Symantec Patent Applications

SYSTEMS AND METHODS FOR PROTECTING ORGANIZATIONS AGAINST SPEAR PHISHING ATTACKS

Granted: September 17, 2015
Application Number: 20150264084
A computer-implemented method for protecting organizations against spear phishing attacks may include (1) searching a plurality of websites for user profiles belonging users who are affiliated with an organization and who have access to at least one privileged computing resource controlled by the organization, (2) retrieving, from the user profiles, personal information describing the users, (3) determining, based on the personal information, that a portion of the user profiles belongs…

SYSTEMS AND METHODS FOR PRE-INSTALLATION DETECTION OF MALWARE ON MOBILE DEVICES

Granted: September 17, 2015
Application Number: 20150261954
A computer-implemented method for pre-installation detection of malware on mobile devices may include intercepting one or more communications of an application installation agent that installs applications on a mobile computing device. The method may further include identifying, based on the one or more intercepted communications, an application that has been at least partially downloaded by the application installation agent. The method may also include, in response to identifying the…

SYSTEMS AND METHODS FOR DETECTING INFORMATION LEAKAGE BY AN ORGANIZATIONAL INSIDER

Granted: September 17, 2015
Application Number: 20150261940
A computer-implemented method for detecting information leakage by an organizational insider may include (1) identifying a set of organizational insiders of an organization, (2) identifying a set of public forums used by one or more organizational insiders, (3) identifying a set of messages posted to one or more public forums, (4) creating a message record corresponding to each message, with the record including a message summary, and a set of message metadata fields, (5) consolidating…

SYSTEMS AND METHODS FOR PROVIDING SECURE ACCESS TO LOCAL NETWORK DEVICES

Granted: September 3, 2015
Application Number: 20150249645
A computer-implemented method for providing secure access to local network devices may include (1) identifying a local area network that provides Internet connectivity to at least one device within the local area network, (2) obtaining, from an identity assertion provider, (i) a shared secret for authenticating the identity of a guest user of the device and (ii) a permission for the guest user to access the device from outside the local area network, (3) storing the shared secret and the…

SYSTEMS AND METHODS FOR OPTIMIZING SCANS OF PRE-INSTALLED APPLICATIONS

Granted: August 27, 2015
Application Number: 20150244729
A computer-implemented method for optimizing scans of pre-installed applications may include (1) identifying, on a client device, a plurality of applications that are subject to scan-based assessments, (2) determining that the plurality of applications were pre-installed on the client device via a system image for the client device, (3) generating a fingerprint that represents the system image, and (4) fulfilling the scan-based assessments for the plurality of applications by…

SPLITTING CERTIFICATE STATUS RESPONSES EVENLY ACROSS MULTIPLE DISTRIBUTED CERTIFICATE STATUS RESPONDERS

Granted: August 27, 2015
Application Number: 20150244533
Techniques are disclosed for evenly distributing certificate status validity messages across multiple response servers. A certificate authority (CA) may partition subsets of online certificate status protocol (OCSP) responses to each be handled by OCSP response servers. The partitions are based on serial numbers of the underlying digital certificates of the OCSP responses. For example, to determine which OCSP response server is assigned to distribute a particular OCSP response, a modulo…

SYSTEMS AND METHODS FOR APPLYING DATA LOSS PREVENTION POLICIES TO CLOSED-STORAGE PORTABLE DEVICES

Granted: August 20, 2015
Application Number: 20150237070
A computer-implemented method for applying data loss prevention policies to closed-storage portable devices may include (1) injecting a data loss prevention component into at least one application process that is running on a computing device, (2) intercepting, via the data loss prevention component, an attempt by the application process to transfer a file to a closed-storage portable device that is connected to the computing device, (3) identifying a data loss prevention policy that…

SYSTEMS AND METHODS FOR AUTHENTICATING AN APPLICATION

Granted: August 20, 2015
Application Number: 20150235042
A computer-implemented method for authenticating an application is described. In one embodiment, a software package is received and the software package may be authorized based at least in part on an evaluation of the software package. Upon authorizing the software package, a signature file is embedded in a directory of the software package. A request to use a privileged service provided by a service provider is received from a client. In some embodiments, the request includes a custom…

SYSTEMS AND METHODS FOR SCANNING PACKED PROGRAMS IN RESPONSE TO DETECTING SUSPICIOUS BEHAVIORS

Granted: August 13, 2015
Application Number: 20150227742
A computer-implemented method for scanning packed programs in response to detecting suspicious behaviors may include (1) executing a packed program that may include (i) malicious code that has been obfuscated within the packed program and (ii) unpacking code that deobfuscates and executes the malicious code when the packed program is executed, (2) monitoring, while the packed program is executing, how the packed program behaves, (3) detecting, while monitoring how the packed program…

SYSTEMS AND METHODS FOR INFORMING USERS ABOUT APPLICATIONS AVAILABLE FOR DOWNLOAD

Granted: August 13, 2015
Application Number: 20150229655
A computer-implemented method for informing users about applications available for download may include (1) identifying, through sharing functionality provided by an operating system, shared content that identifies an application hosted by an application distribution platform, (2) in response to identifying the shared content, obtaining security information about the identified by the shared content, and (3) informing, prior to a user downloading the application, the user of the obtained…

