Using activity monitored by multiple data sources to identify shadow systems
Granted: March 4, 2025
Patent Number:
12244621
Using activity monitored by multiple data sources to identify shadow systems, the method comprising: gathering first information describing access to one or more resources by one or more user devices of a user; gathering, from at least a subset of the one or more user devices, second information describing access to the one or more resources; and identifying one or more shadow systems based on a discrepancy between the first information and the second information.
Single sign-on (SSO) identification across networks
Granted: February 18, 2025
Patent Number:
12231420
The DHCP requests can be sent by endpoints to get first IP addresses. SSO data concerning the endpoints is collected using an identity service. A DHCP fingerprint is generated for of the each endpoints, including the first IP addresses. DHCP fingerprints are stored to an SSO unification database along with corresponding SSO data for the endpoints at the first IP addresses, including a specific endpoint at a first IP address on the wired network. While tracking, the specific endpoint is…
Systems and methods for host name based network device pre-recognition and discovery
Granted: February 18, 2025
Patent Number:
12229209
Various approaches for identifying possible unsecured devices on a network as set forth. In some cases, approaches discussed relate to systems and methods for identifying possible unsecured devices based upon a host name for each of the discovered devices.
Systems and methods for security policy organization using a dual bitmap
Granted: February 11, 2025
Patent Number:
12225058
Systems, devices, and methods for correlating security policies to received packets are provided. In one example, a network device, maintains information regarding multiple security policies within a dual bitmap based search tree including a first bitmap and a second bitmap formatted as information embedded in a node structure. A packet is received by the network. A first field of the packet is compared with a first range, corresponding to a first bit location in the first bitmap in…
AI (artificial intelligence) driven dynamic self-remediation for wireless networks by dispatching robots
Granted: February 11, 2025
Patent Number:
12225028
An anomalous behavior is detected at an AI server device based on data communications managed by the wireless controller. In response to the detected behavior, a robot module can be deployed to a location of the anomalous behavior for testing. Once at the location, logs can be collected from testing or troubleshooting at the location and involving a remote access point proximate to the anomalous behavior (e.g., sniff and capture at specific channel or multiple channels in real-time).…
Systems and methods for using a network access device to secure a network prior to requesting access to the network by the network access device
Granted: February 11, 2025
Patent Number:
12225007
Various approaches for securing networks against access from off network devices. In some cases, embodiments discussed relate to systems and methods for identifying potential threats included in a remote network by a network access device prior to requesting access to a known secure network via the remote network.
Systems and methods for training an insider attack model using images having both region specificity and spatial relationships
Granted: February 11, 2025
Patent Number:
12223038
Systems, devices, and methods are disclosed that may be used for identifying potential insider attacks on a computer network.
Systems and methods for container server protection
Granted: February 4, 2025
Patent Number:
12218976
Systems, devices, and methods are discussed for enhancing security in a container server environment.
Intrusion protection system (IPS) for hash-based string detection without memory lookup table
Granted: January 28, 2025
Patent Number:
12212591
A CRC rule is generated for each CRC parity check circuit from a bank of CRC parity check circuits for mapping a fixed-length CRC output to a signature, each of the CRC parity check circuits servicing a specific string length. The selected CRC parity circuit outputs a fixed-length parity-check data for the specific data packet, and the string mapper maps the fixed-length parity-check data for the specific data packet to one of the string identifiers associated with the group of…
Adjusting behavior of an endpoint security agent based on network location
Granted: January 28, 2025
Patent Number:
12212603
Systems and methods for adjusting the behavior of an endpoint security agent based on a network location are provided. According to an embodiment, an agent of an endpoint device detects whether the endpoint has moved to a new network by monitoring for changes to an IP address associated with the endpoint. When the detecting is affirmative, the agent further determines whether a trusted network determination service associated with a cloud-based security service is reachable. When the…
Embedding an artificially intelligent neuron capable of packet inspection and system optimization in IPV6 enabled WLAN networks
Granted: January 28, 2025
Patent Number:
12212497
Responsive to matching a site prefix to IPv6 network traffic from clients, the traffic as intended, and responsive to not matching the site prefix, classifying the corresponding traffic as unintended. An initial rate of packet occurrence and predict load caused by intended traffic and predicting load caused by unintended traffic is calculated, based on an initial rate of packet occurrence. The predicted traffic loads are fed back by configuring behavior of network modules according to…
Detecting anomalies in a network environment
Granted: January 21, 2025
Patent Number:
12206696
Activities within a network environment are monitored (e.g., using agents). At least a portion of the monitored activities are used to generate a logical graph model. The generated logical graph model is used to determine an anomaly. The detected anomaly is recorded and can be used to generate an alert.
