JP5978365B2 - 仮想環境においてネットワークアクセス制御を行うシステムおよび方法 - Google Patents
仮想環境においてネットワークアクセス制御を行うシステムおよび方法 Download PDFInfo
- Publication number
- JP5978365B2 JP5978365B2 JP2015159919A JP2015159919A JP5978365B2 JP 5978365 B2 JP5978365 B2 JP 5978365B2 JP 2015159919 A JP2015159919 A JP 2015159919A JP 2015159919 A JP2015159919 A JP 2015159919A JP 5978365 B2 JP5978365 B2 JP 5978365B2
- Authority
- JP
- Japan
- Prior art keywords
- virtual machine
- access control
- network access
- network
- notification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
Description
Claims (15)
- 仮想環境においてネットワークアクセス制御を行うコンピュータ実装方法であって、前記方法の少なくとも一部分は、少なくとも1つのプロセッサを備えるコンピューティング装置によって実施され、
ホストマシン上で動作している仮想マシンにトランジェントセキュリティエージェントを注入するステップと、
前記仮想マシンが1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの通知を、前記トランジェントセキュリティエージェントから受け取るステップと、
前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知に基づいて、前記仮想マシンのネットワークアクセスを制御するステップと、
前記通知を受け取ったことに応じて、前記仮想マシンから前記トランジェントセキュリティエージェントを除去するステップと、を含む、
方法。 - 前記トランジェントセキュリティエージェントは、前記ホストマシン上の注入モジュールによって前記仮想マシンに注入される、
請求項1に記載の方法。 - 前記仮想マシンに前記トランジェントセキュリティエージェントを注入する前記ステップは、
前記仮想マシンから前記注入モジュールに制御を移すことを促進するように構成された1つ以上のコンピュータ実行可能命令を、前記仮想マシンの例外ハンドラメモリロケーションに挿入するステップと、
前記仮想マシンの実行中に例外をトリガして、前記例外ハンドラメモリロケーションにある前記1つ以上のコンピュータ実行可能命令を実行させるステップと、
前記少なくとも1つのコンピュータ実行可能命令が実行された後に前記仮想マシンから制御を取得するステップと、
前記仮想マシンに前記トランジェントセキュリティエージェントを挿入するステップと、
を含む、請求項2に記載の方法。 - 前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知は、前記ホストマシン上のネットワークアクセス制御モジュールにおいて受け取られ、
前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知は、プロセス間通信を介して、前記ネットワークアクセス制御モジュールに送られ、
前記ネットワークアクセス制御モジュールは、ネットワーク通信フィルタを備え、前記ネットワーク通信フィルタは、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知に基づいて、前記仮想マシンのネットワークアクセスを制御する、
請求項1に記載の方法。 - 前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知は、前記ホストマシンから遠く離れているネットワークアクセス制御サーバにおいて受け取られ、
前記ネットワークアクセス制御サーバは、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知に基づいて、前記仮想マシンのネットワークアクセスを制御する、
請求項1に記載の方法。 - 前記通知は、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成していないことを通知するものであり、
前記仮想マシンのレメディエーションを行うステップをさらに含む、
請求項1に記載の方法。 - 前記レメディエーションは、前記仮想マシンのユーザに対して透過的である、
請求項6に記載の方法。 - 仮想環境においてネットワークアクセス制御を行うシステムであって、
ホストマシン上で実行されている仮想マシンにトランジェントセキュリティエージェントを注入する、メモリに記憶されたエージェント挿入モジュールと、
前記仮想マシンが1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの通知を前記トランジェントセキュリティエージェントから受け取る、メモリに記憶されたエージェント起動モジュールと、
メモリに記憶されたアクセス制御モジュールであって、
前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知に基づいて、前記仮想マシンのネットワークアクセスを制御し、
前記通知を受け取ることに応じて、前記トランジェントセキュリティエージェントを前記仮想マシンから除去する、アクセス制御モジュールと、
前記エージェント挿入モジュールと前記エージェント起動モジュールと前記アクセス制御モジュールとを実行するよう構成された少なくとも1つのハードウェアプロセッサと、
を含むシステム。 - 前記仮想マシンから制御を移すことを促進するように構成された1つ以上のコンピュータ実行可能命令を、前記仮想マシンの例外ハンドラメモリロケーションに挿入し、
前記仮想マシンの実行中に例外をトリガして、前記例外ハンドラメモリロケーションにある前記1つ以上のコンピュータ実行可能命令を実行させ、
前記少なくとも1つのコンピュータ実行可能命令が実行された後に前記仮想マシンから制御を取得し、
前記仮想マシンに前記トランジェントセキュリティエージェントを挿入する、
ことによって、前記エージェント挿入モジュールは前記仮想マシンに前記トランジェントセキュリティエージェントを注入する、