VIRTUAL IDENTITY OF A USER BASED ON DISPARATE IDENTITY SERVICES

Granted: July 30, 2015
Application Number: 20150215348
A virtual identity and context module may generate a virtual identity for a user. Virtual identities for different categories of users may be sourced from disparate identity services. For example, a first authentication of the user provided by a first identity service may be identified. A first virtual attribute field of the virtual identity may be populated or filled based on a first attribute field associated with the first identity service. A second identity service associated with…

AUTHENTICATION SEQUENCING BASED ON NORMALIZED LEVELS OF ASSURANCE OF IDENTITY SERVICES

Granted: July 30, 2015
Application Number: 20150215319
An authentication sequencing and normalization module may receive a first authentication associated with a user and assign a level of assurance value to the user based on the first authentication from a first identity service of a specific type. If the user is associated with a second authentication, based on a second identity service of an alternate type, then the level of assurance value assigned to the user may be incremented. Furthermore, access to an application by the user may be…

TECHNIQUES FOR PROVIDING DYNAMIC ACCOUNT AND DEVICE MANAGEMENT

Granted: July 2, 2015
Application Number: 20150188846
Techniques for providing data in dynamic account and device management are disclosed. In one particular exemplary embodiment, the techniques may be realized as a system for providing data in dynamic account and device management. The system may comprise one or more processors communicatively coupled to a network. The one or more processors may be configured to identify a user device to be managed. The one or more processors may be configured to transmit a request for delegate authority…

SYSTEMS AND METHODS FOR INJECTING CODE INTO AN APPLICATION

Granted: July 2, 2015
Application Number: 20150186114
A computer-implemented method for injecting code into an application is described. In one embodiment, a metadata pointer is identified. The metadata pointer points to a first metadata section in an application startup file. The first metadata section includes application metadata. A second metadata section is created in the application startup file. The application metadata is copied to the second metadata section. The second metadata section includes copied application metadata. The…

SYSTEMS AND METHODS FOR IMPROVING SNAPSHOT PERFORMANCE

Granted: July 2, 2015
Application Number: 20150186044
Techniques for improving snapshot performance are disclosed. In one embodiment, the techniques may be realized as a method for improving snapshot performance comprising initiating change block tracking for each unit of storage associated with each of a plurality of virtual machines, creating backup images of each unit of storage associated with each of the plurality of virtual machines, quiescing each of the plurality of virtual machines, and creating snapshots of each unit of storage…

MULTI-ALGORITHM KEY GENERATION AND CERTIFICATE INSTALL

Granted: June 25, 2015
Application Number: 20150180860
Techniques are disclosed for generating multiple key pairs using different algorithms and similarly installing certificates signed using the different algorithms. A customer server receives a selection of algorithms for generating a public/private key pair (e.g., RSA, ECC, DSA, etc.). The customer server generates key pairs for each selection and also generates corresponding certificate signing requests (CSR). The customer server sends the CSRs to a certificate authority (CA). The CA…

SYSTEMS AND METHODS FOR INTRODUCING VARIATION IN SUB-SYSTEM OUTPUT SIGNALS TO PREVENT DEVICE FINGERPRINTING

Granted: June 25, 2015
Application Number: 20150180834
A computer-implemented method for introducing variation in sub-system output signals to prevent device fingerprinting may include (1) intercepting, on a computing device, an output signal sent from a sub-system device on a computing device to a software component on the computing device, (2) identifying a margin of error for the output signal, (3), creating a modified output signal by introducing variation into the output signal in such a way that (a) the variation does not exceed the…

DEVICE-BASED PIN AUTHENTICATION PROCESS TO PROTECT ENCRYPTED DATA

Granted: June 25, 2015
Application Number: 20150178515
Techniques are disclosed for providing a device-based PIN authentication process used to protect encrypted data stored on a computing system, such as a tablet or mobile device. A client component and a server component each store distinct cryptographic keys needed to access encrypted data on the client. The mobile device stores a vault encryption key used to decrypt encrypted sensitive data stored on the mobile device. The vault key is encrypted using a first encryption key and stored on…

SYSTEMS AND METHODS FOR GENERATING CATALOGS FOR SNAPSHOTS

Granted: June 25, 2015
Application Number: 20150178167
A computer-implemented method for generating catalogs for snapshots may include (1) identifying an initial snapshot and a subsequent snapshot for a protected volume, (2) providing identifiers of the initial snapshot and the subsequent snapshot to a storage vendor application programming interface (API), (3) receiving, from the storage vendor API, an indication of at least one difference between the initial snapshot and the subsequent snapshot, and (4) synthetically generating a catalog…

CERTIFICATE STATUS DELIVERY THROUGH A LOCAL ENDPOINT

Granted: June 4, 2015
Application Number: 20150156194
Techniques are disclosed for locally distributing online certificate status protocol (OCSP) responses to a client computer. A certificate authority (CA) proactively sends OCSP responses to an agent application (e.g., an antivirus application configured to handle OCSP responses) residing in the client computer. The agent application stores the OCSP responses in a cache. Thereafter, when a browser application sends an OCSP request to the CA, the agent application intercepts the request and…