-
公开(公告)号:US12126631B2
公开(公告)日:2024-10-22
申请号:US17232999
申请日:2021-04-16
申请人: Shape Security, Inc.
发明人: Daniel G. Moen , Carl Schroeder
CPC分类号: H04L63/1416 , H04L63/1425 , H04L67/01 , H04L67/02 , G06N20/00 , H04L63/083
摘要: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.
-
公开(公告)号:US20240340315A1
公开(公告)日:2024-10-10
申请号:US18746008
申请日:2024-06-17
申请人: Shape Security, Inc.
发明人: Wesley HALES , Jarrod OVERSON
IPC分类号: H04L9/40 , G06F16/958
CPC分类号: H04L63/1483 , G06F16/986 , H04L63/1416
摘要: Techniques are provided for detecting compromised web pages in a runtime environment. A first version of a web page is retrieved and loaded in a browser comprising a browser extension configured to detect event listeners added when web pages are loaded by the browser. First data is generated describing a first set of event listeners detected by the browser extension when the first version of the web page is loaded. At a second time a second version of the web page is retrieved and loaded in the browser. Second data is generated describing a second set of event listeners detected by the browser extension when the second version of the web page is loaded. It is determined that the web page is compromised based on comparing the first data and the second data. In response to determining that the web page is compromised, a threat response action is performed.
-
公开(公告)号:US11790083B2
公开(公告)日:2023-10-17
申请号:US16914183
申请日:2020-06-26
申请人: Shape Security, Inc.
CPC分类号: G06F21/563 , G06F21/554 , G06F21/568 , H04L67/02
摘要: Techniques are provided for detecting a malicious script in a web page. Instrumentation code is provided for serving to a client computing device with a web page. The instrumentation code is configured to monitor web code execution at the client computing device when a script referenced by the web page is processed. Script activity data generated by the instrumentation code is received. The script activity data describes one or more script actions detected by the instrumentation code at the client computing device. Prior script activity data generated by a prior instance of the instrumentation code is obtained. A malicious change in the script is detected based on comparing the script activity data and the prior script activity data. In response to detecting the malicious change in the script, a threat response action is performed.
-
公开(公告)号:US11743256B1
公开(公告)日:2023-08-29
申请号:US17087840
申请日:2020-11-03
申请人: Shape Security, Inc.
发明人: Mengmeng Chen , Sumit Agarwal , Yao Zhao
CPC分类号: H04L63/0876 , H04L9/32
摘要: A security server device, method, non-transitory computer readable medium and security system that receives request data for a request from a client to a web server system where the request comprises a session identifier (ID) for a session between an authenticated user and the web server system. A determination is made whether the client is a single-user device based on the request data and multi-domain data. Another determinations is made on whether the client is compromised based on the request data. In response to the determinations that the client is a single-user device and is not compromised an extension of the session between the authenticated user on the client and the web server system is caused.
-
公开(公告)号:US11736512B1
公开(公告)日:2023-08-22
申请号:US17069180
申请日:2020-10-13
申请人: Shape Security, Inc.
发明人: Jarrod S. Overson
IPC分类号: H04L9/40
CPC分类号: H04L63/1441 , H04L63/1416 , H04L63/20
摘要: Methods, non-transitory computer readable media, protection server apparatuses, and network security systems that improve network security for web applications by mitigating cyberattacks that cause the exfiltration of data are illustrated. With this technology, network request(s) are received from a client that specify domain(s) to which the client has sent data during rendering of a webpage. The webpage includes instrumentation code configured to intercept and post the network requests. A determination is then mage when one of the domain(s) is a malicious domain. Interceptor code is generated based on a type of attack that is associated with the one of the domains, when the determination indicates the one of the domains is a malicious domain. The instrumentation code is then updated to include the interceptor code. The interceptor code is configured to mitigate the attack when the webpage is subsequently rendered by another client.
-
公开(公告)号:US11366892B2
公开(公告)日:2022-06-21
申请号:US16380958
申请日:2019-04-10
申请人: Shape Security, Inc.
发明人: Yao Zhao , Jian Jiang , Rundong Liu
摘要: In an embodiment, a method is configured to detect compromised credentials, comprising: generating a plurality of bloom filters, wherein each bloom filter corresponds to a particular subset of a set of compromised credentials; receiving an index value from a client computing device; in response to receiving the index value, determining a target bloom filter corresponding to the index value, and sending the target bloom filter to the client computing device; receiving a first value from the client computing device; in response to receiving the first value, generating a second value based on the first value, and sending the second value to the client computing device.
-
公开(公告)号:US11329999B1
公开(公告)日:2022-05-10
申请号:US16192458
申请日:2018-11-15
申请人: SHAPE SECURITY, INC.
发明人: Kevin Gibbons , Michael Ficarra
摘要: Techniques are provided for determining environment parameter values based on rendered emoji analysis, A server computer provides a first set of code that, when executed by a browser application at a client computing device, renders a set of emoji at the client computing device, generates a set of rendered graphic data for the set of emoji at the client computing device, and transmits the set of rendered graphic data for each emoji of the set of emoji from the client computing device to the server computer. The server computer receives the rendered graphic data generated at the client computing device, Based on the set of rendered graphic data for the set of emoji generated at the client computing device, the server computer determines a set values for one or more environment parameters of the client computing device.
-
公开(公告)号:US11088995B2
公开(公告)日:2021-08-10
申请号:US16024621
申请日:2018-06-29
申请人: Shape Security, Inc.
发明人: Justin Call
摘要: In an embodiment, a method comprises intercepting, from a server computer, a first set of instructions that define one or more objects and one or more operations that are based, at least in part, on the one or more objects; generating, in memory, one or more data structures that correspond to the one or more objects; performing the one or more operations on the one or more data structures; updating the one or more data structures, in response to performing the one or more operations, to produce one or more updated data structures; rendering a second set of instructions, which when executed by a remote client computer cause the remote client computer to generate the updated data structures in memory on the remote client computer, wherein the second set of instructions are different than the first set of instructions; sending the second set of instructions to the remote client computer.
-
公开(公告)号:US10911438B2
公开(公告)日:2021-02-02
申请号:US16025918
申请日:2018-07-02
申请人: Shape Security, Inc.
发明人: Zhipu Jin , Gautam Agrawal , Daniel G. Moen , Weiguo Liang , Xingang Wang
IPC分类号: H04L29/06 , H04L9/06 , G06F16/951 , H04L9/08 , H04L9/32
摘要: Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.
-
公开(公告)号:US10834050B2
公开(公告)日:2020-11-10
申请号:US15671017
申请日:2017-08-07
申请人: Shape Security, Inc.
发明人: Justin D. Call , Timothy D. Peacock
摘要: Application programming interfaces (APIs) can be unintentionally exposed and allow for potentially undesirable use of corporate resources. An API call filtering system configured to monitor API call requests received via an endpoint and API call responses received via a supporting service of an API or web service. The API call filtering system enables enterprises to improve their security posture by identifying, studying, reporting, and securing their APIs within their enterprise network.
-
-
-
-
-
-
-
-
-
搜索结果
154 条记录 (耗时 0.021 秒)