Preemptive network remediation of wireless network issues with artificial intelligence to prevent user switches to wired networks
Granted: January 21, 2025
Patent Number:
12206544
A change of a user device from a wireless connection to the enterprise network to a wired connection to the enterprise network (or a cellular network) is detected. In response, a snapshot of network conditions relevant to the user device are detected. A health check on the network conditions can identify specific network issues negatively affecting the user device and the issues are remediated. A remediation model is generated with AI that a different user change will occur based on a…
Compiler plugin for special-purpose computer processors with dual support for design verification and release packaging
Granted: January 21, 2025
Patent Number:
12204824
A compiler (CPL) plugin comprises a TC to, responsive to a new DV test, read configuration settings and selects appropriate plugin processes based on the configuration settings. An API interface can generate images that control the special purpose processor during a stage of a plurality of stages for a CPL-related design verification (DV) test and call selected plugin processes. A common compiler module comprising a common function codebase. A DV specialized support module comprising a…
Containerized firewall in an embedded device for protecting against malicious data traffic on a data communication network
Granted: January 14, 2025
Patent Number:
12199951
A new container of a pool of containers is spawned in the operating system of the embedded networking device to execute a firewall separate from an operating system of a host device. Each of the containers is generated by a separate toolchain to include custom runtime libraries. The firewall utilizes the custom libraries rather than the host libraries, and wherein user privileges within a container is different from user privileges for the host. The new container executes a firewall…
Systems and methods for preparing code for malicious behavior analysis
Granted: January 14, 2025
Patent Number:
12197572
Systems, devices, and methods are discussed that provide for discovering protected data from a code. Such detection provides an ability to discover potentially malicious code and/or datasets obfuscated within a code prior to full execution of the code.
Systems and methods for deobfuscation of executable code
Granted: January 14, 2025
Patent Number:
12197571
Systems, devices, and methods are discussed that provide for discovering protected data from a code. Such detection provides an ability to discover potentially malicious code and/or datasets obfuscated within a code prior to full execution of the code.
Customized anomaly detection in sandbox software security systems using graph convolutional networks
Granted: January 14, 2025
Patent Number:
12197562
An ML (machine learning) training logs are parsed for generating a set of heterogenous graphs having embedded nodes connected with edges determined with link prediction and denoting a hierarchical relationship between nodes. Each graph represents benign behavior from executing one of the files of a training database in the sandbox, wherein the nodes are embedded in the graph using GCN (graph convolution network) to calculate a real-valued vector with fixed dimension. A runtime module to…
Evaluation of web requests with an external source of information by browser extensions using an internal gateway page
Granted: January 7, 2025
Patent Number:
12190130
A web request to the web browser is intercepted by the web browser extension to determine whether information is synchronously available to evaluate the web request. Responsive to not having information for synchronous evaluation, the web request is redirected to display a gateway page while asynchronous obtaining information from an external information provider server, the request tracked with a request identifier and storing the asynchronously gathered information for synchronous…
Systems and methods for portable computing device protection
Granted: January 7, 2025
Patent Number:
12192178
Various approaches for providing intermediary threat detection. In some cases, the intermediary threat detection is performed by a communication control port that operatively couples with a portable computing device to protect the portable computing device from network based vulnerabilities and exploits.
