IL302585A - מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב - Google Patents

מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב

Info

Publication number
IL302585A
IL302585A IL302585A IL30258523A IL302585A IL 302585 A IL302585 A IL 302585A IL 302585 A IL302585 A IL 302585A IL 30258523 A IL30258523 A IL 30258523A IL 302585 A IL302585 A IL 302585A
Authority
IL
Israel
Prior art keywords
edr
server
computerized
systematical
events
Prior art date
Application number
IL302585A
Other languages
English (en)
Inventor
Newman Andrew
Dudu Yaniv
Original Assignee
Reason Cybersecurity Ltd
Newman Andrew
Dudu Yaniv
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Reason Cybersecurity Ltd, Newman Andrew, Dudu Yaniv filed Critical Reason Cybersecurity Ltd
Priority to IL302585A priority Critical patent/IL302585A/he
Priority to PCT/IL2024/050367 priority patent/WO2024228181A1/en
Publication of IL302585A publication Critical patent/IL302585A/he

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • Computer And Data Communications (AREA)
IL302585A 2023-05-02 2023-05-02 מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב IL302585A (he)

Priority Applications (2)

Application Number Priority Date Filing Date Title
IL302585A IL302585A (he) 2023-05-02 2023-05-02 מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב
PCT/IL2024/050367 WO2024228181A1 (en) 2023-05-02 2024-04-15 System and method detecting and responding to events on computerized device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
IL302585A IL302585A (he) 2023-05-02 2023-05-02 מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב

Publications (1)

Publication Number Publication Date
IL302585A true IL302585A (he) 2024-12-01

Family

ID=93332836

Family Applications (1)

Application Number Title Priority Date Filing Date
IL302585A IL302585A (he) 2023-05-02 2023-05-02 מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב

Country Status (2)

Country Link
IL (1) IL302585A (he)
WO (1) WO2024228181A1 (he)

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7531816B2 (ja) * 2020-11-26 2024-08-13 エヌピーコア インコーポレイテッド イメージ基盤悪性コード検知方法および装置とこれを利用する人工知能基盤エンドポイント脅威検知および対応システム
GB2626472A (en) * 2021-10-11 2024-07-24 Sophos Ltd Augmented threat investigation

Also Published As

Publication number Publication date
WO2024228181A1 (en) 2024-11-07

Similar Documents

Publication Publication Date Title
IL289426B2 (he) שיטה ומכשיר לניהול אבטחה ברשת מחשבים
IL295777A (he) שיטה ומערכת לניהול אירועי מידע על אבטחת משתמש מקוון
IL297006A (he) הגנה על נכסי מחשב מפני התקפות זדוניות
IL296554A (he) למידת מכונה במחשוב קוונטי עבור איומי אבטחה
IL283695B1 (he) מערכות ושיטות לגילוי איומים התנהגותיים
IL283698B1 (he) מערכות ושיטות לגילוי איומים התנהגותיים
Sharma et al. Modelling of smart risk assessment approach for cloud computing environment using AI & supervised machine learning algorithms
IL266200A (he) מחוון מוניטין דינמי למיטוב פעולות אבטחה במחשב
US20230421582A1 (en) Cybersecurity operations case triage groupings
IL295223A (he) מערכת, שיטה ותוכנת מחשב לטכנולוגית קליטה, עיבוד, שמירה וחיפוש מידע
IL323163A (he) פיענוח ספקולטיבי במודלי בינה מלאכותית מחוללים אוטו-רגרסיביים
Čisar et al. The framework of runtime application self-protection technology
IL283697B2 (he) מערכות ושיטות לגילוי איומים התנהגותיים
Bui et al. A systematic comparison of large language models performance for intrusion detection
Saber et al. Automated penetration testing, a systematic review
Wan et al. Exploring the effectiveness of web crawlers in detecting security vulnerabilities in computer software applications
IL302585A (he) מערכת ושיטה לגילוי ולתגובה על אירועים במכשיר ממוחשב
Masango et al. Web defacement and intrusion monitoring tool: Wdimt
IL307998A (he) שיטה ומערכת להעשרת מרכז תפעול אבטחת מידע
Katiyar Cyber security using artificial intelligence
IL267368B2 (he) מערכות לבדיקת מוצר אלקטרוני
IL286952B2 (he) זיהוי קשרים ומניעת קשרים תלויים
IL309475A (he) מערכת ושיטה לעדכון מסלול תקיפה
IL305720A (he) מערכת ושיטה ליצירת מודיעין איומים על ידי שימוש במודל שפה גדול
CN117370701A (zh) 浏览器风险检测方法、装置、计算机设备和存储介质