-
公开(公告)号:US11711390B1
公开(公告)日:2023-07-25
申请号:US17721150
申请日:2022-04-14
发明人: Maarten Van Horenbeeck , Christopher Michael Anderson , Katharine Nicole Harrison , Matthew Ryan Jezorek , Jon Arron McClintock , Tushaar Sethi
CPC分类号: H04L63/1425 , G06N20/00 , H04L45/70 , H04L63/1433
摘要: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.
-
公开(公告)号:US10803164B2
公开(公告)日:2020-10-13
申请号:US16130060
申请日:2018-09-13
发明人: Jon Arron McClintock , David Scott Cleckley, Jr. , Robert Ellis Lee , Annabelle Richard Backman
摘要: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.
-
公开(公告)号:US10574697B1
公开(公告)日:2020-02-25
申请号:US14623241
申请日:2015-02-16
IPC分类号: H04L29/06
摘要: Disclosed are various embodiments for providing a honeypot environment in response to incorrect security credentials being provided. An authentication request for an account to log into an application is received from a client. It is determined that the authentication request specifies an incorrect security credential for the account. The client is then provided with access to a honeypot environment in response to the authentication request. The honeypot environment is configured to mimic a successful login to the application via the account.
-
公开(公告)号:US10462116B1
公开(公告)日:2019-10-29
申请号:US14855298
申请日:2015-09-15
发明人: Nima Sharifi Mehr , Darren Ernest Canavor , Jesper Mikael Johansson , Jon Arron McClintock , Muhammad Wasiq
IPC分类号: H04L29/06
摘要: The present document describes systems and methods that detect unauthorized transmission of data from internal networks to remote service providers, even when the transmission occurs over an encrypted connection. An exfiltration monitor is configured to monitor encrypted communications between clients within an internal network and a remote service provider. In various implementations, the exfiltration monitor associates the encrypted connections with account information, and applies exfiltration policies to the connections based at least in part on the associated account information. In additional implementations, the exfiltration monitor is provided with cryptographic keys that facilitate packet inspection of the encrypted connections. In many situations, the exfiltration monitor can use this information to discern between authorized use of a remote service, and unauthorized data exfiltration to the remote service.
-
公开(公告)号:US10409977B2
公开(公告)日:2019-09-10
申请号:US15730560
申请日:2017-10-11
摘要: A service receives a request from a user of a group of users to perform one or more operations requiring group authentication in order for the operations to be performed. In response, the service provides a first user of the group with an image seed and an ordering of the group of users. Each user of the group applies a transformation algorithm to the seed to create an authentication claim. The service receives this claim and determines, based at least in part on the ordering of the group of users, an ordered set of transformations, which are used to create a reference image file. If the received claim matches the reference image file, the service enables performance of the requested one or more operations.
-
公开(公告)号:US10320632B1
公开(公告)日:2019-06-11
申请号:US14014042
申请日:2013-08-29
发明人: Jon Arron McClintock , Melissa Elaine Davis , Anton Vladilenovich Goldberg , Aram Grigoryan , Brandon William Porter , Matthew Paul Wenger , Donghui Zhuo
摘要: Methods, systems, and computer-readable media for implementing pattern-based detection are disclosed. A plurality of services monitor a plurality of service interactions comprising data or metadata. The services compare the data or metadata to a set of patterns and identify one or more matched patterns among the set of patterns. The services send data indicative of the matched patterns to a central recording service. The central recording service aggregates the data indicative of the matched patterns and generates one or more data flow visualizations indicating one or more data flows between individual ones of the services for the matched patterns.
-
公开(公告)号:US10313339B1
公开(公告)日:2019-06-04
申请号:US15376494
申请日:2016-12-12
发明人: Conor Power , Jon Arron McClintock , Dean H. Saxe , Tushaar Sethi
摘要: A delivery verification service receives an electronic message that indicates delivery of an authentication device. In response to receiving the electronic message, the delivery verification service identifies, based at least in part on the electronic message, a set of attributes of a recipient to which the authentication device was delivered. Based at least in part on these attributes of the recipient, the delivery verification service determines whether to activate the authentication device. If the delivery verification service determines that the authentication device can be activated, the delivery verification service causes the authentication device to be enabled.
-
公开(公告)号:US10185924B1
公开(公告)日:2019-01-22
申请号:US14321163
申请日:2014-07-01
摘要: Techniques are described for generating response recommendation information that describes one or more response profiles, each including one or more actions that may be performed to respond to a security risk present in a deployed software module. The response recommendation information may quantify, for each response profile, a cost and a benefit due to the performance of the action(s) included in the response profile. The cost may include lost revenues or other value lost due to the action(s). The benefit may include a mitigation of the security risk.
-
公开(公告)号:US10180936B2
公开(公告)日:2019-01-15
申请号:US15470846
申请日:2017-03-27
IPC分类号: G06F17/27 , G06F17/22 , G06F17/28 , G06F3/0481 , G06F17/30
摘要: A mechanism is provided for representing information, such as binary sequence, in a manner that is easier to read and less likely to generate errors when interacted with by human. A dictionary is seeded with two or more set of words, the words being selected from distinct categories. Symbols may be created by combining words from the distinct categories. A mapping of symbols to corresponding values may then be generated. The generated mapping may be used to translate bit values to symbols and symbols to bit values.
-
公开(公告)号:US10154052B1
公开(公告)日:2018-12-11
申请号:US14286247
申请日:2014-05-23
IPC分类号: H04L29/06
摘要: Complex web applications may be susceptible to cyber-attacks that affect the security of customer sessions. Session theft and exploitation may be predicted and controlled by monitoring records of requests made to the web application and providing notifications of possible compromise of a session, session service or a machine using a session service.
-
-
-
-
-
-
-
-
-
搜索结果
138 条记录 (耗时 0.025 秒)
