公开(公告)号：US10581878B2

公开(公告)日：2020-03-03

申请号：US15617048

申请日：2017-06-08

Applicant: EntIT Software LLC

Inventor： Ming Sum Sam Ng ,  Oleksandr Mirosh ,  Alvaro Munoz Sanchez

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/55

Abstract: A method for attack detection includes: intercepting, by a runtime security agent, a request for a web resource; determining whether the intercepted request was triggered from an external website; determining whether the intercepted request was triggered from a current session; determining whether the intercepted request is requesting a static file type; and in response to a determination that the intercepted request was triggered from an external website and was not triggered from a current session, or a determination that the intercepted request was triggered from an external website and is not requesting a static file type, providing, by the runtime security agent, an indication of a potential attack.

公开(公告)号：US10310962B2

公开(公告)日：2019-06-04

申请号：US15500522

申请日：2014-09-24

Applicant: ENTIT SOFTWARE LLC

Inventor： Alvaro Munoz Sanchez ,  Yekaterina Tsipenyuk O'Neil

IPC: G06F9/44 ,  G06F11/36 ,  G06F11/30

Abstract: In one implementation, a system can comprise a probe monitor engine to monitor a probe passed to a function of a set of instructions, a propagation engine to identify an infrastructure connection based on an attribute of the probe during a runtime session, and a rule engine to generate an infrastructure rule based on the infrastructure connection and the attribute of the probe.

公开(公告)号：US20180359265A1

公开(公告)日：2018-12-13

申请号：US15617048

申请日：2017-06-08

Applicant: EntIT Software LLC

Inventor： Ming Sum Sam Ng ,  Oleksandr Mirosh ,  Alvaro Munoz Sanchez

IPC: H04L29/06 ,  G06F21/56 ,  H04L29/08

CPC classification number: H04L63/1416 ,  G06F21/554 ,  H04L63/0281 ,  H04L63/1466 ,  H04L67/02

Abstract: A method for attack detection includes: intercepting, by a runtime security agent, a request for a web resource; determining whether the intercepted request was triggered from an external website; determining whether the intercepted request was triggered from a current session; determining whether the intercepted request is requesting a static file type; and in response to a determination that the intercepted request was triggered from an external website and was not triggered from a current session, or a determination that the intercepted request was triggered from an external website and is not requesting a static file type, providing, by the runtime security agent, an indication of a potential attack.