-
公开(公告)号:US11792209B2
公开(公告)日:2023-10-17
申请号:US17139644
申请日:2020-12-31
申请人: Imperva, Inc.
发明人: Itsik Mantin
CPC分类号: H04L63/1408 , H04L43/04 , H04L63/0236 , H04L63/0254
摘要: A method includes monitoring web traffic until a threshold of network traffic is collected. The method further includes determining a number of location characteristics corresponding to the network traffic. The method further includes monitoring traffic information corresponding to the number of location characteristics until a threshold of traffic information is collected. The method further includes determining a number of location content flags corresponding to the traffic information. The method further includes generating, by a processing device, a location profile based on the number of location characteristics and the number of content flags. The method further includes blocking impermissible web traffic from reaching a client device based on the location profile.
-
公开(公告)号:US11716374B2
公开(公告)日:2023-08-01
申请号:US17654047
申请日:2022-03-08
申请人: Imperva, Inc.
发明人: Daniel Spång
IPC分类号: H04L67/02 , H04L69/329 , H04L9/40
CPC分类号: H04L67/02 , H04L63/0281 , H04L63/0428 , H04L69/329
摘要: A method by a web application layer proxy communicatively coupled between a client and an origin server for performing automated POST resubmission. The method includes intercepting a request by the client for a resource provided by the origin server, obtaining an interstitial page in response to receiving an indication from a bot detector component that the client needs to be identified, where the interstitial page includes challenge code for interrogating the client and code for automatically submitting a form included in the interstitial page if the client successfully acquires a token, encrypting a payload of the request, adding the encrypted payload to a hidden input field of the form included in the interstitial page, and sending the interstitial page with the encrypted payload added to the hidden input field of the form to the client as a response to the request.
-
公开(公告)号:US20230216681A1
公开(公告)日:2023-07-06
申请号:US18074384
申请日:2022-12-02
申请人: Imperva, Inc.
CPC分类号: H04L9/3213 , H04L67/02
摘要: Embodiments of the present disclosure relate to tracking a user’s activity using a mapping of their API key to a token. A proxy device may receive a registration request from a client, the registration request including a first API key. The proxy device may forward the registration request to a registration endpoint and receive a first token generated using the first API key during an authentication process performed by the registration endpoint. The proxy device may associate the first API key with the first token and forward the first token to the client. The proxy device may receive a service request from the client that includes the first token and may add information regarding the service request into an entry in a log corresponding to the first API key.
-
公开(公告)号:US20230142344A1
公开(公告)日:2023-05-11
申请号:US17523720
申请日:2021-11-10
申请人: Imperva, Inc.
发明人: Ori Nakar
CPC分类号: G06F21/6218 , G06F16/2358 , G06F2221/2101
摘要: Embodiments of the present disclosure provide a method for detecting security incidents in an object store by aggregating log files generated by a monitoring program of the object store and monitoring the aggregated log data. A processing device may periodically execute database operations to access data stored in the object store. In response to each database operation, an access log set may be generated and stored in an access log storage. The processing device may periodically aggregate access log data from a plurality of access log sets currently stored in the access log storage to generate aggregated log data. The processing device may then monitor the aggregated log data over time to identify one or more security incidents of the object store.
-
公开(公告)号:US11645407B2
公开(公告)日:2023-05-09
申请号:US17118461
申请日:2020-12-10
申请人: Imperva, Inc.
发明人: Gabriel Beyo , Assaf Cohen , Eytan Naim
CPC分类号: G06F21/6218 , G06F16/2365
摘要: A method by a network device to enrich database logs. The method includes detecting that a process executing on the network device has created a database connection to a database server, determining contextual information of the process in response to detecting that the process has created the database connection, generating a key associated with the database connection based on information that is known to be included in a database log of the database, and providing the key and the contextual information to a correlator component.
-
公开(公告)号:US20230025740A1
公开(公告)日:2023-01-26
申请号:US17814496
申请日:2022-07-22
申请人: Imperva, Inc.
