会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 54. 发明授权
    • Data access verification for enterprise resources
    • 企业资源的数据访问验证
    • US09591008B2
    • 2017-03-07
    • US14688914
    • 2015-04-16
    • Imperva, Inc.
    • Amichai ShulmanSagie Dulce
    • G06F21/30H04L29/06G06F21/55
    • H04L63/1425G06F21/554G06F2221/034H04L63/0272H04L63/0281H04L63/10H04L63/1416H04L63/1441H04L63/18
    • According to one embodiment, a method in a computing device for responding to a determination that a verification with a user is desired responsive to detection of activity indicative of a possible insider threat is described. The method includes selecting a target role and a target user for the verification based on an activity context and an enterprise context repository, the selecting including selecting the target role from a plurality of target roles based on the activity context and optionally the enterprise context repository and selecting a target user in the selected target role based on the enterprise context repository. The method further includes causing a verification request to be sent to the selected target user; and generating an alert when a verification result indicates that the activity is indicative of the possible insider threat.
    • 根据一个实施例,描述了一种计算设备中的方法,用于响应于响应于指示可能的内部威胁的活动的检测而响应于用户的验证的确定。 该方法包括基于活动上下文和企业上下文存储库来选择用于验证的目标角色和目标用户,该选择包括基于活动上下文以及可选的企业上下文库从多个目标角色中选择目标角色;以及 基于企业上下文信息库选择所选目标角色中的目标用户。 该方法还包括使验证请求被发送到所选择的目标用户; 并且当验证结果指示该活动指示可能的内部威胁时,产生警报。
    • 58. 发明授权
    • Compromised insider honey pots using reverse honey tokens
    • 使用反向蜂蜜令牌的内疚蜜罐
    • US08973142B2
    • 2015-03-03
    • US13934099
    • 2013-07-02
    • Imperva Inc.
    • Amichai ShulmanMichael ChernySagie Dulce
    • G06F12/14H04L29/06
    • H04L63/1491H04L63/0263H04L63/1416H04L63/20
    • According to one embodiment, a method for setting a trap to detect that an intruder has compromised a client end station (CES) in an attempt to gain unauthorized access to enterprise data provided by a server is described. The method includes causing a honey token to be placed on the CES secluded within a configuration repository, wherein the honey token is metadata and/or instructions indicating how applications can seemingly access the enterprise data but that is actually invalid, and the honey token is placed on the CES and not on the server. The method also includes causing attribute values to be installed on a security gateway for a security rule causing the security gateway to monitor network traffic for attempted use of the honey token, and to generate an alert when a set of one or more packets that include the honey token are received.
    • 根据一个实施例,描述了一种用于设置陷阱以检测入侵者已经破坏了客户端站(CES)以尝试获得未经授权的访问由服务器提供的企业数据的方法。 该方法包括使蜂蜜令牌放置在配置库内隐藏的CES上,其中蜂蜜令牌是元数据和/或指示应用程序如何看起来访问企业数据但实际上无效的指令,并且蜂蜜令牌被放置 在CES上,而不是在服务器上。 该方法还包括使属性值安装在用于安全规则的安全网关上的安全规则,导致安全网关监视网络流量以尝试使用蜂蜜令牌,并且当包括一个或多个分组的一个或多个分组的集合时生成警报 收到蜂蜜令牌。
    • 60. 发明申请
    • ON-DEMAND CONTENT CLASSIFICATION USING AN OUT-OF-BAND COMMUNICATIONS CHANNEL FOR FACILITATING FILE ACTIVITY MONITORING AND CONTROL
    • 使用带外通信信道进行需求内容分类,促进文件活动监控和控制
    • US20140258294A1
    • 2014-09-11
    • US13787536
    • 2013-03-06
    • Imperva, Inc.
    • Amichai ShulmanRotem NaarMoshe Einhorn
    • G06F17/30
    • G06F17/30082G06F17/2785H04L47/2441
    • Communications to a server over an in-band communications channel are monitored for requests to access a file. Based on the communications, a request to access a particular file stored by the server is identified. Security and/or audit rules are identified based on the request. A determination is thereafter made that the security and/or audit rules require evaluation of classification information for contents of the requested file. Thus, a determination is made as to whether classification information for the contents of the particular file is available, such as determining whether the classification information is stored in a local classification cache. Responsive to a determination that the classification information is not available, classification information is obtained for the contents of the particular file using an out-of-band communications channel. Thereafter, processing with respect to the request to access the particular file is performed based on the obtained classification information and the one or more security and/or audit rules.
    • 监视通过带内通信信道到服务器的通信,以访问文件的请求。 基于通信,识别访问由服务器存储的特定文件的请求。 根据请求确定安全和/或审核规则。 此后,确定安全和/或审核规则要求评估所请求文件内容的分类信息。 因此,确定特定文件的内容的分类信息是否可用,诸如确定分类信息是否存储在本地分类高速缓存中。 响应于分类信息不可用的确定,使用带外通信信道获得特定文件的内容的分类信息。 此后,基于获得的分类信息和一个或多个安全和/或审核规则来执行关于访问特定文件的请求的处理。