Techniques for handling device inventories
Granted: April 30, 2019
Patent Number:
10275738
Techniques for handling device inventories are disclosed. In one embodiment, the techniques may be realized as a system for handling device inventories comprising one or more processors. The one or more processors may be configured to send an inventory request of a device. The inventory request may comprise identification information of the device. The one or more processors may further be configured to receive, in response to the inventory request, inventory information associated with…
Activating malicious actions within electronic documents
Granted: April 30, 2019
Patent Number:
10275596
A method and system for activating malicious actions within electronic documents is described. In one embodiment, the method may include receiving, by a processor of a computing device, the electronic document; identifying, by the processor, an object embedded within the electronic document; identifying, by the processor, an action associated with execution of the object; executing, by the processor, the action within a context of rules associated with the object; identifying, by the…
Techniques for data classification based on sensitive data
Granted: April 30, 2019
Patent Number:
10275396
Techniques for data classification may be realized as a method including: selecting from a group of files a sample set representing fewer than all of the files; classifying each file in the sample set, wherein classifying each file includes identifying whether each file represents sensitive information; and providing an estimate for the group of files based on the classification of each file in the sample set, including an estimate of sensitive information within the group of files.
Systems and methods for scalable network monitoring in virtual data centers
Granted: April 16, 2019
Patent Number:
10264020
A computer-implemented method for scalable network monitoring in virtual data centers may include (1) identifying a plurality of network monitoring agents executing on a plurality of virtual machine host systems within a virtual data center, (2) intercepting, at a receiving virtual machine host system, a traffic flow within a virtual network within the virtual data center, (3) determining a processor load on each of the plurality of virtual machine host systems, (4) selecting, based on…
Method and system to estimate mobile device performance based on personal behavior patterns
Granted: April 16, 2019
Patent Number:
10262353
A method for estimating mobile device performance is provided. The method includes accessing device information, application information and usage information from a plurality of mobile devices and receiving a user selection that indicates a type of mobile device and one or more applications. The method includes determining an impact the one or more applications cause to the selected type of mobile device, in terms of resources of the selected type of mobile device, based on the user…
Security recommendations based on incidents of malware
Granted: April 16, 2019
Patent Number:
10262137
A method for providing security recommendations is described. In one embodiment, the method may include identifying a set of monitored customers. In some cases, each monitored customer may include one or more computing devices. The method may include identifying a first computing device of a monitored customer for evaluation, selecting a potential security product to install on the first computing device, and quantifying the ability of the monitored customer to detect or prevent malware…
Systems and methods for detecting and addressing suspicious file restore activities
Granted: April 16, 2019
Patent Number:
10262135
The disclosed computer-implemented method for detecting and addressing suspicious file restore activities may include (i) detecting a restore activity during which files are restored to a client device from a previously stored backup of the files, (ii) determining that a total number of the files restored during the restore activity exceeds a threshold number, and (iii) performing, based on the total number of the files exceeding the threshold number, a security action to protect the…
Systems and methods for obtaining information about security threats on endpoint devices
Granted: April 16, 2019
Patent Number:
10262131
The disclosed computer-implemented method for obtaining information about security threats on endpoint devices may include (1) detecting, by a security program on a computing device, an attempt to access at least one suspicious file, (2) before permitting the computing device to access the suspicious file, identifying, by the security program, at least one third-party resource not associated with the security program that contains information potentially indicative of the trustworthiness…
Systems and methods for logging users out of online accounts
Granted: April 9, 2019
Patent Number:
10257202
The disclosed computer-implemented method for logging users out of online accounts may include (i) receiving, from a first computing device of a user, a request from the user to log into an online account hosted by an online platform, (ii) establishing, between the online platform and a second computing device of the user, a network session that both (a) verifies the identity of the user to the online platform and (b) at least partially disrupts the functionality of the second computing…
Systems and methods for verifying users based on user motion
Granted: April 9, 2019
Patent Number:
10257229
The disclosed computer-implemented method for verifying users based on user motion may include (1) instructing a user of a mobile device to physically move in a prescribed manner, (2) receiving information, collected by one or more sensors associated with the mobile device, describing physical movement performed by the user after the user receives the instruction, (3) determining, upon receiving the information, that the user's physical movement matches the prescribed movement, and (4)…
