SYSTEMS AND METHODS FOR REAL-TIME GENERATION AND EXECUTION OF COMPUTER-EXECUTABLE INVESTIGATIVE QUERIES IN A CYBERSECURITY EVENT DETECTION AND RESPONSE PLATFORM

Abstract

A system, method, and computer-implemented method includes generating a security alert for a subscriber, executing an automated investigation protocol for the security alert, obtaining, in response to executing a first plurality of computer-executable investigation queries and a second plurality of computer-executable investigation queries, a corpus of investigation findings data indicative of whether the security alert corresponds to a security threat or a benign security alert, and displaying, using a graphical user interface, the security alert in association with the corpus of investigation findings data.

CPC Classifications