301 patents
Page 15 of 16
Utility
Systems and methods for network vulnerability assessment and protection of Wi-fi networks using a cloud-based security system
20 Apr 20
Systems and methods of assessing Wi-Fi network vulnerability and enforcing policy based thereon in a cloud-based security system include obtaining and storing security risk scores for a plurality of Wi-Fi networks based in part on analysis performed by user equipment in range of each of the plurality of Wi-Fi networks; detecting user equipment associated with the cloud-based security system either desiring to connect to or already connected to a Wi-Fi network; obtaining a security risk score of the Wi-Fi network; and enforcing policy for the user equipment based on the obtained security risk score of the Wi-Fi network.
Abhinav Bansal
Filed: 11 Sep 17
Utility
Clientless connection setup for cloud-based virtual private access systems and methods
6 Apr 20
Virtual private access systems and methods implemented in a clientless manner on a user device are disclosed.
John A. Chanak, Patrick Foxhoven, William Fehring, Denzil Wessels, Kunal Shah, Subramanian Srinivasan
Filed: 22 May 18
Utility
67s5n79n6yfkbhgkhlqkny49qey6z6dnwzjzibgm
30 Mar 20
A distributed security method is implemented in a processing node of a distributed security system comprising one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user.
Kailash Kailash, Shashidhara Mysore Nanjundaswamy, Amarnath Mullick, Jose Kolenchery Rappel
Filed: 28 Dec 17
Utility
hbujmcf3 k3x4azp34l167lakobxb
23 Mar 20
A distributed security method is implemented in a processing node of a distributed security system comprising one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user.
Kailash Kailash, Shashidhara Mysore Nanjundaswamy, Amarnath Mullick, Jose Kolenchery Rappel
Filed: 23 May 16
Utility
c1a0wo74olzea42lys5hd2f0u
16 Mar 20
A multi-tenant cloud-based firewall method from a client, performed by a cloud node, includes receiving a packet from the client, wherein the client is located externally from the cloud node; checking if a firewall session exists for the packet, and if so, processing the packet on a fast path where a lookup is performed to find the firewall session; if no firewall session exists, creating the firewall session; and processing the packet according to the firewall session and one or more rules.
Srikanth Devarajan, Vladimir Stepanenko, Ravinder Verma, James Kawamoto
Filed: 16 Nov 15
Utility
azx9mi37fvk6c4lmnhtvpkg3d1ia437bj2xfu 72o1ky4ndf
11 Mar 20
Mobile device security, device management, and policy enforcement are described in a cloud based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc.
Amit Sinha, Narinder Paul, Srikanth Devarajan
Filed: 11 Nov 19
Utility
rntuy745aej1kvbh5wswvkhu0p93kytj8xu4h5scvuv2rqvbu
9 Mar 20
Systems and methods for tracking and auditing changes in one or more cloud-based systems include, at a Web application, intercepting requests between one or more users and the Web application associated with the one or more cloud-based systems and creating log messages based on the intercepted requests; at a log forwarder in the logging system, forwarding the log messages to a log indexer; at the log indexer in the logging system, receiving the forwarded log messages and indexing the forwarded log messages in a centralized storage; and, at the logging system, responsive to a query, forwarding responsive indexed data from the centralized storage, based on the query.
Manav Verma, Sofian Halim, Gunjan Bhasin
Filed: 8 Jul 15
Utility
3uhzc14hyqjwvcv81y5wpq3 zwjolvag860xy2p8rtpev8w
4 Mar 20
Systems and methods for device identification for management and policy in the cloud, using a combination of several hardware parameters and user's identification to generate a unique identifier for a user device and associated user.
Ajit Singh, Vivek Ashwin Raman, Abhinav Bansal
Filed: 4 Nov 19
Utility
ov3 7z0aigoz1v6g3zpluz1ynsgu
26 Feb 20
Systems and methods for security and control of Internet of Things (IOT) and ZeroConf devices using cloud services.
Abhinav Bansal
Filed: 29 Oct 19
Utility
0aiu18phg9qfosuha4 3sut8f0hg7uzxap5o0g4mer8cubzlb1dpbft1f
24 Feb 20
A cloud-based method of service function chaining using Security Assertion Markup Language (SAML) assertions includes receiving configuration information related to any of users, services, and correspondence between the users and the services; responsive to a request from a user, generating a SAML assertion for the request and attaching a stack of service tags with the SAML assertion, wherein the stack of service tags defines a service chain for the user and for the request; and providing the SAML assertion with the stack of service tags to the user in response to the request.
Purvi Desai, Abhinav Bansal, Tejus Gangadharappa
Filed: 11 Jan 17
Utility
l5cp99tauhl bvhl58bs480jsexr0wgdkk6
29 Jan 20
A cloud system includes a plurality of cloud nodes configured to implement a cloud service which is used by a plurality of clients; a cloud management system communicatively coupled to the plurality of cloud nodes and configured to manage the plurality of cloud nodes; and a probe endpoint service executed on a cloud node, wherein a client is configured to utilize the cloud service based on a connection between the client and the cloud node executing the probe endpoint service, wherein the client is configured to execute a probe client, wherein the probe client is configured to periodically transmit probes and receive probe responses which are either empty responses denoting connectivity or a response body with maintenance or situational data contained therein, and wherein the probe client is configured to perform mitigation actions based on reception of the data.
