专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09876804B2 Method and system for detecting unauthorized access to and use of network resources 有权
公开(公告)号：US09876804B2
公开(公告)日：2018-01-23
申请号：US14058254
申请日：2013-10-20
申请人： Cyber-Ark Software Ltd.
发明人： Andrey Dulkin , Yair Sade , Roy Adar
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , H04L63/102 , H04L63/1466
摘要： Methods and systems are disclosed for detecting unauthorized actions associated with network resources, the actions including access to the resource and activity associated with the resource. The unauthorized actions are detected by analyzing action data of a client action associated with the network resource against credential retrieval data including records of authorized actions and/or procedures for performing an action associated with the network resource.

2. 发明申请

US20150271162A1 SYSTEMS AND METHODS FOR CONTROLLING SENSITIVE APPLICATIONS 审中-公开
标题翻译：用于控制敏感应用的系统和方法
公开(公告)号：US20150271162A1
公开(公告)日：2015-09-24
申请号：US14217649
申请日：2014-03-18
申请人： Cyber-Ark Software Ltd.
发明人： Andrey Dulkin , Erez Breiman , Yair Sade
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L63/105 , H04L63/1408 , H04L67/08 , H04L67/40
摘要： A method and system is provided for controlling a remote target application, including sensitive and privileged applications, via a remote application connection. The target application is executed with a set of credentials, different than those credentials submitted by the user to access the target application. The user, via a local client terminal, accesses the target application over the remote application connection, such that the user experience of interaction with the target application is similar to that of the target application running locally, while the target application is actually being run remotely. The execution is protected by the second set of credentials unknown to the user, thus preventing credential hijacking and various other threats to the sensitive application.
摘要翻译：提供了一种方法和系统，用于通过远程应用程序连接来控制包括敏感和特权的应用程序的远程目标应用程序。目标应用程序使用一组凭据执行，不同于用户提交的用于访问目标应用程序的凭据。用户通过本地客户终端通过远程应用程序连接访问目标应用程序，使得与目标应用程序交互的用户体验类似于本地运行的目标应用程序的体验，而目标应用程序实际上正在远程运行。执行由用户未知的第二组凭证保护，从而防止对敏感应用程序的凭据劫持和各种其他威胁。

3. 发明申请

US20150121461A1 METHOD AND SYSTEM FOR DETECTING UNAUTHORIZED ACCESS TO AND USE OF NETWORK RESOURCES WITH TARGETED ANALYTICS 审中-公开
标题翻译：用于检测未经授权的访问和使用具有指定分析的网络资源的方法和系统
公开(公告)号：US20150121461A1
公开(公告)日：2015-04-30
申请号：US14061835
申请日：2013-10-24
申请人： Cyber-Ark Software Ltd.
发明人： Andrey DULKIN , Yair Sade , Roy Adar , Aviram Shmueli
IPC分类号： H04L29/06
CPC分类号： H04L63/1408
摘要： Methods and systems are disclosed for detecting improper, and otherwise unauthorized actions, associated with network resources, the actions including access to the resource and activity associated with the resource. The unauthorized actions are detected by analyzing action data of user actions employing accounts managed by a privileged access management system and associated with a network resource against profiles and rules to discover anomalies and/or deviations from rules associated with the network resource or accounts.
摘要翻译：公开了用于检测与网络资源相关联的不正当的或未经授权的动作的方法和系统，所述动作包括对资源的访问和与资源相关联的活动。通过分析使用由特权访问管理系统管理并且与网络资源相关联的账户的用户动作的动作数据来检测未授权动作，以针对配置文件和规则来发现与网络资源或帐户相关联的规则的异常和/或偏离。

