-
公开(公告)号:US20230319065A1
公开(公告)日:2023-10-05
申请号:US17708825
申请日:2022-03-30
申请人: SOPHOS LIMITED
发明人: John Mears
CPC分类号: H04L63/1416 , H04L51/22 , H04L51/12
摘要: A computer-implemented method includes generating behavior patterns based on historical behavior of a plurality of emails. The method further includes receiving an email message from a sender, wherein the email message is withheld from delivery to a recipient. The method further includes extracting a plurality of features from the email message. The method further includes determining whether content of the email message matches at least one criterion for suspicious content. The method further includes determining a reputation score associated with the sender based on a comparison of the extracted features with the behavior patterns, wherein the extracted features include an identity of the sender. The method further includes responsive to the content of the email message not matching the at least one criterion for suspicious content and the reputation score meeting a reputation threshold, delivering the email message to the recipient.
-
公开(公告)号:US20240291839A1
公开(公告)日:2024-08-29
申请号:US18517321
申请日:2023-11-22
申请人: Sophos Limited
发明人: Vivek Rudraduttbhai Yagnik , John Mears , Rakesh Ghanshyamgiri Gauswami , Vishal Revabhai Prajapati
IPC分类号: H04L9/40
CPC分类号: H04L63/1425 , H04L63/20
摘要: Remote services, such as security services, are onboarded for a tenant in a multi-tenant environment, such as a cloud-based electronic mail tenant, by configuring the tenant to permit remote access to local resources used at the tenant to facilitate the remote security services. Mail flow rules associated with the multi-tenant environment govern how electronic mail is handled in the environment. For example, mail flow rules may be used to divert inbound and/or outbound electronic mail through a mail security service. Changes to the mail flow rules are monitored and analyzed to determine whether such changes are valid (e.g., not unsafe or tampered with) to support secure management of electronic mail traffic. If a change to a mail flow rule is determined to not be valid, an action may be performed, such as deleting, disabling, or reverting the change.
-
公开(公告)号:US11916858B1
公开(公告)日:2024-02-27
申请号:US17958046
申请日:2022-09-30
申请人: Sophos Limited
发明人: John Mears , Brett Hunter Cove
IPC分类号: H04L51/214 , H04L51/212 , H04L61/5061 , H04L9/40 , H04L51/224
CPC分类号: H04L51/214 , H04L51/212 , H04L51/224 , H04L61/5061 , H04L63/10 , H04L2463/082
摘要: A method for mitigating outbound electronic message spam includes determining whether an outbound electronic message to a recipient sent from an electronic messaging account of a sender has at least a predetermined number of indicators of compromise. The outbound electronic message is sent to the recipient using an IP address from a first pool of service delivery IP addresses based on a determination that the message has less than the predetermined number of indicators of compromise. The outbound electronic message is sent to the recipient using an IP address from a second pool of service delivery IP addresses based on a determination that the message has at least the predetermined number of indicators of compromise. The method may further include providing a notification of a possible compromise of the electronic messaging account and the notification may include a request to modify a security feature of the electronic messaging account.
-
公开(公告)号:US20240364651A1
公开(公告)日:2024-10-31
申请号:US18308560
申请日:2023-04-27
申请人: SOPHOS LIMITED
发明人: John Mears
IPC分类号: H04L51/212 , G06F21/56
CPC分类号: H04L51/212 , G06F21/566
摘要: A computer-implemented method includes sending email scan requests to an email scanner. The method further includes receiving, from the email scanner, a verdict of suspicion and one or more data fragments. The method further includes storing the one or more data fragments for each email of the plurality of emails in a datastore. The method further includes receiving a new email. The method further includes deriving one or more new keys for the new email. The method further includes retrieving one or more matching data fragments from the datastore by matching the one or more new keys with the one or more keys stored in the datastore. The method further includes providing, to the email scanner, the new email and the one or more matching data fragments. The method further includes receiving a new verdict of suspicion and one or more new data fragments.
-
公开(公告)号:US20240291789A1
公开(公告)日:2024-08-29
申请号:US18517202
申请日:2023-11-22
申请人: Sophos Limited
IPC分类号: H04L51/214 , G06Q10/107 , H04L9/40
CPC分类号: H04L51/214 , G06Q10/107 , H04L63/0807 , H04L63/0823 , H04L63/20
摘要: Remote services, such as security services, are onboarded for a tenant in a multi-tenant environment, such as a cloud-based electronic mail tenant, by configuring the tenant to permit remote access to local resources used at the tenant to facilitate the remote security services. As a significant advantage, this permits use of the remote security services with cloud-based enterprise resources hosted on the tenant, e.g., an enterprise mail server handling inbound and/or outbound electronic mail traffic, without requiring changes to the tenant's network configuration. As an additional advantage, security risks associated with the remote access may be confined to the specific tenant in the multi-tenant environment by creating a unique key for exchanging data between the tenant and the remote security services.
-
-
-
-
搜索结果
5 条记录 (耗时 0.013 秒)
