layer, the presentation layer, and the application layer, wherein the first network security data comprises network usage data, network threats data, application usage data, threat mitigation data, malware activity data, virus activity data, or combinations thereof, and wherein the second network security data comprises network usage data, network threats data, application usage data, threat mitigation data, malware activity data, virus activity data, or combinations thereof;
aggregating and weighting, by the central processor, the first and second network security data, resulting in weighted aggregated data; and
providing, by the central processor, an integrated dashboard presentation that includes both a timeline view of threats found in the computer network and a single indication of an overall risk level in the computer network, including at the first network communication layer and at the second network communication layer, the overall risk level determined based on the weighted aggregated data.
|