Eduardo Manuel Parra, Michael Ted Richard
Filed: 23 Jul 18
Utility
4ysswu4ybtox9w23uhb8 zg9o79u2ncdm6it2c7zm
30 Dec 19
Mobile device security, device management, and policy enforcement are described in a cloud based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc.
Amit Sinha, Narinder Paul, Srikanth Devarajan
Filed: 12 May 16
Utility
bbelpkb0po8rkni8bff30b4kfqvm24c45f ehef1bum9icxd
16 Dec 19
A server configured to profile a mobile device for a cloud-based system, includes a network interface, a data store, and a processor communicatively coupled to one another; and memory storing computer executable instructions, and in response to execution by the processor, the computer-executable instructions cause the processor to, based on communication to a client application on the mobile device, cause the client application to collect data associated with the mobile device; receive the collected data; and determine a device fingerprint and a risk index for the mobile device based on the collected data, wherein the device fingerprint is utilized to uniquely identify the mobile device and the risk index is utilized to manage the mobile device.
Abhinav Bansal, Purvi Desai
Filed: 20 Jan 19
Utility
onp7rypojtmi82tz9 13t0qzfi05
2 Dec 19
Systems and method implemented through a distributed security system for determining and addressing risk of users, groups of users, locations, and/or companies include obtaining log data from the distributed security system; analyzing the log data to obtain a risk score for an entity associated with the distributed security system, wherein the entity comprises one of a user, a group of users, a location, and a company, and wherein the risk score is a weighted combination of pre-infection behavior, post-infection behavior, and suspicious behavior; performing one or more remedial actions for the entity; and subsequently obtaining updated log data and analyzing the updated log data to obtain an updated risk score to determine efficacy of the one or more remedial actions.
Loren Weith, Deepen Desai, Amit Sinha
Filed: 7 Aug 17
Utility
66zdj0r9m52q2qmct55g9vrty
2 Dec 19
Systems and methods of monitoring and controlling Internet of Things (IOT) and ZeroConf devices using a cloud-based security system include receiving fingerprints of the IOT and ZeroConf devices and data related to operation from a plurality of user devices; receiving updates related to the IOT and ZeroConf devices, configuration thereof, and proper operation thereof; determining security risk of the IOT and ZeroConf devices based on the fingerprints, the data related to operation, and the updates; and providing the security risk to the plurality of user devices and causing one or more policy-based actions to be performed based on the security risk.
Abhinav Bansal
Filed: 13 Sep 17
Utility
3a47pwhs0pebayo2mxj4ie9co5cxlph
20 Nov 19
Systems and methods include receiving a request, in a cloud system from a user device, to access an application, wherein the application is in one of a public cloud, a private cloud, and an enterprise network, and wherein the user device is remote over the Internet; determining if the user device is permitted to access the application; if the user device is not permitted to access the application, notifying the user device the application does not exist; and if the user device is permitted to access the application, stitching together connections between the cloud system, the application, and the user device to provide access to the application.
Patrick Foxhoven, John A. Chanak, William Fehring, Denzil Wessels, Purvi Desai, Manoj Apte, Sudhindra P. Herle
Filed: 31 Jul 19
Utility
vsh5r0oafoi3s9ujnncy6lf9ktebhcvag3hro5v973ano
16 Oct 19
Systems and methods include obtaining data from a log system storing historical transactions monitored by a security system; creating one or more mock transactions based on the data; and analyzing the one or more mock transactions with a signature pattern matching engine having updates provided therein subsequent to a time of the historical transactions.
Deepen Desai
Filed: 25 Jun 19
Utility
dh5wwuux6tnm0ul4 pws16ntd2w6
9 Oct 19
Systems and methods for managing configurations of distributed computing services include responsive to an update to a configuration of a service, performing a write to a cryptographically bound journal; validating the write by a plurality of validators; responsive to validation of the write, permanently recording the write in the cryptographically bound journal in a block chain; and providing an update to the cryptographically bound journal to the distributed computing services.
Subramanian Srinivasan
Filed: 9 Apr 18
Utility
7zlpb6fpsccqo0kbmwoypghwi3ofkms3bfdnwmx21
30 Sep 19
Systems and methods include, at the gateway, receiving a domain request from a user device executing a HyperText Transfer Protocol (HTTP) Strict Transport Security (HSTS) application that detects the domain request from a browser or application executed on the user device; transmitting a response to the user device with support of HTTP Security (HTTPS) by the domain; receiving an updated domain request with information removed based on the HTTPS support of the domain; and redirecting the user device to the domain.
Ajit Singh
Filed: 20 Jan 19
Utility
ke4b9jlf bsibe50klzv7
30 Sep 19
Systems and methods of detecting Domain Name System (DNS) tunnels for monitoring thereof include obtaining data related to DNS traffic between DNS nameservers and clients; determining a score for each DNS nameserver based on the data to characterize DNS queries over a period of time for each DNS nameserver, wherein the score incorporates all DNS queries associated with the associated DNS nameserver over the period of time; determining one or more DNS nameservers likely operating DNS tunnels based on the score; and performing one or more actions on the one or more DNS nameservers related to the DNS tunnels.
Sushil Pangeni, Vladimir Stepanenko, Ravinder Verma, Srikanth Devarajan
Filed: 16 Aug 17