Adjusting behavior of an endpoint security agent based on network location
Granted: January 28, 2025
Patent Number:
12212603
Systems and methods for adjusting the behavior of an endpoint security agent based on a network location are provided. According to an embodiment, an agent of an endpoint device detects whether the endpoint has moved to a new network by monitoring for changes to an IP address associated with the endpoint. When the detecting is affirmative, the agent further determines whether a trusted network determination service associated with a cloud-based security service is reachable. When the…
Intrusion protection system (IPS) for hash-based string detection without memory lookup table
Granted: January 28, 2025
Patent Number:
12212591
A CRC rule is generated for each CRC parity check circuit from a bank of CRC parity check circuits for mapping a fixed-length CRC output to a signature, each of the CRC parity check circuits servicing a specific string length. The selected CRC parity circuit outputs a fixed-length parity-check data for the specific data packet, and the string mapper maps the fixed-length parity-check data for the specific data packet to one of the string identifiers associated with the group of…
Embedding an artificially intelligent neuron capable of packet inspection and system optimization in IPV6 enabled WLAN networks
Granted: January 28, 2025
Patent Number:
12212497
Responsive to matching a site prefix to IPv6 network traffic from clients, the traffic as intended, and responsive to not matching the site prefix, classifying the corresponding traffic as unintended. An initial rate of packet occurrence and predict load caused by intended traffic and predicting load caused by unintended traffic is calculated, based on an initial rate of packet occurrence. The predicted traffic loads are fed back by configuring behavior of network modules according to…
Detecting anomalies in a network environment
Granted: January 21, 2025
Patent Number:
12206696
Activities within a network environment are monitored (e.g., using agents). At least a portion of the monitored activities are used to generate a logical graph model. The generated logical graph model is used to determine an anomaly. The detected anomaly is recorded and can be used to generate an alert.
Preemptive network remediation of wireless network issues with artificial intelligence to prevent user switches to wired networks
Granted: January 21, 2025
Patent Number:
12206544
A change of a user device from a wireless connection to the enterprise network to a wired connection to the enterprise network (or a cellular network) is detected. In response, a snapshot of network conditions relevant to the user device are detected. A health check on the network conditions can identify specific network issues negatively affecting the user device and the issues are remediated. A remediation model is generated with AI that a different user change will occur based on a…
Compiler plugin for special-purpose computer processors with dual support for design verification and release packaging
Granted: January 21, 2025
Patent Number:
12204824
A compiler (CPL) plugin comprises a TC to, responsive to a new DV test, read configuration settings and selects appropriate plugin processes based on the configuration settings. An API interface can generate images that control the special purpose processor during a stage of a plurality of stages for a CPL-related design verification (DV) test and call selected plugin processes. A common compiler module comprising a common function codebase. A DV specialized support module comprising a…
Customized anomaly detection in sandbox software security systems using graph convolutional networks
Granted: January 14, 2025
Patent Number:
12197562
An ML (machine learning) training logs are parsed for generating a set of heterogenous graphs having embedded nodes connected with edges determined with link prediction and denoting a hierarchical relationship between nodes. Each graph represents benign behavior from executing one of the files of a training database in the sandbox, wherein the nodes are embedded in the graph using GCN (graph convolution network) to calculate a real-valued vector with fixed dimension. A runtime module to…
Containerized firewall in an embedded device for protecting against malicious data traffic on a data communication network
Granted: January 14, 2025
Patent Number:
12199951
A new container of a pool of containers is spawned in the operating system of the embedded networking device to execute a firewall separate from an operating system of a host device. Each of the containers is generated by a separate toolchain to include custom runtime libraries. The firewall utilizes the custom libraries rather than the host libraries, and wherein user privileges within a container is different from user privileges for the host. The new container executes a firewall…
Systems and methods for preparing code for malicious behavior analysis
Granted: January 14, 2025
Patent Number:
12197572
Systems, devices, and methods are discussed that provide for discovering protected data from a code. Such detection provides an ability to discover potentially malicious code and/or datasets obfuscated within a code prior to full execution of the code.
Systems and methods for deobfuscation of executable code
Granted: January 14, 2025
Patent Number:
12197571
Systems, devices, and methods are discussed that provide for discovering protected data from a code. Such detection provides an ability to discover potentially malicious code and/or datasets obfuscated within a code prior to full execution of the code.
