Machine learning model for managing security threat alerts for a compute environment

Abstract

Data platforms described herein are configured to monitor a compute environment and to use machine learning models for managing security threat alerts for the compute environment. Such a data platform may identify, based on event data indicative of events occurring in the compute environment, a set of detected security threats present within the compute environment. Using a machine learning model trained based on previous event data indicative of events that occurred previously, the data platform may reduce the set of detected security threats to form a subset of prioritized security threats. The data platform may then provide security threat alerts for the compute environment in a manner that emphasizes alerts associated with prioritized security threats over alerts associated with other detected security threats of the set of detected security threats. Corresponding methods, systems, and products are also disclosed.

CPC Classifications