公开(公告)号：US12231485B2

公开(公告)日：2025-02-18

申请号：US18191819

申请日：2023-03-28

Applicant: Palo Alto Networks, Inc.

Inventor： Subramanian Varadarajan ,  Rosarin Jolly Roy Antonyraj ,  Kumaravel Senthivel ,  Badrinath Natarajan

IPC: H04L67/06 ,  G06F16/93 ,  G06F16/957 ,  H04L67/02 ,  H04L67/141

Abstract: A method of delivering content includes, at a node in a network, receiving a first file, from a server, for rendering a first webpage. The method also includes transmitting the first file to a client computer system. The method also includes extracting a first hyperlink to a second webpage from the first file. The method also includes prefetching a second file for rendering the second webpage. The method also includes receiving a request to access a third webpage from the client computer system. The method also includes, in accordance with a determination that the second file can be used for rendering the third webpage, transmitting the second file to the client computer system.

公开(公告)号：US12229647B2

公开(公告)日：2025-02-18

申请号：US17877205

申请日：2022-07-29

Applicant: Palo Alto Networks, Inc.

Inventor： Zeyu You ,  Wei Wang ,  Yu Zhang

IPC: G06N20/00 ,  G06F16/953 ,  G06F16/955 ,  G06F16/958 ,  G06F21/57 ,  H04L9/40

Abstract: The present application discloses a method, system, and computer system for detecting parked domains. The method includes obtaining, by one or more processors, a set of webpages corresponding to a plurality of domains, extracting a plurality of features based on the set of webpages, detecting parked domains based on the plurality of features using a machine learning model, and periodically applying automatic signature generation to detect a new pattern of parked domains without retraining the machine learning model.

公开(公告)号：US12225013B2

公开(公告)日：2025-02-11

申请号：US18353238

申请日：2023-07-17

Applicant: Palo Alto Networks, Inc.

Inventor： Ory Segal ,  Yuri Shapira ,  Avraham Shulman ,  Benny Nissimov ,  Shaked Zin

IPC: H04L9/40 ,  G06N5/04 ,  G06N20/00 ,  H04L9/32

Abstract: A method for securing a serverless application including: (a) receiving a list of components which make up the serverless application and one or more intended usage flows of the serverless application; (b) creating and applying a security policy for each component of the serverless application, the security policy denying all access requests except from authorized components, wherein the authorized components are selected based on access requirements dictated by the one or more intended usage flows.

公开(公告)号：US12223337B2

公开(公告)日：2025-02-11

申请号：US18464799

申请日：2023-09-11

Applicant: Palo Alto Networks, Inc.

Inventor： Liron Levin ,  John Morello ,  Dima Stopel ,  Michael Velbaum ,  Itay Abramowsky ,  Isaac Schnitzer

IPC: H04L9/40 ,  G06F9/445 ,  G06F9/455 ,  G06F16/23 ,  G06F18/214 ,  G06F21/51 ,  G06F21/53 ,  G06F21/54 ,  G06N20/00

Abstract: A system and method for cloud native virtual machine (VM) runtime protection. The method includes creating a normal behavior model for a cloud native VM by training a machine learning model using a training data set including training activities performed by the cloud native VM, the cloud native VM being configured to provide at least one service, wherein the normal behavior model defines at least one capability of each service based on a set of capabilities for respective known services stored within a library of service-to-capability mappings, wherein each capability of a service indicates a plurality of discrete behaviors required by the service; and monitoring an execution of the cloud native VM to detect a deviation from the normal behavior model, wherein the deviation is caused by at least one abnormal behavior of one of the services that is not among the discrete behaviors defined in capabilities for the service.

公开(公告)号：US20250047701A1

公开(公告)日：2025-02-06

申请号：US18228397

申请日：2023-07-31

Applicant: Palo Alto Networks, Inc.

Inventor： Kalyan Siddam ,  Daniel Pare ,  Yue Jiang ,  Jun Wang ,  Ling Zeng ,  Vu Pham ,  Ran Xia

IPC: H04L9/40 ,  G06F8/65 ,  H04L41/12

Abstract: A system, method, and device for visualizing network topology are disclosed. The method includes (i) automatically generating a network topology visualization of network assets for a network, and (ii) grouping the network assets into a plurality of groupings based on a set of user selected distinct criteria.

公开(公告)号：US20250038971A1

公开(公告)日：2025-01-30

申请号：US18360224

申请日：2023-07-27

Applicant: Palo Alto Networks, Inc.

