Fortinet Patent Grants

Cloud-based orchestration of incident response using multi-feed security event classifications

Granted: March 12, 2024
Patent Number: 11930022
Systems and methods for performing multi-feed classification of security events to facilitate automated IR orchestration are provided. According to one embodiment a cloud-based security service protecting a private network provides a plurality of data feeds, wherein each data feed of the plurality of data feeds independently classify a given security event and produce a classification result. In response to an event associated with a process of an endpoint device that is part of the…

Dynamic elimination of old IPv6 addresses from WLAN/BYOD/IOT devices INDHCPv6 stateless mode after transitioning between VLANs

Granted: March 12, 2024
Patent Number: 11929850
A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits an RA to the station with a preferred lifetime of 0,…

Machine learning systems and methods for regression based active learning

Granted: March 12, 2024
Patent Number: 11928593
Among a great deal of other disclosure and scope, systems and methods are enclosed that enable for highly efficient labeling of data. For example, in some of many cases, a novel methodology for ranking vectors most useful to label next is disclosed. In such an example, a neural network is trained to predict this ranking methodology upon being given a set of heuristics from which to assess the given problem space. A user can continue the cycle of identifying a set of candidate vectors to…

Intent-based orchestration of independent automations

Granted: March 12, 2024
Patent Number: 11928499
Systems and methods for intent-based orchestration of independent automation are described.

Leveraging user-behavior analytics for improved security event classification

Granted: March 5, 2024
Patent Number: 11924235
Systems and methods for improving security event classification by leveraging user-behavior analytics are provided. According to an embodiment, a UEBA-based security event classification service of a cloud-based security platform maintains information regarding historical user behavior of various users of an enterprise network. An endpoint protection platform running on an endpoint device that is part of the enterprise network performs an initial classification of the event, based on…

Systems and methods for automated SD-WAN performance rule formation

Granted: March 5, 2024
Patent Number: 11924062
Systems, devices, and methods are discussed for defining and monitoring network communication performance in an SD-WAN environment.

Real-time minimal vector labeling scheme for supervised machine learning

Granted: March 5, 2024
Patent Number: 11921820
Systems and methods are described for training a machine learning model using intelligently selected multiclass vectors. According to an embodiment, a set of un-labeled feature vectors are received. The set of feature vectors are grouped into clusters within a vector space having fewer dimensions than the first set of feature vectors by applying a homomorphic dimensionality reduction algorithm to the set of feature vectors and performing centroid-based clustering. An optimal set of…

Systems and methods for using a network access device to secure a network prior to requesting access to the network by the network access device

Granted: February 27, 2024
Patent Number: 11916902
Various approaches for securing networks against access from off network devices. In some cases, embodiments discussed relate to systems and methods for identifying potential threats included in a remote network by a network access device prior to requesting access to a known secure network via the remote network.

Mitigating malware impact by utilizing sandbox insights

Granted: February 20, 2024
Patent Number: 11909761
Systems and methods for mitigating the impact of malware by reversing malware related modifications in a computing device are provided. According to an embodiment, a sandbox service running within a network security platform protecting an enterprise network receives a file containing malware and associated contextual information from an endpoint security solution running on an endpoint device, which has been infected by the malware. The sandbox service captures information regarding a…

Systems and methods for four dimensional network session authorization

Granted: February 20, 2024
Patent Number: 11909826
Various embodiments provide systems and methods for automatically defining and enforcing network sessions based upon at least four dimensions of segmentation.

Dynamic retrieval of region code for network devices on data communication networks

Granted: February 20, 2024
Patent Number: 11907069
In network devices, during manufacturing, input for designation of a region code to be a non-specific region code is stored in a BIOS memory of the network device, and a specific region code is stored off the BIOS. During boot up, the BIOS is checked for a specific region code to regulate wireless transmissions at a physical location of operation. Responsive to receiving the non-specific region code from BIOS, the specific region code is requested from a region code server based on a…

Generating and managing message correction and retraction history from a chat server

Granted: February 13, 2024
Patent Number: 11902230
Changes on a chat client, such as one or more edits or retractions, and is characterized relative to an original chat string, and uploaded to a chat server for storage. The chat server combines the message change with at least a second change to the specific chat string uploaded from a different chat client. Responsive to a regeneration of the chat string on the chat client, the chat daemon downloads the combined message change from the chat server. The edits and retractions originating…

Generating and managing message correction and retraction history from a chat server

Granted: February 13, 2024
Patent Number: 11902230
Changes on a chat client, such as one or more edits or retractions, and is characterized relative to an original chat string, and uploaded to a chat server for storage. The chat server combines the message change with at least a second change to the specific chat string uploaded from a different chat client. Responsive to a regeneration of the chat string on the chat client, the chat daemon downloads the combined message change from the chat server. The edits and retractions originating…

Systems and methods for generating soar playbooks

Granted: February 6, 2024
Patent Number: 11894981
Various approaches are discussed for generation of SOAR playbooks using a variety playbook sources.

Artificially intelligent WLAN uplink monitoring for steering wireless stations to selective access points on wireless data communication networks

Granted: January 23, 2024
Patent Number: 11882467
Specific clients are assigned to a second access point based balancing an Ethernet uplink load status of the specific access point relative to the uplink load status of access points across a WLAN system, wherein the RSSI strength of the specific client relative to a first access point is higher than the RSSI strength of the specific client relative to the second access point.

Machine-learning based approach for dynamically generating incident-specific playbooks for a security orchestration, automation and response (SOAR) platform

Granted: January 23, 2024
Patent Number: 11882135
Systems and methods for a machine-learning based approach for dynamically generating incident-specific playbooks for a security orchestration and automated response (SOAR) platform are provided. The SOAR platform captures information regarding execution of a sequence of actions performed by analysts responsive to a first incident of a first type. The captured information is fed into a machine-learning model. When a second incident, observed by the SOAR platform, is similar in nature to…

Improving incident classification and enrichment by leveraging context from multiple security agents

Granted: January 23, 2024
Patent Number: 11882128
Systems and methods are described for synergistically combining network security technologies to improve incident classification and enrichment. According to one embodiment, an endpoint protection platform running on an endpoint device receives a request via an event management agent of the endpoint protection platform from an event management service for process information relating to an incident detected by the event management service. The request is caused to be processed by an…

Systems and methods for hierarchical facial image clustering

Granted: January 23, 2024
Patent Number: 11881053
Various systems and methods for for clustering facial images in, for example, surveillance systems.

Centralized state database storing state information

Granted: January 16, 2024
Patent Number: 11874845
Systems and methods for a cloud state engine are provided. According to one embodiment, a query pertaining to state information associated with a packet to be processed by a first packet processing device of multiple packet processing devices associated with a distributed security environment is received by a centralized state engine running on a computing device associated with the distributed security environment. The state information associated with the packet influences how the…

Systems and methods for centrally managed host and network firewall services

Granted: January 9, 2024
Patent Number: 11870814
Systems and methods for a unified, cloud-managed platform for controlling enterprise network security are provided. According to one embodiment, a network of an enterprise is protected by a cloud-managed platform. An underlying architecture of the cloud-managed platform is abstracted by providing a portal through which modifications to security policies are expressed as business requirements of the enterprise. The security policies are automatically enforced regardless of location or…