-
1.发明授权公开(公告)号:US10200369B1
公开(公告)日:2019-02-05
申请号:US15044708
申请日:2016-02-16
申请人: Symantec Corporation
摘要: The disclosed computer-implemented method for dynamically validating remote requests within enterprise networks may include (1) receiving, on a target system within an enterprise network, a request to access a portion of the target system from a remote system within the enterprise network, (2) performing a validation operation to determine whether the remote system is trustworthy to access the portion of the target system by (A) querying an enterprise security system to authorize the request from the remote system and (B) receiving, from the enterprise security system in response to the query, a notification indicating whether the remote system is trustworthy to access the portion of the target system, and then (3) determining whether to grant the request based at least in part on the notification received from the enterprise security system as part of the validation operation. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10003606B2
公开(公告)日:2018-06-19
申请号:US15084522
申请日:2016-03-30
申请人: Symantec Corporation
CPC分类号: H04L63/1416 , G06F21/554 , G06F2201/86 , H04L63/1425
摘要: The disclosed computer-implemented method for detecting security threats may include (1) detecting, by a software security program, a security incident at a client device such that the software security program generates a signature report to identify the security incident, (2) querying an association database with the signature report to deduce another signature report that a different software security program would have predictably generated at the client device, the different software security program having been unavailable at the client device at a time of detecting the security incident, and (3) performing at least one protective action to protect the client device from a security threat associated with the security incident based on the other signature report deduced by querying the association database. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10200395B1
公开(公告)日:2019-02-05
申请号:US15084515
申请日:2016-03-30
申请人: Symantec Corporation
摘要: The disclosed computer-implemented method for automated whitelisting of files may include (1) obtaining telemetry information that identifies files located on a set of computing systems, (2) establishing a whitelist of files for the set of computing systems by, for each file identified by the telemetry information, (A) calculating an amount by which a cost for using the whitelist will increase if the file is included in the whitelist, (B) calculating an amount by which whitelist coverage of files in the set of computing devices will increase if the file is included in the whitelist, (C) determining whether to include the file in the whitelist by balancing the increase in the cost against the increase in whitelist coverage, and (3) using the whitelist to protect the set of computing systems from undesirable files. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10055586B1
公开(公告)日:2018-08-21
申请号:US14753051
申请日:2015-06-29
申请人: Symantec Corporation
发明人: Kevin Roundy , Sandeep Bhatkar , Christopher Gates , Anand Kashyap , Yin Liu , Aleatha Parker-Wood , Leylya Yumer
IPC分类号: G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00 , G06F21/57 , H04L29/06 , G06F21/56 , G06F21/00 , G06F21/55 , G06F21/53
CPC分类号: G06F21/56 , G06F21/566 , H04L63/101 , H04L63/1416 , H04L63/1433 , H04L63/1441 , H04L63/145
摘要: The disclosed computer-implemented method for determining the trustworthiness of files within organizations may include (1) identifying a file on a computing device within multiple computing devices managed by an organization, (2) in response to identifying the file, identifying at least one additional computing device within the multiple computing devices that is potentially associated with the file, (3) distributing at least a portion of the file to a user of the additional computing device with a request to receive an indication of the trustworthiness of the file, and then (4) receiving, from the additional computing device, a response that indicates the trustworthiness of the file. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US09805192B1
公开(公告)日:2017-10-31
申请号:US14751178
申请日:2015-06-26
申请人: Symantec Corporation
发明人: Christopher Gates , Kevin Roundy
CPC分类号: G06F21/562 , G06F2221/034
摘要: A computer-implemented method for file classification may include (1) identifying, by a computer security system, a cluster of files that co-occur with each other according to a statistical analysis, (2) identifying ground truth files to which the computer security system has previously assigned a security score, (3) determining that a file in the cluster of files shares an item of file metadata with another file in the ground truth files, (4) assigning a security score to the file in the cluster of files based on a security score of the other file in the ground truth files that shares the item of file metadata, and (5) assigning an overall security score to the entire cluster of files based on the security score assigned to the file in the cluster. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US20170289178A1
公开(公告)日:2017-10-05
申请号:US15084522
申请日:2016-03-30
申请人: Symantec Corporation
IPC分类号: H04L29/06
CPC分类号: H04L63/1416 , G06F21/554 , G06F2201/86 , H04L63/1425
摘要: The disclosed computer-implemented method for detecting security threats may include (1) detecting, by a software security program, a security incident at a client device such that the software security program generates a signature report to identify the security incident, (2) querying an association database with the signature report to deduce another signature report that a different software security program would have predictably generated at the client device, the different software security program having been unavailable at the client device at a time of detecting the security incident, and (3) performing at least one protective action to protect the client device from a security threat associated with the security incident based on the other signature report deduced by querying the association database. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US11128473B1
公开(公告)日:2021-09-21
申请号:US16359723
申请日:2019-03-20
申请人: Symantec Corporation
发明人: Daniel Kats , Christopher Gates , Acar Tamersoy , Daniel Marino
摘要: The disclosed method for assuring authenticity of electronic sensor data may include (i) capturing, using a sensor within a device, electronic sensor data, and (ii) digitally signing, using a cryptoprocessor embedded within the device, the electronic sensor data to create a digital signature that verifies that the signed electronic sensor data has not been modified since the electronic sensor data was captured by the sensor. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10579794B1
公开(公告)日:2020-03-03
申请号:US15633245
申请日:2017-06-26
申请人: SYMANTEC CORPORATION
摘要: Securing a network device by automatically identifying files belonging to an application. In one embodiment, a method may include collecting file attributes for multiple files from multiple network devices, examining a hash of file contents of each of the multiple files to identify multiple unique files in the multiple files, summarizing the file attributes for each of the multiple unique files to generate a sketch of file attributes for each of the multiple unique files, clustering the multiple unique files into multiple applications, making a security action decision for one application of the multiple applications, and performing a security action on a network device based on the security action decision.
-
公开(公告)号:US11469904B1
公开(公告)日:2022-10-11
申请号:US16360515
申请日:2019-03-21
申请人: Symantec Corporation
发明人: Daniel Kats , Christopher Gates , Acar Tamersoy , Daniel Marino
摘要: The disclosed computer-implemented method for authenticating digital media content may include (i) receiving digital media content that has been captured by a capturing device and digitally signed through a cryptoprocessor embedded within the capturing device to provide an assurance of authenticity regarding how the capturing device captured the digital media content, and (ii) encoding an identifier of the received digital media content and a digital signature to an encrypted distributed ledger, the digital signature including at least one of a digital signature of the digital media content by the capturing device or a digital signature of the digital media content by an entity encoding the received digital media content such that the encoding becomes available for subsequent verification through the encrypted distributed ledger. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10678917B1
公开(公告)日:2020-06-09
申请号:US15826642
申请日:2017-11-29
申请人: Symantec Corporation
发明人: Brian T. Witten , Christopher Gates
摘要: The disclosed computer-implemented method for evaluating unfamiliar executables may include (i) identifying, on the computing device, (a) a code object that is generated from source code written in a programming language, that is specified in an intermediate language different from the programming language, and that can be compiled into an executable file by a just-in-time compiler on the computing device and (b) an executable file that lacks an assigned reputation in a reputation system that distinguishes benign and malicious files, (ii) determining that the executable file was produced by the just-in-time compiler compiling the code object on the computing device, (iii) retrieving, from the reputation system, a reputation for the code object, and (iv) performing a security action on the executable file that is based on the reputation of the code object. Various other methods, systems, and computer-readable media are also disclosed.
-
-
-
-
-
-
-
-
-
搜索结果
28 条记录 (耗时 0.018 秒)