Inventor： Fang Lu ,  Peng Chen ,  Shu Lin

IPC: H04L9/08 ,  H04L47/125

Abstract: While organizations can employ IPsec based VPNs to securely connect different sites (e.g., branch sites, data centers, and/or virtual private clouds), the security can disrupt network performance by obfuscating information used for load balancing. Disclosed is technology that employs minimal decryption in a secure manner to load balance multiple network traffic flows within a secure connection (“tunnel”) across security appliances that effectively operate as alternative endpoints for the tunnel. The security appliances within a load balancing pool are configured/programmed to share tunnel keys with each other after tunnel establishment and with the load balancer. The load balancer uses the tunnel keys to minimally decrypt in a lookaside memory encrypted packets to ascertain N-tuples. The load balancer then uses the N-tuples to load balance the flows within a tunnel across the security appliances.

公开(公告)号：US12212595B2

公开(公告)日：2025-01-28

申请号：US17505976

申请日：2021-10-20

Applicant: Palo Alto Networks, Inc.

Inventor： Dima Stopel ,  Liron Levin ,  Daniel Shapira ,  Nitsan Ben Nun ,  John Morello

IPC: H04L9/40 ,  G06F9/54 ,  H04L41/0631 ,  H04L41/0866 ,  H04L43/12 ,  H04L43/50

Abstract: A method and system for protecting an application from unsecure network exposure. The method includes identifying an at-risk application, wherein identifying the at-risk application further comprises determining that the application is configured incorrectly; identifying at least one port through which the at-risk application is accessible when the at-risk application is determined to be configured incorrectly; and determining, based on the identified at least one port through which the at-risk application is accessible, whether an exposure vulnerability exists, wherein the exposure vulnerability is an unapproved exposure of at least one of the at least one port to external resources.

公开(公告)号：US20250031124A1

公开(公告)日：2025-01-23

申请号：US18224959

申请日：2023-07-21

Applicant: Palo Alto Networks, Inc.

Inventor： Avaneesh Anandrao Kadam ,  Mukhtiar A. Shaikh ,  Jeslin Antony Puthenparambil ,  Arun Athrey Chandrasekaran ,  Madhusudana Rao Kata

IPC: H04W40/02 ,  H04W12/088

Abstract: Techniques for extending local cellular WAN capabilities to a connected device are disclosed. In some embodiments, a system, a process, and/or a computer program product for extending local cellular wide area network (WAN) capabilities to a connected device includes selecting a first network communication device associated with a software-defined wide area network (SD-WAN) for policy enforcement, wherein the policy enforcement includes SD-WAN path selection; monitoring cellular network status information associated with a second network communication device of the SD-WAN; and synchronizing the cellular network status information associated with the second network communication device of the SD-WAN with the first network communication device associated with the SD-WAN, wherein the first network communication device associated with the SD-WAN uses the network status information for the policy enforcement.

公开(公告)号：US20250030709A1

公开(公告)日：2025-01-23

申请号：US18224298

申请日：2023-07-20

Applicant: Palo Alto Networks, Inc.

Inventor： Ke Tian ,  Aveek Kumar Das ,  Derick Liang ,  Rahul Rajewar ,  Gong Cheng ,  Mei Wang

IPC: H04L9/40

Abstract: Techniques for detecting anomalous network behavior in operational technology (OT) protocols are disclosed. A system, process, and/or computer program product for detecting anomalous network behavior in OT protocols include monitoring network traffic to perform automated OT malware detection analysis of OT related network traffic, extracting one or more features from the OT related network traffic, inputting the one or more extracted features into a model for malware detection analysis, and performing an action based on a result of the model.

公开(公告)号：US20250030673A1

公开(公告)日：2025-01-23

申请号：US18444217

申请日：2024-02-16

Applicant: Palo Alto Networks, Inc.

Inventor： Sachin Verma ,  Leonid Burakovsky ,  Apoorva Jain

IPC: H04L9/40 ,  H04L43/02

Abstract: Techniques for selective intelligent offloading for mobile networks using a security platform are disclosed. In some embodiments, a system/process/computer program product for selective intelligent offloading for mobile networks using a security platform includes monitoring network traffic in a core mobile network using a security platform executed on a network element in the core mobile network to identify a new session that attached to the core mobile network for mobile network communications; extracting meta information associated with the new session over a Diameter protocol and/or a Radius protocol using the security platform executed on the network element in the core mobile network; applying apply selective intelligent offloading using the security platform if the extracted meta information associated with the new session matches a selective intelligent offload policy; and performing traffic inspection by the security platform if the extracted meta information associated with the new session does not match a selective intelligent offload policy.