公开(公告)号：US20230229468A1

公开(公告)日：2023-07-20

申请号：US17696921

申请日：2022-03-17

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  BIDESH CHITNIS

IPC: G06F9/455

CPC classification number: G06F9/45545 ,  G06F9/45558 ,  G06F2009/45583 ,  G06F2009/45579

Abstract: In an example, a management node includes a processor and a memory communicatively coupled to the processor. The memory may include an advisory module to receive data related to a login pattern of a user over a period of time and predict a time to launch a virtual desktop session for the user based on the received data. Further, the advisory module may fetch, via a network, a security policy from a cloud-based endpoint protection platform prior to the predicted time. Furthermore, the advisory module may populate a virtual machine with the security policy before the user logs into the virtual desktop session. Then, the advisory module may create the virtual desktop session using the virtual machine populated with the security policy in response to a determination that the user logged into the virtual desktop session prior to an expiration of a timer.

公开(公告)号：US20230041397A1

公开(公告)日：2023-02-09

申请号：US17507825

申请日：2021-10-22

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  PANKAJ SURYAWANSHI ,  ROSHAN KOLHE

IPC: G06F21/52

Abstract: System and method for checking reputations of executable files in an endpoint device use an integrity verification on an executable file being scanned to determine whether the executable file has been unaltered since being installed in the endpoint device. When the executable file has been determined to be unaltered since being installed in the endpoint device, a file origin analysis is executed on the executable file based on a vendor identifier for the executable file to determine whether the executable file is from an approved source. When the executable file is determined to be from an approved source, an output is produced that indicates that the executable file has an approved reputation.

公开(公告)号：US20220197716A1

公开(公告)日：2022-06-23

申请号：US17174381

申请日：2021-02-12

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  SUNIL HASBE ,  SACHIN SHINDE

IPC: G06F9/50 ,  G06F9/455 ,  H04L29/06

Abstract: In an example, a behavioural characteristic of a workload running on a first host computing device in a data center may be monitored. Further, a security requirement of the workload may be determined based on the behavioural characteristic of the workload. Furthermore, a second host computing device that supports the security requirement of the workload may be determined. Further, a recommendation may be generated to migrate the workload running on the first host computing device to the second host computing device in the data center.

公开(公告)号：US20210314237A1

公开(公告)日：2021-10-07

申请号：US16878652

申请日：2020-05-20

Applicant: VMWARE, INC.

Inventor： NAKUL OGALE ,  SHIRISH VIJAYVARGIYA ,  SACHIN SHINDE

IPC: H04L12/24 ,  H04L29/12 ,  G06F9/455

Abstract: Example methods and systems for a computer system to perform security threat detection during service query handling are described. In one example, a process running on a virtualized computing instance supported by the computer system may generate and send a first service query specifying a query input according to a service protocol. The first service query may be detected by a security agent configured to operate in a secure enclave that is isolated from the process. Next, the security agent may generate and send a second service query specifying the query input in the first service query. It is then determined whether there is a potential security threat based on a comparison between (a) a first reply received responsive to the first service query and (b) a second reply received responsive to the second service query.

公开(公告)号：US20210288937A1

公开(公告)日：2021-09-16

申请号：US16874706

申请日：2020-05-15

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  SUNIL HASBE ,  NAKUL OGALE ,  SACHIN SHINDE

IPC: H04L29/12

Abstract: In some embodiments, a method stores domain name system (DNS) resolution mappings from a domain name to an address in a first table. The DNS resolution mappings are intercepted from DNS responses being sent by a DNS server. The first table is sent to a manager for validation of the DNS resolution mappings. Then, a second table is received from the manager that contains validated DNS resolution mappings. The method intercepts a DNS response that includes a domain name to address resolution mapping from the DNS server and validates the domain name to address resolution mapping using a validated DNS resolution mapping in the second table.

公开(公告)号：US20210286877A1

公开(公告)日：2021-09-16

申请号：US16871088

申请日：2020-05-11

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  Vasantha Kumar DHANASEKAR ,  Sachin SHINDE ,  Rayanagouda Bheemanagouda PATIL

IPC: G06F21/56 ,  G06F11/30 ,  G06F21/60 ,  G06F9/455

Abstract: A next generation antivirus (NGAV) security solution in a virtualized computing environment includes a security sensor at a virtual machine that runs on a host and a security engine remote from the host. The integrity of the NGAV security solution is increased, by providing a verification as to whether a verdict issued by the security engine has been successfully enforced by the security sensor to prevent execution of malicious code at the virtual machine.

公开(公告)号：US20210103669A1

公开(公告)日：2021-04-08

申请号：US16693407

申请日：2019-11-25

Applicant: VMWARE, INC.

Inventor： SACHIN SHINDE ,  SHIRISH VIJAYVARGIYA

IPC: G06F21/60 ,  G06F9/54

Abstract: The present disclosure describes secured interprocess communication (IPC). The operating system traps application-level IPC calls to an IPC agent, which handles the IPC call. The IPC agent executes in a trusted execution environment so that communications between the applications involved in the IPC are secure. Since processing of IPC by the IPC agent bypasses the operating system, IPC remains secure despite any attacks against the operating system code.

公开(公告)号：US20200344210A1

公开(公告)日：2020-10-29

申请号：US16442579

申请日：2019-06-17

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  ALOK NEMCHAND KATARIA ,  DEEP SHAH

IPC: H04L29/06 ,  G06F9/455

Abstract: Techniques for implementing a secure enclave-based guest firewall are provided. In one set of embodiments, a host system can load a policy enforcer for a firewall into a secure enclave of a virtual machine (VM) running on the host system, where the secure enclave corresponds to a region of memory in the VM's guest memory address space that is inaccessible by processes running in other regions of the guest memory address space (including privileged processes that are part of the VM's guest operating system (OS) kernel). The policy enforcer can then, while running within the secure enclave: (1) obtain one or more security policies from a policy manager for the firewall, (2) determine that an event has occurred pertaining to a new or existing network connection between the VM and another machine, and (3) apply the one or more security policies to the network connection.