Abstract: A system comprising a computer-readable storage medium storing at least one program, and a method for reducing cyber-security related false positive alerts is presented. In example embodiments the method may include identifying an indication of a cyber-security threat based on an operational anomaly in a network system. The method may further include determining that the operational anomaly is a false positive indicator with respect to the cyber-security threat based on the operational anomaly being correlated with a malfunction or reconfiguration event.

Abstract: A system comprising a computer-readable storage medium storing at least one program, and a method for reducing cyber-security related false positive alerts is presented. In example embodiments the method may include identifying an indication of a cyber-security threat based on an operational anomaly in a network system. The method may further include determining that the operational anomaly is a false positive indicator with respect to the cyber-security threat based on the operational anomaly being correlated with a malfunction or reconfiguration event.

Abstract: Described herein are reception of first processor-executable program code and a configuration file specifying a target internet protocol address, an asset-identifying information type, and a security protocol, and execution of the received first processor-executable program code to identify a first one or more network communication interfaces of the first computing system, generate a message including information conforming to the asset-identifying information type, the information identifying a first asset, secure the message based on the security protocol, and transmit the secure message to the target internet protocol address via each of the first one or more network communication interfaces.

Abstract: A system comprising a computer-readable storage medium storing at least one program, and a method for reducing cyber-security related false positive alerts is presented. In example embodiments the method may include identifying an abnormal operation pattern in the network system that may signal a cyber-security threat. In response to identifying the abnormal operation pattern, data related to a state change of an asset included in the network system is accessed. The method may further include determining that the abnormal operation pattern and the state change of the asset are correlated, and based on this determination, determining that the abnormal operation pattern is a false positive indicator with respect to the cyber-security threat.

Abstract: A system comprising a computer-readable storage medium storing at least one program, and a method for reducing cyber-security related false positive alerts is presented. In example embodiments the method may include identifying an abnormal operation pattern in the network system that may signal a cyber-security threat. In response to identifying the abnormal operation pattern, data related to a state change of an asset included in the network system is accessed. The method may further include determining that the abnormal operation pattern and the state change of the asset are correlated, and based on this determination, determining that the abnormal operation pattern is a false positive indicator with respect to the cyber-security threat.

Abstract: Described herein are reception of first processor-executable program code and a configuration file specifying a target internet protocol address, an asset-identifying information type, and a security protocol, and execution of the received first processor-executable program code to identify a first one or more network communication interfaces of the first computing system, generate a message including information conforming to the asset-identifying information type, the information identifying a first asset, secure the message based on the security protocol, and transmit the secure message to the target internet protocol address via each of the first one or more network communication interfaces.