Systems and methods for establishing a reputation for related program files
Granted: April 9, 2019
Patent Number:
10255435
The disclosed computer-implemented method for establishing a reputation for related program files may include (1) identifying a set of related program files, where each program file includes one or more common metadata field values and the values of the metadata fields are set by a program development tool, (2) identifying one or more of the set of related program files as malicious, (3) determining that a proportion of malicious files in the set of related program files is above a…
Systems and methods for detecting malware using machine learning
Granted: April 2, 2019
Patent Number:
10250617
A computer-implemented method for detecting malware using machine learning may include (1) identifying data to be analyzed for malware, (2) classifying, using a classifier created by a combination of at least one deep learning neural network and at least one supervised data mining method, the data to be analyzed for malware, (3) determining, based on a predefined threshold, that the classification of the data indicates potential malware on the computing device, and (4) performing a…
Systems and methods for determining reputations of digital certificate signers
Granted: April 2, 2019
Patent Number:
10250588
The disclosed computer-implemented method for determining reputations of digital certificate signers may include (i) identifying a group of endpoint devices that have accessed files to which a digital certificate signer has attached digital certificates that assert the files are legitimate, (ii) determining, for each endpoint device, whether a security state of the endpoint device is compromised or uncompromised based on a security analysis of computing events detected on the endpoint…
Systems and methods for zero-day DLP protection having enhanced file upload processing
Granted: April 2, 2019
Patent Number:
10248797
Systems and methods for Zero-day Data Loss Protection (DLP) having enhanced file upload processing are provided. One method may include capturing and sending file upload context (e.g. folder name, metadata, an active URL, etc.) associated with the scheduled file or folder upload to a DLP filesystem driver. For example, the method may include detecting whether a single/multi-file upload, a folder upload, or a drag-and-drop operation exists, through interception of the shell dialog API,…
Systems and methods for determining reputations of files
Granted: April 2, 2019
Patent Number:
10248787
The disclosed computer-implemented method for determining reputations of files may include (i) identifying, on an endpoint device, a loadpoint data entry created by a file installed on the endpoint device that directs an operating system of the endpoint device to execute the file during boot up operations of the endpoint device, (ii) determining a reputation of the loadpoint data entry, (iii) detecting, on an additional endpoint device, an attempt to install a suspicious file with a…
Systems and methods for authenticating users on touchscreen devices
Granted: April 2, 2019
Patent Number:
10248769
The disclosed computer-implemented method for authenticating users on touchscreen devices may include (i) detecting that the computing device is at an authentication step that requires valid authentication input from a user in order to authenticate the user to a service on the computing device, (ii) detecting that the computing device is physically oriented such that a touchscreen of the computing device is facing away from the user of the computing device, (iii) receiving input from the…
Securely launching files downloaded to potentially unsafe locations on a computer system
Granted: March 26, 2019
Patent Number:
10241696
The present disclosure relates to protecting computer systems from installation of rogue shared libraries when executable files are launched. An example method generally includes detecting that a downloaded file has been written to an insecure location on the computing device. A computing device determines that the downloaded file includes at least a first executable component and, upon determining that the downloaded file includes executable components, generates a copy of the…
Systems and methods for generating device-specific security policies for applications
Granted: March 26, 2019
Patent Number:
10243963
The disclosed computer-implemented method for generating device-specific security policies for applications may include (1) installing, onto a computing device, an application requested by the computing device, (2) while the application is running on the computing device, monitoring interactions between the application and a computing environment in which the computing device operates to identify (A) computing resources within the computing environment required by the application and (B)…
Systems and methods for predicting security incidents triggered by security software
Granted: March 26, 2019
Patent Number:
10242201
A computer-implemented method for predicting security incidents triggered by security software may include (i) collecting, by a computing device, telemetry data from a set of security products deployed by a set of client machines, (ii) identifying, by the computing device, a selected security product within the set of security products that is missing telemetry data for a target client machine, (iii) building a classifier, by the computing device using the telemetry data, that predicts…
Systems and methods for providing integrated security management
Granted: March 26, 2019
Patent Number:
10242187
The disclosed computer-implemented method for providing integrated security management may include (1) identifying a computing environment protected by security systems and monitored by a security management system that receives event signatures from the security systems, where a first security system uses a first event signature naming scheme that differs from a second event signature naming scheme used by a second security system, (2) observing a first event signature that originates…
