公开(公告)号：US12131266B2

公开(公告)日：2024-10-29

申请号：US18318959

申请日：2023-05-17

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Yuzhou Song ,  Arun Raghuramu ,  Yang Zhang

IPC: H04L9/40 ,  G06N5/04 ,  G06N20/00

CPC classification number: G06N5/04 ,  G06N20/00 ,  H04L63/0227 ,  H04L63/102 ,  H04L63/1425 ,  H04L63/1433

Abstract: Systems, methods, and related technologies for classification are described. Network traffic from a network may be accessed and an entity may be selected. One or more values associated with one or more properties associated with the entity may be determined. The one or more values may be accessed from the network traffic. A first model associated with a first level of granularity is accessed. A first classification result of the entity based on the first model is determined by a processing device. A second model associated with a second level of granularity is accessed. The second level of granularity is higher than the first level of granularity and the second model is accessed based on the first classification result. A second classification result of the entity based on the second model is determined. At least one of the first classification result or the second classification result is stored.

公开(公告)号：US12074771B2

公开(公告)日：2024-08-27

申请号：US18148951

申请日：2022-12-30

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Erick Ingleby ,  Nirmal F. Rajarathnam

IPC: H04L41/14 ,  G06N5/022

CPC classification number: H04L41/14 ,  G06N5/022

Abstract: Systems, methods, and related technologies for classifying a device on a network are described. A method includes capturing device information corresponding to a device on a network. The method inputs unstructured crowdsourced data on the network into a machine learning model to produce structured crowdsourced data. The method classifies the device based on evaluating the device information with the structured crowdsourced data.

公开(公告)号：US20240267293A1

公开(公告)日：2024-08-08

申请号：US18638424

申请日：2024-04-17

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Ilya Fainberg ,  Yafit Maor ,  Amir Olswang

IPC: H04L41/0893 ,  H04L9/40 ,  H04L41/14 ,  H04L43/045

CPC classification number: H04L41/0893 ,  H04L41/145 ,  H04L43/045 ,  H04L63/0263 ,  H04L63/104

Abstract: Technology for segmentation management is described. The segmentation management may include visualization, configuration, simulation, or a combination thereof, of segmentation policies. Segmentation management may include tagging entities communicatively coupled to a network, grouping the entities communicatively coupled to the network into a plurality of groups based at least on one or more tags that are associated with each of the entities, and displaying a user interface for selecting a first group and a second group from the plurality of groups. In response to receiving an input through the user interface, an indication of network traffic is displayed between the first group and the second group, where the network traffic is associated with one or more segmentation rules. In response to receiving additional input through the user interface, segmentation management configures an enforcement point with the segmentation rules.

公开(公告)号：US20240195815A1

公开(公告)日：2024-06-13

申请号：US18443098

申请日：2024-02-15

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Siying Yang ,  Yang Zhang

IPC: H04L9/40 ,  G06F18/24 ,  G06N20/00 ,  H04L41/0853 ,  H04L43/04 ,  H04L43/10

CPC classification number: H04L63/14 ,  G06F18/24 ,  G06N20/00 ,  H04L41/0853 ,  H04L43/04 ,  H04L43/10

Abstract: Systems, methods, and related technologies for classification are described. In certain aspects, a plurality of device classification methods with associated models are accessed. Each of the classification methods have an associated reliability level. The models of classification methods with a higher reliability level than other classifications methods are used to at least one of train or tune the models associated with lower reliability level.

公开(公告)号：US12010210B1

公开(公告)日：2024-06-11

申请号：US18370672

申请日：2023-09-20

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Robert McNutt ,  Daniel Ricardo dos Santos

IPC: H04L9/06 ,  H04L9/08

CPC classification number: H04L9/06 ,  H04L9/0852

Abstract: A system includes a processing device, operatively coupled to memory, to obtain one or more ciphers that are supported by a device that is coupled to a network, determine, by the processing device, a value associated with the device, based on whether each of the one or more ciphers that are supported by the device is quantum-safe, and generate a notification based on the value.

公开(公告)号：US12009986B2

公开(公告)日：2024-06-11

申请号：US18056561

申请日：2022-11-17

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Naor Kalbo

IPC: H04L41/12 ,  H04L41/22 ,  H04L67/02 ,  H04L67/51

CPC classification number: H04L41/12 ,  H04L41/22 ,  H04L67/02 ,  H04L67/51

Abstract: Systems, methods, and related technologies for a proactive inspection system for improved classification of devices are described. A device is discovered on a network that has a first open port number. A file is requested from the device with the first open port number and a filename. The filename has a highest likelihood of being used as a name for the file with the port number. In response to obtaining the file from the device, the device is classified with information held in the file.

公开(公告)号：US11909767B2

公开(公告)日：2024-02-20

申请号：US16924508

申请日：2020-07-09

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Siying Yang

IPC: H04L9/40 ,  H04L47/20 ,  H04L61/256 ,  H04L41/0213 ,  H04L61/2521 ,  H04L61/2514

CPC classification number: H04L63/20 ,  H04L41/0213 ,  H04L47/20 ,  H04L61/256 ,  H04L63/029 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1466 ,  H04L61/2514 ,  H04L61/2535

Abstract: Device scanning aspects are described. In certain aspects, the method includes configuring a port forwarding policy on a first device based on a network session information, performing a scan of a second device based on a port forwarding policy.

公开(公告)号：US11902126B2

公开(公告)日：2024-02-13

申请号：US17236305

申请日：2021-04-21

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Emmanuele Zambon

IPC: H04L43/08 ,  G06N20/00 ,  H04L9/40 ,  G06F21/50 ,  H04L43/18 ,  H04L67/02

CPC classification number: H04L43/08 ,  G06F21/50 ,  G06N20/00 ,  H04L43/18 ,  H04L63/0245 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/1425 ,  H04L67/02

Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.

公开(公告)号：US11876827B2

公开(公告)日：2024-01-16

申请号：US17950270

申请日：2022-09-22

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Yang Zhang

IPC: H04L9/40 ,  G06N20/00

CPC classification number: H04L63/1433 ,  H04L63/1408 ,  G06N20/00

Abstract: Systems, methods, and related technologies for improving classification use multiple classification resources. The method includes accessing network traffic from a network comprising a plurality of entities, and determining, based on the network traffic, one or more values associated with one or more properties of an entity of the plurality of entities. The method also includes determining, by a processing device, a first classification result of the entity based on the one or more values and at least one local profile, and determining a second classification result of the entity, wherein the second classification result of the entity is based on the one or more values and at least one remote profile.

公开(公告)号：US20230421581A1

公开(公告)日：2023-12-28

申请号：US18241663

申请日：2023-09-01

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Daniel Ricardo dos Santos ,  Elisa Costante ,  Mario Dagrada ,  Alessandro Manzi

IPC: H04L9/40 ,  H04L41/0604

CPC classification number: H04L63/1416 ,  H04L41/0609 ,  H04L63/1425 ,  H04L63/1433

Abstract: A method includes accessing events associated with a network and determining an issue based on a correlation of a portion of the events, wherein the issue represents an incident associated with the portion of the events, and wherein the correlation of the portion of the events is based on information associated with the network and at least in part on an event type of the portion of the events. A priority associated with the issue is determined at least based on the event type of the portion of the events. A first event type that is associated with an operational technology (OT) entity has a higher priority than a second event type that is not associated with the OT entity. Data associated with the issue is stored.