公开(公告)号：US20240056481A1

公开(公告)日：2024-02-15

申请号：US17901685

申请日：2022-09-01

申请人： Commvault Systems, Inc.

发明人： Paul IGNATIUS ,  Arun Prasad AMARENDRAN ,  Steven Michael PRESTON ,  Mori BENECH ,  Irina CHEKAREV ,  Indu Sekhar PEDDIBHOTLA ,  Manoj NAIR

IPC分类号： H04L9/40

CPC分类号： H04L63/1491 ,  H04L63/1433

摘要： A cyber threat detection and deception system interoperates synergistically with a data storage management system. As a proxy for identifying crown jewels among many and diverse data assets in a network, the illustrative cyber threat detection and deception system uses service level information obtained from the data storage management system, e.g., RPO, RTO, append-only secondary storage, synthetic-full frequency, etc. The cyber threat detection and deception system emulates proprietary protocols used by storage management technologies such as the data storage management system, etc. By creating emulation traps and an emulation lexicon of these storage-related protocols, the illustrative cyber threat detection and deception system can create and execute cyber deception plans for the proprietary storage management assets. Synergistically, the illustrative data storage management system is configured to respond to alerts and react to other information received from the cyber threat detection and deception system by taking certain corrective and/or protective actions.

公开(公告)号：US20240320339A1

公开(公告)日：2024-09-26

申请号：US18735835

申请日：2024-06-06

申请人： Commvault Systems, Inc.

发明人： Oleg GOLDSHMIDT ,  Mori BENECH

IPC分类号： G06F21/56 ,  G06F21/51 ,  G06F21/55 ,  G06F21/57

CPC分类号： G06F21/566 ,  G06F21/51 ,  G06F21/554 ,  G06F21/577 ,  G06F2221/034 ,  G06F2221/2125

摘要： A system and method of deployment of malware detection traps by at least one processor may include performing a first interrogation of a first Network Asset (NA) of a specific NA family; determining, based on the interrogation, a value of one or more first NA property data elements of the first NA; obtaining one or more second NA property data elements corresponding to the specific NA family; integrating the one or more first NA property data elements and the one or more second NA property data elements to generate a template data element, corresponding to the specific NA family; producing, from the template data element, a malware detection trap module; and deploying, on one or more computing devices of a computer network, one or more instantiations of the malware detection trap module as decoys of the first NA.