Systems and methods for portable computing device protection
Granted: January 7, 2025
Patent Number:
12192178
Various approaches for providing intermediary threat detection. In some cases, the intermediary threat detection is performed by a communication control port that operatively couples with a portable computing device to protect the portable computing device from network based vulnerabilities and exploits.
Evaluation of web requests with an external source of information by browser extensions using an internal gateway page
Granted: January 7, 2025
Patent Number:
12190130
A web request to the web browser is intercepted by the web browser extension to determine whether information is synchronously available to evaluate the web request. Responsive to not having information for synchronous evaluation, the web request is redirected to display a gateway page while asynchronous obtaining information from an external information provider server, the request tracked with a request identifier and storing the asynchronously gathered information for synchronous…
Machine learning systems and methods for API discovery and protection by URL clustering with schema awareness
Granted: December 31, 2024
Patent Number:
12184732
An application programming interface discovery system is disclosed, including a processing resource to execute instructions to receive a tree structure, wherein the tree structure includes at least a first branch indicating a URL, a method, and a schema corresponding to a first network traffic, receive a second branch indicating a URL, a method, and a schema corresponding to a second network traffic, consider URLs and methods of a number of branches of the tree structure to as a cluster,…
Detecting malicious behavior in a network using security analytics by analyzing process interaction ratios
Granted: December 24, 2024
Patent Number:
12174947
Systems and methods for detecting malicious behavior in a network by analyzing process interaction ratios (PIRs) are provided. According to one embodiment, information regarding historical process activity is maintained. The historical process activity includes information regarding various processes hosted by computing devices of a private network. Information regarding process activity within the private network is received for a current observation period. For each process, for each…
Systems and methods for using vector model normal exclusion in natural language processing to characterize a category of messages
Granted: December 10, 2024
Patent Number:
12164628
Systems, devices, and methods are disclosed in relation to a vector space model that may be used to characterize a category of messages. In one of many possible implementations, the frequency of words found within a piece of text is determined. These frequencies are compared against the frequencies of words within a given corpus like the Oxford English Corpus by first converting the frequencies to probabilities via the inverse cumulative distribution function assuming a normal…
Remote debugging of local GUI rendering by playing back a capture file to recreate a real-time local network environment
Granted: December 10, 2024
Patent Number:
12164415
Debug engine receives a capture file over the network interface and initiate playback by executing the capture file with the processor. The capture file comprises real-time local network environment video synchronized with data captured by a local browser at a local station interacting with a local network gateway device over a local network. The capture file is played back, using a mock server including transmitting HTTP requests from the capture file at the developer station to the…
Systems and methods for identifying security requirements in a ZTNA system
Granted: November 19, 2024
Patent Number:
12149540
Various embodiments provide systems and methods for providing security in a ZTNA system.
Distributed security fabric generation over multiple levels of network gateways
Granted: November 12, 2024
Patent Number:
12143422
Responsive to the request for a security fabric report, an upper-level node transits a request to a lower-level node for a subtree security report. If there are additional network gateways at lower hierarchical levels, the next level down repeats the process. A root level network gateway will transmit the first request, as the high level of the hierarchy, and a last leaf receives the last request, as the lowest level. An overall security fabric report is returned from the root node.
Deduplication of monitored communications data in a cloud environment
Granted: October 29, 2024
Patent Number:
12130878
Example systems and methods monitor a cloud compute environment. An example method includes: determining, by an agent deployed in a cloud environment and based on a plurality of data packets transmitted over a plurality of network interfaces of the cloud environment, a set of data packets that are associated with a communication between a first container and a second container; determining, by the agent and based on the set of data packets, communication data associated with the…
Leveraging generative artificial intelligence (‘AI’) for securing a monitored deployment
Granted: October 22, 2024
Patent Number:
12126643
Leveraging generative artificial intelligence (‘AI’) for securing a monitored deployment, including: receiving natural language input associated with the monitored deployment, the monitored deployment monitored by a monitoring tool; and receiving, from a generative AI application, a response to the natural language input, wherein: the generative AI application accesses publicly available information as well as data sources associated with the monitoring tool; and the response is…