4. 发明申请

US20150304349A1 ANOMALY DETECTION IN GROUPS OF NETWORK ADDRESSES 有权
标题翻译：网络地址组异常检测
公开(公告)号：US20150304349A1
公开(公告)日：2015-10-22
申请号：US14253945
申请日：2014-04-16
申请人： Cyber-Ark Software Ltd.
发明人： Ruth Bernstein , Andrey Dulkin , Assaf Weiss , Aviram Shmueli
IPC分类号： H04L29/06
CPC分类号： H04L63/1425 , H04L63/0227
摘要： A method for identifying anomalies in a group of network addresses includes building a model of the group of network addresses and identifying a network address as anomalous based on the deviation of the network address from the model. The model is built from a group of network addresses. The network addresses are input and parsed into one or more address trees. A ripeness score is maintained for each of the nodes in the address trees, based, at least in part, on the number of occurrences of the network address portion represented by the node. Nodes having respective ripeness scores within a specified range are classified as ripe nodes, and may be indicative of normal behavior, and nodes having respective ripeness scores outside the specified range of ripeness scores are classified as unripe, and may be indicative of anomalous behavior.
摘要翻译：一种用于识别一组网络地址中的异常的方法包括基于网络地址与模型的偏差建立网络地址组的模型并将网络地址识别为异常。该模型是从一组网络地址构建的。网络地址被输入并解析成一个或多个地址树。至少部分地基于由节点表示的网络地址部分的出现次数，为地址树中的每个节点保持成熟度分数。具有规定范围内的成熟度分数的节点被分类为成熟节点，并且可以指示正常行为，并且具有超出特定成熟度分数的成熟度分数的节点被分类为未成熟，并且可以指示异常行为。

5. 发明申请

US20150150125A1 CORRELATION BASED SECURITY RISK IDENTIFICATION 有权
标题翻译：基于相关的安全风险识别
公开(公告)号：US20150150125A1
公开(公告)日：2015-05-28
申请号：US14092991
申请日：2013-11-28
申请人： Cyber-Ark Software Ltd.
发明人： Andrey DULKIN , Denis Kamanovsky , Yoel Eilat , Yair Sade
IPC分类号： H04L29/06
CPC分类号： H04L63/1433 , G06F21/577 , H04L63/0807 , H04L63/083 , H04L63/20
摘要： Methods and systems are disclosed for identifying security risks, arising from credentials existing on machines in the networks that enable access to other machines on the networks. Account credentials indications are retrieved from machines in the network, which indicate that credentials for accounts are stored on those machines. Access rights for accounts are collected, describing the access and operation permissions of these accounts on machines in the networks. A correlation is then performed to identify machines that can be accessed by employing credentials of accounts retrieved from other machines in the network.
摘要翻译：公开了用于识别安全风险的方法和系统，该安全风险是由网络中存在于能够访问网络上的其他机器的机器上存在的凭证产生的。帐户凭据指示从网络中的机器检索，这表明帐户的凭据存储在这些机器上。收集帐户的访问权限，描述这些帐户在网络中的机器上的访问和操作权限。然后执行相关性以识别可以通过使用从网络中的其他机器检索的帐户的凭证来访问的机器。

6. 发明授权

US09712548B2 Privileged analytics system 有权
公开(公告)号：US09712548B2
公开(公告)日：2017-07-18
申请号：US14524145
申请日：2014-10-27
申请人： Cyber-Ark Software Ltd.
发明人： Aviram Shmueli , Andrey Dulkin , Yair Sade , Assaf Weiss
IPC分类号： H04L29/06
CPC分类号： H04L63/1425
摘要： A computer-implemented method for determining whether a computer network is compromised by unauthorized activity on the computer network. The computer-implemented method comprises identifying a behavioral anomaly of an entity on the computer network, classifying the anomaly as a system event based on an assigned score for the anomaly being at least at a predetermined score threshold, updating an incident based on at least one common parameter between the system event and other system events which comprise the incident, each system event of the incident including an assigned score from when the event was an anomaly, updating a system status based on at least the incident, and assigning a system status score to the system status, and, determining whether the system status score is at least at a predetermined threshold system status score indicating that the computer network may be compromised.

7. 发明授权

US09699261B2 Monitoring sessions with a session-specific transient agent 有权
公开(公告)号：US09699261B2
公开(公告)日：2017-07-04
申请号：US14154200
申请日：2014-01-14
申请人： Cyber-Ark Software Ltd.
发明人： Yair Sade , Erez Breiman , Ran Stotsky , Andrey Dulkin
IPC分类号： G06F15/173 , H04L29/08 , H04L29/06 , H04L12/26
CPC分类号： H04L67/28 , H04L43/08 , H04L43/12 , H04L43/14 , H04L63/1408 , H04L63/20 , H04L67/14 , H04L67/141 , H04L67/22
摘要： A method of monitoring a session on a target system includes receiving from a user client a user request to open a session with the target system. A session-specific transient agent for monitoring the session is installed onto the target system. The session is established between the user and the target system over a communication network. The transient agent monitors the session, collects data of events occurring on the target system during the session. The transient agent is terminated when the session ends.

