301 patents
Page 10 of 16
Utility
Cloud access security broker determining risk score of cloud applications based on security attributes
30 Dec 21
Systems and methods include identifying a cloud application; performing one or more automated scripts to determine a first set of attributes of the cloud application; obtaining a second set of attributes of the cloud application based on a manual analysis; obtaining weighting factors for the first set of attributes and the second set of attributes; determining a risk score of the cloud application based on the first set of attributes and the second set of attributes and the associated weighting factors; and displaying the risk score of the cloud application.
Davinder Pal Singh, Rahul Kumar, Ankit Kumar, Santhosh Kumar, Narinder Paul, Vairavan Subramanian
Filed: 7 Sep 21
Utility
Mobile device security, device management, and policy enforcement in a cloud-based system
30 Dec 21
Mobile device security, device management, and policy enforcement are described in a cloud-based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc.
Amit Sinha, Narinder Paul, Srikanth Devarajan
Filed: 8 Sep 21
Utility
1n3bir5 ujgny9ie6gqaxio2
28 Dec 21
Briefly, embodiments, such as methods and/or systems for network device identification, for example, are described.
Scott Andrew Hankins, Thomas James Geisler, III
Filed: 14 Jun 19
Utility
3jw g059wzqz7w61cz60mnzj9mlb1vlw7djb1pou69z56ldgr
16 Dec 21
Systems and methods include utilizing a grouping model to identify a function of a user of a tenant; utilizing one or more behavior models to identify normal behavior and abnormal behavior of the user based on the function; and utilizing an orchestration model with a plurality of rules to score one or more of current and historical behavior of the user, based on the one or more behavior models; and utilizing an active learning model to improve the efficiency of the orchestration model The systems and methods can further include causing a security technique based on the score.
Dianhuan Lin, Changsha Ma, Xuan Qi, Rex Shang, Douglas A. Koch, Birender Singh, Howie Xu
Filed: 16 Jun 20
Utility
22zypccbxut7t35pwg8sg0ua7k77a4o4zqgx0ywb4zq0xlvsukcjp
16 Dec 21
Systems and methods include obtaining file identifiers associated with files in production data; obtaining lab data from one or more public repositories of malware samples based on the file identifiers for the production data; and utilizing the lab data for training a machine learning process for classifying malware in the production data.
Changsha Ma, Dianhuan Lin, Rex Shang, Douglas A. Koch, Dong Guo, Howie Xu
Filed: 16 Jun 20
Utility
m6wmv4ap4o5fl3gwgwckz0rqzk1b1tp001tk7
2 Dec 21
Systems and methods include obtaining a file to be checked for Data Loss Prevention (DLP); determining a cryptographic hash of the file and comparing the cryptographic hash to corresponding cryptographic hashes of indexed files; responsive to a match between the cryptographic hash and one of the corresponding cryptographic hashes, determining a DLP match and performing an action based thereon; responsive to no match, extracting text from the file and creating an ordered sequence of hashes of variable length chunks of the extracted text; and determining the DLP match with one of the indexed files based on comparing the ordered sequence of hashes with corresponding ordered sequence of hashes of the indexed files.
Narinder Paul, Arun Bhallamudi, Balakrishna Bayar, James Tan
Filed: 8 Jul 20
Utility
kwu52avfaas5d1dfwmny3oa55s25 4dat4ddhadv47u16t
2 Dec 21
Systems and methods include obtaining a plurality of parameters associated with a host; determining a fingerprint of the host utilizing the plurality of parameters; and providing the fingerprint to cloud service for enrollment and management of the host in the cloud service.
Ajit Singh, Vivek Ashwin Raman, Abhinav Bansal, Thomas Evan Keiser, JR., John H. O'Neil
Filed: 16 Aug 21
Utility
xzamh6qacp9kpg owjtch81z0wqejddbmcylo
2 Dec 21
Systems and methods for protecting sensitive mobile applications from attack include incorporating private application access software in a mobile application that operates on a user device to provide functionality to an end user, the functionality is separate from the private application access; deploying application connectors in front of a private application that is accessed by the mobile application; responsive to a request to access the private application, authenticating the end user through the mobile application; and, responsive to authentication, providing access to the private application through the mobile application via a plurality of secure tunnels.