发明人: Gabriel BEYO , Tal SHABI , Eytan Shalom NAIM , Elad EREZ , James Arthur BURTOFT , Paul AIUTO
摘要: A method performed by a cloud computing platform of a cloud service is disclosed to assess a data security of a database deployed in a cloud environment associated with a user of the cloud service. The method includes creating a sandbox environment in the cloud environment associated with the user, loading scanner code in the sandbox environment, wherein the scanner code includes code for performing a data security assessment, loading and restoring a snapshot of the database in the sandbox environment, setting a unique password for admin access to the restored snapshot of the database, executing the scanner code in the sandbox environment to perform the data security assessment on the restored snapshot of the database, and tearing down the sandbox environment in response to a determination that the scanner code has finished execution.
-
公开(公告)号:US11423130B2
公开(公告)日:2022-08-23
申请号:US16783590
申请日:2020-02-06
申请人: Imperva, Inc.
发明人: Tyler James Paxton , Reid Michael Tatoris , Benjamin Trenda , Elvis Jakupovic , Steven P. Burkett , Adam Michael Janower
IPC分类号: G06F21/31 , G06F16/2457 , G06F21/32 , G06F21/36 , H04L9/40
摘要: One embodiment of the invention is a method utilizing a CAPTCHA to generate a human likeness score including blocks: a) receiving a user solution to the CAPTCHA; b) receiving a user interaction pattern descriptive of an interaction undertaken by the user, through a graphical interface of the CAPTCHA, to achieve the user solution; c) determining the accuracy of the user solution; d) comparing the user interaction pattern against an interaction model generated from interaction patterns of previous users; e) calculating the human likeness score based upon the determination of block c) and the comparison of block d), wherein the human likeness score lies within a continuum of human likeness scores.
-
公开(公告)号:US20220210184A1
公开(公告)日:2022-06-30
申请号:US17139661
申请日:2020-12-31
申请人: Imperva, Inc.
发明人: Ori Nakar , Amit Leibovitz
摘要: A method includes identifying, from online clustering data, an internet protocol (IP) pair. The method further includes determining, by a processing device during an offline process, that the IP pair is part of a botnet. The method further includes, in response to the determining, appending data associated with the botnet to the online clustering data.
-
公开(公告)号:US11301496B2
公开(公告)日:2022-04-12
申请号:US16233074
申请日:2018-12-26
申请人: Imperva, Inc.
发明人: Shiri Margel , Yury Geiler
IPC分类号: G06F15/173 , G06F16/28 , H04L43/04 , H04L29/06
摘要: A method by a security system implemented by one or more electronic devices for detecting attacks on one or more databases hosted by one or more database servers. The method includes classifying, based on analyzing database logs of the one or more databases, a plurality of network entities used to access the one or more databases into different network entity types, where one or more of the plurality of network entities can be classified into the same network entity type and using a result of the classification of the plurality of network entities to detect attacks on the one or more databases.
-
公开(公告)号:US20220086125A1
公开(公告)日:2022-03-17
申请号:US17456362
申请日:2021-11-23
申请人: Imperva, Inc.
发明人: Gilad Yehudai , Itsik Mantin , Lior Fisch , Shelly Hershkovitz , Amichai Shulman , Moran Rachel Ambar
摘要: A method by a computing device implementing an attack analyzer for processing malicious events. The method includes determining a first set of features describing a malicious event detected by a firewall, determining a set of distances using a non-Euclidean distance function and the first set of features, wherein the non-Euclidean distance function is used to determine geographic origin similarity between different Internet Protocol addresses included in the first and second set of features, generating a statistical distribution object using the set of distances, wherein the statistical distribution object includes information describing a cluster that includes at least the malicious event and one or more other malicious events that are determined to be similar to the malicious event in terms of geographic origin, and transmitting information describing the cluster to a management console for presentation to an administrator on a graphical user interface.
-
-
-
-
-
-
-
-
-
搜索结果
171 条记录 (耗时 0.026 秒)
