BSS (basic service set) fast transitions between access points using opportunistic key generation
Granted: April 8, 2025
Patent Number:
12273708
A station initiates fast BSS transition by a station from the source access point to the target access point. The target access point detects a failure by the Wi-Fi controller to retrieve a PMK-RO key for a requested PMKROName is detected. The PMKROName is parsed from an authentication request of the station. The failure can result in requiring a fresh BSS connection by the station. Responsive to the failure detection, a PMK-RO key is generated in cooperation with the Wi-Fi controller,…
Container network interface for applying security policies to network traffic of containers
Granted: April 1, 2025
Patent Number:
12267365
A specific container is spawned by a docker module responsive to Kebernetes control instruction. Network connectivity is provided for the specific container to a data communication network through a networking bridge and a security policy is configured. After configuration, inbound or outbound data packets concerning the specific container are received and forwarded to a security policy KVM for scanning against security policies. Those that pass security scanning are forwarded to…
Using user feedback for attack path analysis in an anomaly detection framework
Granted: April 1, 2025
Patent Number:
12267345
Using user feedback for attack path analysis in an anomaly detection framework, including: performing an attack path analysis for a cloud deployment; receiving, from a user, user feedback for an attack vector of the attack path analysis; and initiating, based on the user feedback, a workflow for modifying one or more parameters for generating the attack path analysis.
Systems and methods for automated risk-based network security focus
Granted: March 25, 2025
Patent Number:
12261875
Systems, devices, and methods are discussed for automatically determining a risk-based focus in determining zero trust network access policy on one or more network elements.
Time series anomaly detection
Granted: March 25, 2025
Patent Number:
12261866
Time series anomaly detection, including: gathering data associated with a particular event type and a particular user; generating, based on the data, a time series analysis; detecting an anomaly based on the time series analysis; and generating information describing the anomaly.
Systems and methods for dynamic network baiting
Granted: March 18, 2025
Patent Number:
12255907
Various embodiments provide systems and methods systems and methods for dynamically attracting malicious network behavior.
Systems and methods for enabling detection of threats based upon color
Granted: March 18, 2025
Patent Number:
12254086
Systems, devices, and methods are disclosed for encoding behavioral information into an image format to facilitate image based behavioral identification.
Using activity monitored by multiple data sources to identify shadow systems
Granted: March 4, 2025
Patent Number:
12244621
Using activity monitored by multiple data sources to identify shadow systems, the method comprising: gathering first information describing access to one or more resources by one or more user devices of a user; gathering, from at least a subset of the one or more user devices, second information describing access to the one or more resources; and identifying one or more shadow systems based on a discrepancy between the first information and the second information.
Systems and methods for host name based network device pre-recognition and discovery
Granted: February 18, 2025
Patent Number:
12229209
Various approaches for identifying possible unsecured devices on a network as set forth. In some cases, approaches discussed relate to systems and methods for identifying possible unsecured devices based upon a host name for each of the discovered devices.
Single sign-on (SSO) identification across networks
Granted: February 18, 2025
Patent Number:
12231420
The DHCP requests can be sent by endpoints to get first IP addresses. SSO data concerning the endpoints is collected using an identity service. A DHCP fingerprint is generated for of the each endpoints, including the first IP addresses. DHCP fingerprints are stored to an SSO unification database along with corresponding SSO data for the endpoints at the first IP addresses, including a specific endpoint at a first IP address on the wired network. While tracking, the specific endpoint is…
Systems and methods for security policy organization using a dual bitmap
Granted: February 11, 2025
Patent Number:
12225058
Systems, devices, and methods for correlating security policies to received packets are provided. In one example, a network device, maintains information regarding multiple security policies within a dual bitmap based search tree including a first bitmap and a second bitmap formatted as information embedded in a node structure. A packet is received by the network. A first field of the packet is compared with a first range, corresponding to a first bit location in the first bitmap in…
AI (artificial intelligence) driven dynamic self-remediation for wireless networks by dispatching robots
Granted: February 11, 2025
Patent Number:
12225028
An anomalous behavior is detected at an AI server device based on data communications managed by the wireless controller. In response to the detected behavior, a robot module can be deployed to a location of the anomalous behavior for testing. Once at the location, logs can be collected from testing or troubleshooting at the location and involving a remote access point proximate to the anomalous behavior (e.g., sniff and capture at specific channel or multiple channels in real-time).…
Systems and methods for using a network access device to secure a network prior to requesting access to the network by the network access device
Granted: February 11, 2025
Patent Number:
12225007
Various approaches for securing networks against access from off network devices. In some cases, embodiments discussed relate to systems and methods for identifying potential threats included in a remote network by a network access device prior to requesting access to a known secure network via the remote network.
Systems and methods for training an insider attack model using images having both region specificity and spatial relationships
Granted: February 11, 2025
Patent Number:
12223038
Systems, devices, and methods are disclosed that may be used for identifying potential insider attacks on a computer network.
Systems and methods for container server protection
Granted: February 4, 2025
Patent Number:
12218976
Systems, devices, and methods are discussed for enhancing security in a container server environment.
Adjusting behavior of an endpoint security agent based on network location
Granted: January 28, 2025
Patent Number:
12212603
Systems and methods for adjusting the behavior of an endpoint security agent based on a network location are provided. According to an embodiment, an agent of an endpoint device detects whether the endpoint has moved to a new network by monitoring for changes to an IP address associated with the endpoint. When the detecting is affirmative, the agent further determines whether a trusted network determination service associated with a cloud-based security service is reachable. When the…
Intrusion protection system (IPS) for hash-based string detection without memory lookup table
Granted: January 28, 2025
Patent Number:
12212591
A CRC rule is generated for each CRC parity check circuit from a bank of CRC parity check circuits for mapping a fixed-length CRC output to a signature, each of the CRC parity check circuits servicing a specific string length. The selected CRC parity circuit outputs a fixed-length parity-check data for the specific data packet, and the string mapper maps the fixed-length parity-check data for the specific data packet to one of the string identifiers associated with the group of…
Embedding an artificially intelligent neuron capable of packet inspection and system optimization in IPV6 enabled WLAN networks
Granted: January 28, 2025
Patent Number:
12212497
Responsive to matching a site prefix to IPv6 network traffic from clients, the traffic as intended, and responsive to not matching the site prefix, classifying the corresponding traffic as unintended. An initial rate of packet occurrence and predict load caused by intended traffic and predicting load caused by unintended traffic is calculated, based on an initial rate of packet occurrence. The predicted traffic loads are fed back by configuring behavior of network modules according to…
Compiler plugin for special-purpose computer processors with dual support for design verification and release packaging
Granted: January 21, 2025
Patent Number:
12204824
A compiler (CPL) plugin comprises a TC to, responsive to a new DV test, read configuration settings and selects appropriate plugin processes based on the configuration settings. An API interface can generate images that control the special purpose processor during a stage of a plurality of stages for a CPL-related design verification (DV) test and call selected plugin processes. A common compiler module comprising a common function codebase. A DV specialized support module comprising a…
Preemptive network remediation of wireless network issues with artificial intelligence to prevent user switches to wired networks
Granted: January 21, 2025
Patent Number:
12206544
A change of a user device from a wireless connection to the enterprise network to a wired connection to the enterprise network (or a cellular network) is detected. In response, a snapshot of network conditions relevant to the user device are detected. A health check on the network conditions can identify specific network issues negatively affecting the user device and the issues are remediated. A remediation model is generated with AI that a different user change will occur based on a…
