公开(公告)号：US12111936B2

公开(公告)日：2024-10-08

申请号：US18057391

申请日：2022-11-21

申请人： Avalor Technologies, Ltd.

发明人： Kfir Aharon Tishbi ,  Raanan Raz ,  Ilai Gilenberg

IPC分类号： G06F21/00 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

CPC分类号： G06F21/577 ,  G06F21/53 ,  G06F21/6218 ,  G06F2221/034

摘要： A system and method for cybersecurity vulnerability management through ticket system reduction reduces alert fatigue. The method includes receiving a plurality of alerts from a cybersecurity monitoring system, the cybersecurity monitoring system configured to monitor a computing environment, wherein each alert includes a plurality of attributes; generating in a graph database a ticket node corresponding to each alert of the received plurality of alerts; generating in the graph database a ticket group node, the ticket group node connected to a plurality of ticket nodes, each ticket node of the plurality of ticket nodes corresponding to an alert having an attribute with a same value; generating a ticket in a ticketing system corresponding to the ticket group node; and generating a visual representation of the ticket corresponding to the ticket group node.

公开(公告)号：US12101385B2

公开(公告)日：2024-09-24

申请号：US18345258

申请日：2023-06-30

申请人： Zscaler, Inc.

发明人： John A. Chanak ,  Chakkaravarthy Periyasamy Balaiah ,  Sandeep Kamath ,  Vikas Mahajan ,  Barrett Hostetter-Lewis ,  Gregory Rybinski ,  Rishabh Gupta ,  Pankaj Chhabra

IPC分类号： H04L67/568 ,  H04L9/40 ,  H04L67/02

CPC分类号： H04L67/568 ,  H04L63/0823 ,  H04L67/02

摘要： Techniques for processing web probes for monitoring user experience including use of caching to prevent a surge of web probes on destination servers and for detecting web probe traffic. A method implemented by a connector includes intercepting a Hypertext Transfer Protocol Secure (HTTPS) web probe request to a server, identifying a cache hit associated with the request in a cache, generating a synthetic Hypertext Transfer Protocol (HTTP) response based on information from the identified cache hit, wherein the generated synthetic HTTP response includes an extension header containing collected statistics, and sending the synthetic HTTP response. The method can further include simulating a Secure Socket Layer (SSL) handshake to estimate SSL cost.

公开(公告)号：US20240291904A1

公开(公告)日：2024-08-29

申请号：US18656718

申请日：2024-05-07

申请人： Zscaler, Inc.

发明人： Abhishek Bathla ,  Kumar Gaurav ,  Raman Madaan ,  Chakkaravarthy Periyasamy Balaiah ,  Shweta Gupta

IPC分类号： H04L67/562 ,  G06F21/55 ,  G06F21/56 ,  H04L9/40 ,  H04L67/1095 ,  H04L67/563

CPC分类号： H04L67/562 ,  G06F21/552 ,  G06F21/568 ,  H04L63/145 ,  H04L67/1095 ,  H04L67/563

摘要： A method performed by a cloud system includes, subsequent to the cloud system connecting to one of a cloud provider and a Software-as-a-Service (SaaS) application, scanning data stored therein for one or more users associated with a tenant of a plurality of tenants of the cloud system; detecting an incident in the data during the scanning; maintaining details of the incident in an in-memory data store; and providing a notification to the tenant of the incident.

公开(公告)号：US12074906B1

公开(公告)日：2024-08-27

申请号：US18529621

申请日：2023-12-05

申请人： AIRGAP NETWORKS INC.

发明人： Satish M. Mohan ,  Vinay Adavi ,  Ritesh R. Agrawal

IPC分类号： H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： A technique to provide early detection of ransomware is disclosed. Message traffic from secure gateways is monitored. Statistical anomaly detection and behavioral anomaly detection is performed. Visualization and alerts may be generated to aid operators to identify ransomware attacks and take proactive measures. In one implementation, the early detection of ransomware is performed in the cloud.

公开(公告)号：US20240275701A1

公开(公告)日：2024-08-15

申请号：US18625059

申请日：2024-04-02

申请人： Zscaler, Inc.

发明人： Sai Kishore Petla ,  Thomas James Geisler ,  Scott Andrew Hankins

IPC分类号： H04L43/065 ,  H04L41/16 ,  H04L43/16

CPC分类号： H04L43/065 ,  H04L41/16 ,  H04L43/16

摘要： Systems and methods for identifying device type within a network include receiving data associated with monitoring network communication traffic associated with a plurality of devices; analyzing the data of the plurality of devices, wherein the analyzing includes identifying one or more features of the data of each of the plurality of devices; and labeling each of the plurality of devices as one of a user device and a non-user device based on the one or more features.

