What technology area does this patent fall under?

Primary CPC classification H04L63/20. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Dec 20 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Creating security incident records using a remote network management platform

US11533339B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11533339-B2
Application number	US-202017080450-A
Country	US
Kind code	B2
Filing date	Oct 26, 2020
Priority date	Aug 10, 2018
Publication date	Dec 20, 2022
Grant date	Dec 20, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

An example embodiment performed by a scoped software application executable on a computing device of a computational instance of a remote network management platform may involve: requesting and receiving, from an application database associated with a third-party software application, alert rules that trigger alerts when associated events occur in a managed network; receiving data representing selection of a set of the alert rules and, based on the data, requesting and receiving, from the application database, a set of past alerts that have been triggered by the set of the alert rules; using mapping data to map fields of the set of the past alerts to fields of a sample security incident record; displaying a preview region including the sample security incident record; using the mapping data to create security incident records that map to the set of the past alerts; and writing, to a security incident database, the security incident records.

First claim

Opening claim text (preview).

What is claimed is: 1. A system, comprising: one or more hardware processors; and a non-transitory memory storing instructions that, when executed by the one or more hardware processors, cause the one or more hardware processors to perform operations comprising: generating, for display via a graphical user interface (GUI), a plurality of selectable alert rule features corresponding to a plurality of alert rules associated with a third-party software application; receiving, via the GUI, a first input indicative of a selection of a particular selectable alert rule feature of the plurality of selectable alert rule features; generating, for display via the GUI: a plurality of past alert icons corresponding to a plurality of alerts, wherein the plurality of alerts have been triggered based on an occurrence of an event as defined by the plurality of alert rules; and a plurality of sample security incident records; receiving, via the GUI, a second input indicative of a selection of a particular past alert icon of the plurality of past alert icons, wherein the particular past alert icon corresponds to a particular past alert associated with the third-party software application; receiving, via the GUI, a third input indicative of a selection of a particular sample security incident record of the plurality of sample security incident records; and mapping a field of the particular past alert to a field of the particular sample security incident record based on the second input and the third input. 2. The system of claim 1 , wherein the operations comprise running a scoped application, and wherein the GUI is generated when a particular permission associated with the scoped application is verified. 3. The system of claim 1 , wherein the operations comprise: creating a security incident record that maps to the particular past alert based on the mapping; and storing the security incident record in a database. 4. The system of claim 3 , wherein the operations comprise receiving, via the GUI, a fourth input indicative of a string used as an identifier for the field of the particular past alert that is mapped to the field of the particular sample security incident record. 5. The system of claim 1 , wherein the field of the particular past alert is mapped based on mapping data defining pairwise associations between the field of the particular past alert and the field of the particular sample security incident record. 6. The system of claim 1 , wherein the plurality of alerts comprise event data representing one or more events that trigger a respective alert of the plurality of alerts. 7. The system of claim 6 , wherein the event data comprises a source IP address, a destination IP address, a hostname, a username, an identifier for an E-mail attachment, a software identifier, a time indication for when the event data was received. 8. The system of claim 1 , wherein the GUI comprises a ribbon that comprises a plurality of tabs corresponding to a plurality of respective panes that make up a sequence of panes. 9. The system of claim 8 , wherein the operations comprise receiving a toggle input to toggle between the sequence of panes, wherein the ribbon remains on the GUI as the toggle input is received. 10. The system of claim 8 , wherein the first input is received via a first pane of the sequence of panes, wherein a first tab of the plurality of tabs is emphasized when the first pane is presented as part of the GUI, and wherein the second input and the third input are received via a second pane of the sequence of panes, wherein a second tab of the plurality of tabs is emphasized when the second pane is presented as part of the GUI. 11. A computer-implemented method, comprising: generating, for display via a graphical user interface (GUI), a plurality of selectable alert rule features corresponding to a plurality of alert rules associated with a third-party software application; receiving, via the GUI, a first input indicative of a selection of a particular selectable alert rule feature of the plurality of selectable alert rule features; generating, for display via the GUI: a plurality of past alert icons corresponding to a plurality of alerts, wherein the plurality of alerts have been triggered based on an occurrence of an event as defined by the plurality of alert rules; and a plurality of sample security incident records; receiving, via the GUI, a second input indicative of a selection of a particular past alert icon of the plurality of past alert icons, wherein the particular past alert icon corresponds to a particular past alert associated with the third-party software application; receiving, via the GUI, a third input indicative of a selection of a particular sample security incident record of the plurality of sample security incident records; and mapping a field of the particular past alert to a field of the particular sample security incident record based on the second input and the third input. 12. The computer-implemented method of claim 11 , comprising: creating a security incident record that maps to the particular past alert based on the mapping; and storing the security incident record in a database. 13. The computer-implemented method of claim 11 , wherein the GUI comprises a ribbon that comprises a plurality of tabs corresponding to a plurality of respective panes that make up a sequence of panes. 14. The computer-implemented method of claim 13 , comprising receiving, via the GUI, a toggle input to toggle between the sequence of panes, wherein the ribbon remains on the GUI as the toggle input is received. 15. The computer-implemented method of claim 13 , wherein the first input is received via a first pane of the sequence of panes, wherein a first tab of the plurality of tabs is emphasized when the first pane is presented as part of the GUI, and wherein the second input and the third input are received via a second pane of the sequence of panes, wherein a second tab of the plurality of tabs is emphasized when the second pane is presented as part of the GUI. 16. A non-transitory computer-readable medium comprising computer-readable code, that when executed by one or more processors, causes the one or more processors to perform operations comprising: generating, for display via a graphical user interface (GUI), a plurality of selectable alert rule features corresponding to a plurality of alert rules associated with a third-party software application; receiving, via the GUI, a first input indicative of a selection of a particular selectable alert rule feature of the plurality of selectable alert rule features; generating, for display via the GUI: a plurality of past alert icons corresponding to a plurality of alerts, wherein the plurality of alerts have been triggered based on an occurrence of an event as defined by the plurality of alert rules; and a plurality of sample security incident records; receiving, via the GUI, a second input indicative of a selection of a particular past alert icon of the plurality of past alert icons, wherein the particular past alert icon corresponds to a particular past alert associated with the third-party software application; receiving, via the GUI, a third input indicative of a selection of a particular sample security incident record of the plurality of sample security incident records; and mapping a field of the particular past alert to a field of the particular sample security incident record based on the second input and the third input. 17. The non-transitory computer-readable medium of claim 16 , wherein the

Assignees

Servicenow Inc

Inventors

Classifications

H04L63/0272
Virtual private networks · CPC title
H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
H04L67/53
using third party service providers · CPC title
H04L67/10
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
H04L63/02
for separating internal from external traffic, e.g. firewalls · CPC title

Patent family

Related publications grouped by family.

View patent family 69407280

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11533339B2 cover?: An example embodiment performed by a scoped software application executable on a computing device of a computational instance of a remote network management platform may involve: requesting and receiving, from an application database associated with a third-party software application, alert rules that trigger alerts when associated events occur in a managed network; receiving data representing …
Who is the assignee on this patent?: Servicenow Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Dec 20 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).