SYSTEMS AND METHODS FOR ANALYZING PARTIAL ATTACK PATHS

    公开(公告)号:US20250023887A1

    公开(公告)日:2025-01-16

    申请号:US18350105

    申请日:2023-07-11

    Abstract: In one embodiment, a method includes ingesting security tool findings associated with an application and identifying events associated with the application. The method also includes comparing the security tool findings and the events against known attack paths and determining partial attack path matches between the security tool findings and the events and the known attack paths. The method further includes performing a risk analysis of the partial attack path matches and prioritizing the partial attack path matches based on the risk analysis.

    Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization

    公开(公告)号:US20240098090A1

    公开(公告)日:2024-03-21

    申请号:US18056977

    申请日:2022-11-18

    CPC classification number: H04L63/101 H04L63/102 H04L63/105

    Abstract: A system and method for an extended security scheme for reducing the prevalence of broken object level authorization. In one embodiment, a method includes receiving code associated with an application programming interface (API), wherein the code includes one of an API definition and an API server stub, and parsing the code for one or more keywords associated with an extended security scheme. If the code includes the API definition, the method further includes generating an associated API server stub based on at least one of the one or more keywords and the API definition. If the code includes the API server stub, the method further includes generating an associated API definition based on at least one of the one or more keywords and the API server stub.

    PER-DEVICE SINGLE SIGN-ON ACROSS APPLICATIONS

    公开(公告)号:US20220217132A1

    公开(公告)日:2022-07-07

    申请号:US17141007

    申请日:2021-01-04

    Abstract: Operations include transmitting, on behalf of a first application, a first request to a first service provider, the first request requesting first services from the first service provider, intercepting, at a local agent, a first redirect message from the first service provider to an identity provider, receiving an identity provider cookie from the identity provider based on a validation of credentials during the authentication process, storing a copy of the identity provider cookie, transmitting, on behalf of a second application, a second request to a second service provider, the second request requesting second services from the second service provider, intercepting a second redirect message from the second service provider to the identity provider, adding the identity provider cookie to the second redirect message, and receiving validation to access the second service provider from the identity provider based on the identity provider cookie stored by the local agent.

    Providing cellular-specific transport layer service by way of cell-site proxying in a network environment

    公开(公告)号:US10511640B2

    公开(公告)日:2019-12-17

    申请号:US15708042

    申请日:2017-09-18

    Abstract: A method is provided in one example embodiment and includes receiving a first request from a first user equipment by a first transport layer proxy located within an access network The first request includes a request to establish a user session between the first user equipment and a remote server. The method further includes establishing a first transport layer session between the first user equipment and the first transport layer proxy, establishing a second transport layer session between the first transport layer proxy and the remote server, and establishing a first control channel between the first transport layer proxy and a transport layer function manager within a core network. The method further includes sending session state parameters associated with the first transport layer session and the second transport layer session to the transport layer function manager using the first control channel.

    Packet Communications Providing Packet Forwarding Efficiencies in a Network including Using a Segment Routing and Tunnel Exchange

    公开(公告)号:US20190288873A1

    公开(公告)日:2019-09-19

    申请号:US15925731

    申请日:2018-03-19

    Abstract: In one embodiment, a segment routing and tunnel exchange provides packet forwarding efficiencies in a network, including providing an exchange between a segment routing domain and a packet tunnel domain. One application includes the segment routing and tunnel exchange interfacing segment routing packet forwarding (e.g., in a Evolved Packet Core (EPC) and/or 5-G user plane) and packet tunnel forwarding in access networks (e.g., replacing a portion of a tunnel between an access node and a user plane function for accessing a corresponding data network). In one embodiment, a network provides mobility services using a segment routing data plane that spans segment routing and tunnel exchange(s) and segment routing-enabled user plane functions. One embodiment uses the segment routing data plane without any modification to a (radio) access network (R)AN (e.g., Evolved NodeB, Next Generation NodeB) nor to user equipment (e.g., any end user device).

Patent Agency Ranking