公开(公告)号：US20240259406A1

公开(公告)日：2024-08-01

申请号：US18101733

申请日：2023-01-26

申请人： Zscaler, Inc.

发明人： Hila Paz Herszfang ,  Eden Meyuhas

IPC分类号： H04L9/40 ,  G06N7/01 ,  G06N20/00

CPC分类号： H04L63/1425 ,  G06N7/01 ,  G06N20/00

摘要： Systems and methods for dynamic session aggregation detection include receiving session logs for one of a plurality of machines operating in a cloud-based system; determining a plurality of time intervals between activities based on the session logs; determining a probability of a new log to be received after each time interval of the plurality of time intervals; calculating a slope from a shortest break interval and a slope to a longest break interval for each log of the session logs; calculating a slope ratio for each log of the session logs; and determining an optimal maximum session duration based on the slope ratios. The steps further include defining a new applicative session each time the machine experiences a break larger than the optimal maximum session duration.

公开(公告)号：US12028237B2

公开(公告)日：2024-07-02

申请号：US17851248

申请日：2022-06-28

申请人： Zscaler, Inc.

发明人： Pankaj Chhabra

IPC分类号： H04L12/70 ,  H04L9/40 ,  H04L12/46 ,  H04L43/10 ,  H04L45/02

CPC分类号： H04L45/02 ,  H04L12/4633 ,  H04L43/10 ,  H04L63/029

摘要： The present disclosure relates to systems and methods for egress handling for networks with Public Internet Protocol (IP) address. The disclosure includes identifying if a public Internet Protocol (IP) is used on a private network; performing a traceroute to an originating point of a tunnel; responsive to no reply to the traceroute, making a location call to an end node, wherein the end node identifies the origin of the location call, the identity of the origin being an egress IP; and responsive to a reply to the traceroute, using the IP to show the origin of the tunnel. The disclosure further includes, responsive to no tunnel being present, providing a continuous network path from a client to a destination.

公开(公告)号：US20240214363A1

公开(公告)日：2024-06-27

申请号：US18594541

申请日：2024-03-04

申请人： Zscaler, Inc.

发明人： Srikanth Devarajan ,  Vijay Bulusu ,  Roy Rajan ,  Ajit Singh ,  Abhinav Bansal ,  Vikas Mahajan

IPC分类号： H04L9/40

CPC分类号： H04L63/0435 ,  H04L63/029 ,  H04L63/1466

摘要： Systems and methods include responsive to receiving a request at a remote node, determining whether the request is to be sent directly or via a cloud-based system; establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between the remote node and a local node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier.

公开(公告)号：US20240163312A1

公开(公告)日：2024-05-16

申请号：US18332133

申请日：2023-06-09

申请人： Zscaler, Inc.

发明人： Rubin Azad ,  Deepen Desai ,  Varun Singh ,  Shriyash Shete

IPC分类号： H04L9/40

CPC分类号： H04L63/1491 ,  H04L63/1416 ,  H04L63/1425

摘要： Systems and methods are provided for calculating a security risk score. In one implementation, a method includes the step of analyzing a network to assess a license status of the network, where the license status is related to one or more security licenses procured for providing security protection to the network. The method also includes the step of analyzing the network to assess a configuration status of the network, where the configuration status is related to configurations settings of one or more security policies currently operating with respect to the network. Based on the assessed license status and configuration status, the method further includes the step of calculating a security risk score indicating a current level of risk that the network faces against threats, intrusions, cyber-attacks, breaches, and/or data loss.

公开(公告)号：US20240163308A1

公开(公告)日：2024-05-16

申请号：US17988128

申请日：2022-11-16

申请人： Zscaler, Inc.

发明人： Clifford Kahn ,  Jian Liu ,  Victor Pavlov ,  Srinivas Kavuri ,  John A. Chanak

IPC分类号： H04L9/40

CPC分类号： H04L63/1458 ,  H04L63/08

摘要： Systems and methods for defending against volumetric attacks, implemented in a cloud-based system. Embodiments include steps of, monitoring flows and a rate of requests to a Data Center (DC); receiving a request from an address to the DC, the request being for a service in a cloud-based system; determining if the address has been successfully authenticated within a past predetermined time period; responsive to the address not having been successfully authenticated within the past time period, and one of (i) the rate of requests being above a threshold or (ii) the number of flows being above a threshold, placing the address in a penalty box for a predetermined amount of time; and blocking requests from the address in the penalty box for the predetermined amount of time.