Systems and methods for evaluating cybersecurity risk
Granted: September 10, 2019
Patent Number:
10410158
A computer-implemented method for evaluating cybersecurity risk may include (i) identifying telemetry data collected from endpoints of an entity, (ii) calculating a cybersecurity risk score for the entity by searching the telemetry data for information indicative of cybersecurity risk exposure of the entity and performing an actuarial analysis on the information indicative of the cybersecurity risk exposure to quantize a potential consequence of the cybersecurity risk exposure, and (iii)…
Systems and methods for controlling auxiliary device access to computing devices based on device functionality descriptors
Granted: September 10, 2019
Patent Number:
10409734
The disclosed computer-implemented method for controlling auxiliary device access to computing devices based on device functionality descriptors may include (i) detecting a connection of an auxiliary device to a client computing device, (ii) receiving a set of functionality descriptors from the auxiliary device, each functionality descriptor of the set of functionality descriptors identifying a separate functionality of the auxiliary device, (iii) determining whether the set of…
Active push-based remediation for reputation-based security systems
Granted: September 3, 2019
Patent Number:
10404733
The present disclosure relates to initiating remediation of security risks on an endpoint system based on updated reputation data. According to one embodiment, a reputation service receives a request, from a first endpoint system, for reputation data about an object. A reputation service transmits, in response to the request, data indicating a current reputation of the object. The reputation service determines that the object presents a security risk and updates reputation data…
Systems and methods for using vehicles as information sources for knowledge-based authentication
Granted: September 3, 2019
Patent Number:
10404697
The disclosed computer-implemented method for using vehicles as information sources for knowledge-based authentication may include (1) identifying a vehicle belonging to a user who is attempting to authenticate with an identity-verification authority, (2) acquiring analytic information about the vehicle, (3) generating, by analyzing the analytic information about the vehicle, at least one authentication question, where the correct response to the authentication question requires…
Systems and methods for creating validated identities for dependent users
Granted: September 3, 2019
Patent Number:
10402549
The disclosed computer-implemented method for creating validated identities for dependent users may include (1) identifying both a validated user of an identity validation service who has a previously validated identity and a dependent user who cannot create a new validated identity via the identity validation service, (2) enabling, via a graphical user interface displayed on the computing device, the validated user to create the new validated identity for the dependent user in response…
Verifying that the influence of a user data point has been removed from a machine learning classifier
Granted: August 27, 2019
Patent Number:
10397266
Verifying that influence of a user data point has been removed from a machine learning classifier. In some embodiments, a method may include training a machine learning classifier using a training set of data points that includes a user data point, calculating a first loss of the machine learning classifier, updating the machine learning classifier by updating parameters of the machine learning classifier to remove influence of the user data point, calculating a second loss of the…
Tracking of software executables that come from untrusted locations
Granted: August 20, 2019
Patent Number:
10389743
A system and method for tracking content derived from unverified sources are described. A tracking application determines a file is untrusted when it is obtained from an unverified or untrusted source. Examples of unverified sources include remote servers accessed through a network and removable storage devices. The application marks the file as untrusted by inserting an identification of the file in a watchlist. A filter driver monitors I/O transactions and conveys information regarding…
Brand recognition and protection in mobile applications
Granted: August 20, 2019
Patent Number:
10387889
Techniques for brand recognition and protection in applications (“apps”) for mobile devices are disclosed. In some embodiments, brand recognition and protection in apps for mobile devices includes extracting a plurality of features of an app; comparing the plurality of features with a target set of features associated with an entity; and determining whether the app violates a policy for brand recognition and protection for the entity based on the comparing the plurality of features…
Techniques for detecting shared devices
Granted: August 13, 2019
Patent Number:
10382416
Techniques for detecting shared devices are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for detecting shared devices comprising receiving, using a shared computer detection component, information about a connection to a website from a user device, identifying, using the shared computer detection component, one or more characteristics associated with the connection from the user device, determining, in the event there is sufficient data…
Systems and methods for enforcing access-control policies
Granted: August 13, 2019
Patent Number:
10382488
A computer-implemented method for enforcing access-control policies may include (i) identifying streaming content that is being transmitted from a media server to a media playback system, (ii) determining that a supervised user is within exposure range of the media playback system and could be exposed to the streaming content, (iii) receiving a sample of the content from a sampling system that is remote from the media playback system, (iv) identifying an access-control policy that…