Dhawal Kumar Sharma, John A. Chanak
Filed: 11 Aug 21
Utility
dj6kxtae87qqlb1ke636ns8tnp3svgevsxg0unrwz1mnuja2hgkqzvb
2 Dec 21
Systems and methods include receiving a request, in a cloud system from a first device, to access a second device; determining if the first device is permitted to access the second device; if the first device is not permitted to access the second device, notifying the first device the second device does not exist; and, if the first device is permitted to access the second device, stitching together connections between the cloud system, the first device, and the second device to provide access to the second device for the first device, wherein the connections are implemented through the cloud-based system.
John A. Chanak, Sindhura Mandava, Vamshi Palkonda, Charles Huang, Ramesh Badam, Victor Pavlov, Kunal Shah, Vikas Mahajan, Yun Ling
Filed: 16 Aug 21
Utility
y3flx63n7mn2xlpciluwdaeg82yfysjq8m1t7o9c8v4bh
2 Dec 21
Systems and methods include obtaining a Uniform Resource Locator (URL) for a site on the Internet; analyzing the URL with a Machine Learning (ML) model to determine whether or not the site is suspicious for phishing; responsive to the URL being suspicious for phishing, loading the site to determine whether or not an associated brand of the site is legitimate or not; and, responsive to the site being not legitimate for the brand, categorizing the URL for phishing and performing a first action based thereon.
Deepen Desai, Zhenxiang Wang
Filed: 2 Jun 20
Utility
uclv85z5fvm4950qijeuojszsnnc6qhisx3hyk3s01amgr7qrxc
2 Dec 21
Systems and methods include receiving a domain for a determination of a likelihood the domain is malicious or benign; obtaining data associated with the domain including log data from a cloud-based system that performs monitoring of a plurality of users; analyzing the domain with a plurality of components to assess the likelihood, wherein at least one of the plurality of components is a trained machine learning model; and combining results of the plurality of components to predict the likelihood the domain is malicious or benign.
Loc Bui, Dianhuan Lin, Changsha Ma, Rex Shang, Howie Xu, Bryan Lee, Martin Walter, Deepen Desai, Nirmal Singh, Narinder Paul, Shashank Gupta
Filed: 8 Jun 21
Utility
sboh6xigewhl 7b7q8o1zvs5kvue5a3x
2 Dec 21
Systems and methods include receiving a domain for a determination of a likelihood the domain is a command and control site; analyzing the domain with an ensemble of a plurality of trained machine learning models including a Uniform Resource Locator (URL) model that analyzes lexical features of a hostname of the domain and an artifact model that analyzes content features of a webpage associated with the domain; and combining results of the ensemble to predict the likelihood the domain is a command and control site.
Changsha Ma, Loc Bui, Dianhuan Lin, Rex Shang, Bryan Lee, Shudong Zhou, Howie Xu, Naveen Selvan, Nirmal Singh, Deepen Desai, Parnit Sainion, Narinder Paul
Filed: 8 Jun 21
Utility
19aorf03plghf77lk t8kz6bsdepx4mkajwc6kbr6n
25 Nov 21
Systems and methods include establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier.
Srikanth Devarajan, Vijay Bulusu, Roy Rajan, Ajit Singh, Abhinav Bansal, Vikas Mahajan
Filed: 7 Jul 20
Utility
n7329nns960y9zlmlcdqd70utrs28m6f8mddruqjbw7w3mg36mi03rzy90n
25 Nov 21
Systems and methods implemented by a user device include receiving a request, from an application executed on the user device, to identify a network path for a destination; determining the network path to the destination including ports, addresses, and inline proxies; and providing details of the network path to the application.