8. 发明授权

US09560067B2 Correlation based security risk identification 有权
标题翻译：基于相关性的安全风险识别
公开(公告)号：US09560067B2
公开(公告)日：2017-01-31
申请号：US15177367
申请日：2016-06-09
申请人： Cyber-Ark Software Ltd.
发明人： Andrey Dulkin , Denis Kamanovsky , Yoel Eilat , Yair Sade
IPC分类号： H04L29/06
CPC分类号： H04L63/1433 , G06F21/577 , H04L63/0807 , H04L63/083 , H04L63/20
摘要： Methods and systems are disclosed for identifying security risks, arising from credentials existing on machines in the networks that enable access to other machines on the networks. Account credentials indications are retrieved from machines in the network, which indicate that credentials for accounts are stored on those machines. Access rights for accounts are collected, describing the access and operation permissions of these accounts on machines in the networks. A correlation is then performed to identify machines that can be accessed by employing credentials of accounts retrieved from other machines in the network.
摘要翻译：公开了用于识别安全风险的方法和系统，该安全风险是由网络中存在于能够访问网络上的其他机器的机器上存在的凭证产生的。帐户凭据指示从网络中的机器检索，这表明帐户的凭据存储在这些机器上。收集帐户的访问权限，描述这些帐户在网络中的机器上的访问和操作权限。然后执行相关性以识别可以通过使用从网络中的其他机器检索的帐户的凭证来访问的机器。

9. 发明申请

US20150222639A1 Maintaining Continuous Operational Access Augmented with User Authentication and Action Attribution in Shared Environments 审中-公开
标题翻译：在共享环境中维护连续的操作访问，增强用户身份验证和操作归因
公开(公告)号：US20150222639A1
公开(公告)日：2015-08-06
申请号：US14110155
申请日：2013-10-01
申请人： Cyber-Ark Software Ltd.
发明人： Andrey Dulkin , Yair Sade
IPC分类号： H04L29/06 , G06F21/31
CPC分类号： H04L63/105 , G06F21/31 , G06F2221/2113 , H04L63/08 , H04L63/101 , H04L63/102
摘要： A system and method for maintaining continuous operational access augmented with user authentication and action attribution in shared environments. Multiple users use the same machine/platform to perform their actions. The system includes an access control application and enforcement module that limit users' actions based on authentication and authority level, enabling each user to perform the user's role in the shared environment. In addition, the user's activities can be monitored, logged, and interfered with (such as terminating the session), enabling a key requirement of action attribution.
摘要翻译：用于在共享环境中用户认证和操作归属来增强用于维持连续操作访问的系统和方法。多个用户使用相同的机器/平台执行其操作。该系统包括访问控制应用和执行模块，其基于认证和权限级别限制用户的动作，使得每个用户能够在共享环境中执行用户的角色。此外，用户的活动可以被监控，记录和干扰（例如终止会话），从而实现行动归属的关键要求。

10. 发明申请

US20150200821A1 MONITORING SESSIONS WITH A SESSION-SPECIFIC TRANSIENT AGENT 有权
标题翻译：监督会议与特定过渡代理
公开(公告)号：US20150200821A1
公开(公告)日：2015-07-16
申请号：US14154200
申请日：2014-01-14
申请人： Cyber-Ark Software Ltd.
发明人： Yair SADE , Erez BREIMAN , Ran STOTSKY , Andrey DULKIN
IPC分类号： H04L12/26 , H04L29/08
CPC分类号： H04L67/28 , H04L43/08 , H04L43/12 , H04L43/14 , H04L63/1408 , H04L63/20 , H04L67/14 , H04L67/141 , H04L67/22
摘要： A method of monitoring a session on a target system includes receiving from a user client a user request to open a session with the target system. A session-specific transient agent for monitoring the session is installed onto the target system. The session is established between the user and the target system over a communication network. The transient agent monitors the session, collects data of events occurring on the target system during the session. The transient agent is terminated when the session ends.
摘要翻译：监视目标系统上的会话的方法包括从用户客户端接收与目标系统打开会话的用户请求。用于监视会话的特定于会话的临时代理被安装到目标系统上。通过通信网络在用户和目标系统之间建立会话。临时代理监视会话，在会话期间收集目标系统上发生的事件的数据。当会话结束时，临时代理终止。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式