Systems and methods for efficient backup deduplication
Granted: August 13, 2019
Patent Number:
10380074
A computer-implemented method for efficient backup deduplication may include (1) identifying a file to be divided into chunks for deduplication, (2) requesting, from a server, a chunk size to use when dividing the file for deduplication by submitting at least one attribute of the file to the server, the server selecting the chunk size based at least in part on a projected chunk reuse rate when the file is deduplicated according to the chunk size, (3) receiving from the server, in…
Systems and methods for enforcing access-control policies
Granted: August 6, 2019
Patent Number:
10375114
The disclosed computer-implemented method for enforcing access-control policies may include (i) determining that a user is attempting to access a controlled device that is subject to an access-control policy, (ii) locating at least one additional device that is in physical proximity to the controlled device, (iii) acquiring context information from the additional device that provides information about the identity of the user, (iv) establishing the identity of the user based on the…
System and method for determining a decayed threat score
Granted: August 6, 2019
Patent Number:
10375104
According to one embodiment, a computer-implemented method performed by a computing device comprising at least one processor, the method comprising determining a threat score for a user action in a computer application and calculating a decayed threat score based on the determined threat score and a damping factor. The threat score being indicative of a risk presented by the user action, the decayed threat score being a modified threat score for the user action, and the damping factor…
Systems and methods for mediating information requests
Granted: August 6, 2019
Patent Number:
10375077
The disclosed computer-implemented method for mediating information requests may include (1) detecting, at the information-managing device, a request for the information-managing device to provide at least one element of personal information to a requesting device that is within physical proximity of the information-managing device, (2) evaluating, based at least in part on an attribute of the request, whether the request for the element of personal information is appropriate, and (3)…
Systems and methods for updating network devices
Granted: July 30, 2019
Patent Number:
10365913
The disclosed computer-implemented method for updating network devices may include (1) determining, by monitoring at least one endpoint device connected to a network device that provides a network connection for the endpoint device, periodic time intervals in which a user of the endpoint device is unlikely to access the network connection via the network device, (2) detecting that a system update is available for the network device that will impair the ability of the network device to…
Systems and methods for network traffic routing to reduce service congestion at a server
Granted: July 30, 2019
Patent Number:
10367744
The disclosed computer-implemented method for network traffic routing to reduce service congestion at a server may include (1) receiving, by the computing device and from the cloud server, a traffic routing policy, (2) identifying, for a transaction and using at least one hook inserted into an operating system of the computing device, metadata describing a traffic type, (3) comparing the metadata with the traffic routing policy to determine the transaction is bypass traffic, and (4)…
Systems and methods for managing encryption keys for single-sign-on applications
Granted: July 30, 2019
Patent Number:
10367643
The disclosed computer-implemented method for managing encryption keys for single-sign-on applications may include (1) receiving, from an identity service, notification of a request to access encrypted data on a cloud service, the notification including a session key for encrypting and decrypting a master key for decrypting cloud service keys, (2) deriving the master key, (3) decrypting, using the master key, a cloud service key for decrypting data on the cloud service, (4) storing the…
Systems and methods for selecting features for classification
Granted: July 30, 2019
Patent Number:
10366344
A computer-implemented method for selecting features for classification may include (1) generating a matrix X, a column vector Y, and a matrix Z from a training dataset that includes a plurality of samples with a plurality of features, (2) generating an augmented matrix from the matrix X, the column vector Y, and the matrix Z, (3) identifying one or more most-relevant features from the plurality of features by iteratively applying a sweep operation to the augmented matrix, and (4)…
Systems and methods for protecting personally identifiable information during electronic data exchanges
Granted: July 30, 2019
Patent Number:
10366250
The disclosed computer-implemented method for protecting personally identifiable information during electronic data exchanges may include (i) receiving, from a computing device, an authentication token for a proposed electronic data exchange, (ii) preventing the user's personally identifiable information from entering the proposed electronic data exchange by identifying the user using the anonymized identifier rather than using the user's personally identifiable information, (iii)…
Systems and methods for trichotomous malware classification
Granted: July 30, 2019
Patent Number:
10366233
The disclosed computer-implemented method for trichotomous malware classification may include (1) identifying a sample potentially representing malware, (2) selecting a machine learning model trained on a set of samples to distinguish between malware samples and benign samples, (3) analyzing the sample using a plurality of stochastically altered versions of the machine learning model to produce a plurality of classification results, (4) calculating a variance of the plurality of…