Rishabh Gupta, Vikas Mahajan
Filed: 8 Jun 21
Utility
t7f2yg2g716do671m9 k1ot62755g1f
18 Nov 21
A mobile application notification system that includes a cloud node including a subscription service and a publication service, each executed on the cloud node, wherein the subscription service is configured to manage a plurality of users associated with a tenant of multiple tenants, each of the plurality of users have a corresponding user device that executes a monitoring application thereon, wherein management via the subscription service includes subscribing each of the plurality of users and configuring the tenant and associated messages, and wherein the publication service is configured to communicate with the corresponding user device of the plurality of users and to communication to a plurality of publisher threads, for exchanging messages therebetween, based on the subscribing and the configuring, and wherein at least two corresponding user device of the plurality of users utilize a different operating system and platform from one another.
Jasbir Singh Kaushal, Sichao Zhang, Varun Singh, Muralidharan Manickam, Priyanka Pani
Filed: 15 Jul 20
Utility
4tqqe7wa4mrkx4y8ncc9ty5ess0vakb53jhoty7yhve858j
16 Nov 21
A computer system automatically generates a proposal for network application security policies to be applied on a telecommunications network.
Peter Smith, Aparna Ayikkara, Omar Baba, Daniel Einspanjer, Anthony Gelsomini, Thomas C. Hickman, Peter Kahn, Thomas Evan Keiser, Jr., Andriy Kochura, Nikitha Koppu, Scott Laplante, Xing Li, Raymond Brian Liu, Sean Lutner, Michael J. Melson, Peter Nahas, John O'Neil, Herman Parfenov, Joseph Riopel, Suji Suresh, Harry Sverdlove
Filed: 11 Jun 20
Utility
n4vzushwinlu awdyzskbr8txph75vc3oc
4 Nov 21
Systems and methods include, in a node operating as a snooping proxy, monitoring traffic between a user device and the Internet; detecting and monitoring a handshake between the user device and an endpoint for determining keys associated with encryption between the user device and the endpoint; monitoring encrypted traffic between the user device and the endpoint subsequent to the handshake based on the keys; and performing one or more security functions on the encrypted traffic based on the monitoring.
Srikanth Devarajan, Vijay Bulusu, Leslie McCutcheon
Filed: 30 Apr 20
Utility
8stqfsx356fiug7u3di3z3lg
4 Nov 21
Systems and methods include, responsive to starting a plurality of listener modules, receiving a Uniform Resource Locator (URL) for a site on the Internet into a database; loading the URL; receiving artifacts based on the loading; using the plurality of listener modules to run rules based on the received artifacts; scoring the URL based on the rules and the received artifacts; and determining whether the URL is one of benign, suspicious, or malicious based on the scoring.
Rubin Azad, Deepen Desai, Narinder Paul
Filed: 13 Jul 21
Utility
mxrhhoyyjsfzi7akmhvzxdzd8wcyu0ta3qqbkhioasvn3sq50ugykqt6d
4 Nov 21
Systems and methods include providing functionality for the user device while operating in background on the user device including providing secure connectivity with a cloud-based system over a network; continuously collecting packets intercepted by the enterprise application over a time interval, wherein the collected packets are collected over the time interval; and responsive to an issue with functionality of the enterprise application, transmitting the collected packets to a back end server for troubleshooting of the issue.
Rohit Goyal, Rishabh Gupta
Filed: 14 Jul 21
Utility
iyc7mqrpw1yv3r9uwynau25kxa f4
4 Nov 21
Systems and methods for microsegmentation include receiving network communication information that describes flows between hosts in a network and applications executed on the hosts; generating a network communication model based on the network communication information that labels flows; and providing polices to the hosts based on the network communication model where the policies cause performance a set of actions, locally at a host, on any of the flows based on corresponding labels.
John H. O'Neil, Peter Smith, Thomas Evan Keiser, JR.
Filed: 14 Jul 21