公开(公告)号：WO2018031778A1

公开(公告)日：2018-02-15

申请号：PCT/US2017/046301

申请日：2017-08-10

Applicant: NETSKOPE, INC.

Inventor： HITTEL, Sean ,  NARAYANASWAMY, Krishna ,  BALUPARI, Ravindra K. ,  ITHAL, Ravi

IPC: G06F21/55 ,  G06F21/56

Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a entity that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined entity.

Abstract translation: 所公开的技术涉及检测存储在独立数据存储器上的文件系统上的数据攻击。 所述检测包括扫描列表以识别已经在时间范围内更新的独立数据存储的文件，组装由扫描识别的文件的当前元数据，获得文件的历史元数据，通过分析所述文件的历史元数据来确定恶意活动正在进行中 文件的当前元数据和历史元数据，以识别超过预定变化速度的变化模式。 此外，检测包括通过分析文件的当前元数据和已知的恶意元数据模式来确定恶意活动正在进行中，以识别当前元数据与已知恶意元数据模式之间的匹配，确定发起恶意的实体 活动，并实施一个响应机制，限制所确定的实体进行文件修改。

公开(公告)号：WO2017156497A1

公开(公告)日：2017-09-14

申请号：PCT/US2017/021969

申请日：2017-03-10

Applicant: NETSKOPE, INC.

Inventor： NARAYANASWAMY, Krishna ,  CHENG, Lebin ,  KULKARNI, Abhay ,  ITHAL, Ravi ,  ANAND, Chetan ,  CHOPRA, Rajneesh

IPC: G06F21/62 ,  H04L29/06

Abstract: The technology disclosed relates to enforcing multi-part policies on data-deficient transactions of independent data stores. In particular, it relates to combining active analysis of access requests for the independent object stores with inspection of objects in the independent object stores, each of the analysis and inspection generating and persisting object metadata in a supplemental data store, actively processing data-deficient transactions that apply to the objects by accessing the supplemental data store to retrieve object metadata not available in transaction streams of the data-deficient transactions, and actively enforcing the multi-part policies using the retrieved object metadata.

Abstract translation: 所披露的技术涉及对独立数据存储的数据缺陷交易实施多部分策略。 具体地，涉及将独立对象库的访问请求的活动分析与独立对象库中的对象的检查相结合，每个分析和检查在补充数据库中生成并持久化对象元数据，主动处理数据缺陷事务 通过访问补充数据存储以检索对象元数据，该对象元数据在数据缺陷事务的事务流中不可用，并且使用检索到的对象元数据来主动执行多部分策略，从而应用于对象。

公开(公告)号：WO2016186703A2

公开(公告)日：2016-11-24

申请号：PCT/US2016/014197

申请日：2016-01-20

Applicant: NETSKOPE, INC.

Inventor： NARAYANASWAMY, Krishna ,  ITHAL, Ravi ,  MALMSKOG, Steve ,  GNANASHANMUGAM, Shankaran ,  SAMBAMOORTHY, Arjun ,  ANAND, Chetan ,  ARUN, Prashanth

IPC: H04L29/06 ,  H04W12/08 ,  G06F21/55

CPC classification number: G06F21/6218 ,  G06F21/554 ,  G06F21/602 ,  G06F21/6209 ,  H04L9/083 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/0869 ,  H04L9/0872 ,  H04L9/3236 ,  H04L63/0281 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/123 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/1458 ,  H04L67/1097 ,  H04L2463/061 ,  H04W12/08

Abstract: The technology disclosed relates to securely encrypting a document. In particular, it relates to accessing a key-manager with a triplet of organization identifier, application identifier and region identifier and in response receiving a triplet-key and a triplet-key identifier that uniquely identifies the triplet-key. In addition, the technology disclosed relates to monitoring and controlling enterprise information stored on a cloud computing service (CCS). It includes using a cross-application monitor to detect a cloud computing service (CCS) application programming interface (API) in use and a function or an activity being performed via the CCS API.

Abstract translation: 所公开的技术涉及安全地加密文档。 特别地，它涉及访问具有组织标识符，应用标识符和区域标识符的三元组的密钥管理器，并且响应于接收唯一地标识三重密钥的三元组密钥和三重密钥标识符。 此外，所公开的技术涉及监控和控制存储在云计算服务（CCS）上的企业信息。 它包括使用跨应用程序监视器来检测正在使用的云计算服务（CCS）应用程序编程接口（API）以及通过CCS API执行的功能或活动。

公开(公告)号：WO2014138388A2

公开(公告)日：2014-09-12

申请号：PCT/US2014/021174

申请日：2014-03-06

Applicant: NETSKOPE, INC.

Inventor： NARAYANASWAMY, Krishna ,  CHENG, Lebin ,  ITHAL, Ravi ,  BERI, Sanjay

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/1425 ,  H04L63/168 ,  H04L67/20

Abstract: A computer-implemented method for accessing a hosted service on client devices is described. The client devices include client software that uses a remotely delivered policy to redirect network requests for hosted services to a server to enforce visibility, policy and data security for network delivered services. The method can be used in conjunction with existing VPN and proxy solutions, but provides distinct additional functionality, particularly suited to corporate needs. Policies allow entities to centralize enforcement of service-specific restrictions across networks and communication channels, e.g. only certain users can download client records from a service— irrespective of the network used to access the service.

Abstract translation: 描述了用于访问客户端设备上的托管服务的计算机实现的方法。 客户端设备包括使用远程传输策略的客户端软件，将托管服务的网络请求重定向到服务器，以强化网络传输服务的可见性，策略和数据安全性。 该方法可以与现有的VPN和代理解决方案结合使用，但可提供不同的附加功能，特别适合企业需求。 策略允许实体集中实施跨网络和通信信道的服务特定限制，例如， 只有某些用户可以从服务中下载客户端记录，而不管用于访问服务的网络。