17808188. MULTI-FACTOR AUTHENTICATION IN ENDPOINT DETECTION AND RESPONSE simplified abstract (INTERNATIONAL BUSINESS MACHINES CORPORATION)

From WikiPatents
Jump to navigation Jump to search

MULTI-FACTOR AUTHENTICATION IN ENDPOINT DETECTION AND RESPONSE

Organization Name

INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor(s)

Rosa M. Bolger of Austin TX (US)

Jacobus P. Lodewijkx of Oakton VA (US)

Mauro Marzorati of Lutz FL (US)

Christopher A. Kulakowski of Austin TX (US)

MULTI-FACTOR AUTHENTICATION IN ENDPOINT DETECTION AND RESPONSE - A simplified explanation of the abstract

This abstract first appeared for US patent application 17808188 titled 'MULTI-FACTOR AUTHENTICATION IN ENDPOINT DETECTION AND RESPONSE

Simplified Explanation

The patent application describes techniques for mitigating cybersecurity incidents in a networked environment. Here are the key points:

  • The techniques involve using an Endpoint Detection and Response (EDR) function to detect a security incident on a specific endpoint in a network.
  • Once a security incident is detected, the techniques identify the administrator of the affected endpoint.
  • A process requiring Multi-Factor Authentication (MFA) is initiated for the identified administrator.
  • This is done by sending a push notification to a second device associated with the administrator.
  • The administrator responds to the push notification, providing the required authentication.
  • The EDR function then characterizes the maliciousness of the security incident based on the administrator's response.

Potential applications of this technology:

  • Enhancing cybersecurity incident response in networked environments.
  • Strengthening authentication processes for administrators.
  • Improving the accuracy of characterizing the severity of security incidents.

Problems solved by this technology:

  • Promptly detecting and mitigating cybersecurity incidents.
  • Ensuring that only authorized administrators can respond to security incidents.
  • Providing a more accurate assessment of the maliciousness of security incidents.

Benefits of this technology:

  • Improved security by quickly detecting and responding to incidents.
  • Enhanced protection against unauthorized access and malicious activities.
  • More efficient and effective incident response by involving the appropriate administrator.


Original Abstract Submitted

Described are techniques for cybersecurity incident mitigation. The techniques include detecting, by an Endpoint Detection and Response (EDR) function in a networked environment comprising a plurality of endpoints, a security incident on a first endpoint of the plurality of endpoints. The techniques further include identifying an administrator of the first endpoint and initiating a process requiring Multi-Factor Authentication (MFA) associated with the administrator of the first endpoint by transmitting a push notification to a second device associated with the administrator and receiving a response to the push notification from the second device. The techniques further include characterizing, by the EDR function, a maliciousness of the security incident based on the response.

Retrieved from "http://wikipatents.org/index.php?title=17808188._MULTI-FACTOR_AUTHENTICATION_IN_ENDPOINT_DETECTION_AND_RESPONSE_simplified_abstract_(INTERNATIONAL_BUSINESS_MACHINES_CORPORATION)&oldid=17770"