請求項8に記載のシステム。 - 前記通知は、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成していないことを通知するものであり、
前記アクセス制御モジュールは前記仮想マシンのレメディエーションを行う、
請求項8に記載のシステム。 - 前記レメディエーションは、前記仮想マシンのユーザに対して透過的である、
請求項10に記載のシステム。 - 前記アクセス制御モジュールは、ネットワーク通信フィルタを使用して前記仮想マシンの1つ以上のネットワーク通信を阻止することによって、前記仮想マシンの前記ネットワークアクセスを制御する、
請求項8に記載のシステム。 - 仮想環境においてネットワークアクセス制御を行うコンピュータ実装方法であって、前記方法の少なくとも一部分は、少なくとも1つのプロセッサを備えるコンピューティング装置によって実施され、
ホストマシン上で動作している仮想マシンを識別するステップと、
前記ホストマシン上に常駐するも、前記仮想マシンの外部に位置するネットワーク通信フィルタを与えるステップと、
前記ホストマシン上で実行されていて、前記仮想マシンの外部に位置するプロセスを用いて、前記仮想マシンの1つ以上のリソースを検査するステップと、
前記仮想マシンのリソースの前記検査の結果に基づいて、前記仮想マシンのオペレーティングシステムおよび/またはファイルシステムのデータ構造を再構成するステップと、
前記再構成された、オペレーティングシステムおよび/またはファイルシステムのデータ構造を評価して、前記仮想マシンが1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかを判定するステップと、
前記ネットワーク通信フィルタを制御するアクセス制御モジュールにおいて、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの通知を受け取るステップと、
前記ネットワーク通信フィルタを使用して、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成しているかどうかの前記通知に基づいて、前記仮想マシンのネットワークアクセスを制御するステップと、
を含む方法。 - 前記仮想マシンの前記1つ以上のリソースを検査する前記ステップは、前記仮想マシンのディスク空間およびメモリの読み出しを行うステップを含む、
請求項13に記載の方法。 - 前記通知は、前記仮想マシンが前記1つ以上のネットワークアクセス制御ポリシーに対するコンプライアンスを達成していないことを通知するものであり、
前記ネットワーク通信フィルタは、前記仮想マシンの1つ以上のネットワーク通信を阻止することにより、前記仮想マシンのネットワークアクセスを制御する、
請求項13に記載の方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/724,414 | 2010-03-15 | ||
US12/724,414 US8938782B2 (en) | 2010-03-15 | 2010-03-15 | Systems and methods for providing network access control in virtual environments |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2013500041A Division JP2013522761A (ja) | 2010-03-15 | 2010-12-28 | 仮想環境においてネットワークアクセス制御を行うシステムおよび方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2016006670A JP2016006670A (ja) | 2016-01-14 |
JP5978365B2 true JP5978365B2 (ja) | 2016-08-24 |
Family
ID=43733942
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2013500041A Pending JP2013522761A (ja) | 2010-03-15 | 2010-12-28 | 仮想環境においてネットワークアクセス制御を行うシステムおよび方法 |
JP2015159919A Active JP5978365B2 (ja) | 2010-03-15 | 2015-08-13 | 仮想環境においてネットワークアクセス制御を行うシステムおよび方法 |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2013500041A Pending JP2013522761A (ja) | 2010-03-15 | 2010-12-28 | 仮想環境においてネットワークアクセス制御を行うシステムおよび方法 |
Country Status (5)
Country | Link |
---|---|
US (1) | US8938782B2 (ja) |
EP (1) | EP2548149A1 (ja) |
JP (2) | JP2013522761A (ja) |
CN (1) | CN102792307B (ja) |
WO (1) | WO2011115655A1 (ja) |
Families Citing this family (247)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8171553B2 (en) | 2004-04-01 | 2012-05-01 | Fireeye, Inc. | Heuristic based capture with replay to virtual machine |
US9106694B2 (en) | 2004-04-01 | 2015-08-11 | Fireeye, Inc. | Electronic message analysis for malware detection |
US8584239B2 (en) | 2004-04-01 | 2013-11-12 | Fireeye, Inc. | Virtual machine with dynamic data flow analysis |
US8881282B1 (en) | 2004-04-01 | 2014-11-04 | Fireeye, Inc. | Systems and methods for malware attack detection and identification |
US7587537B1 (en) | 2007-11-30 | 2009-09-08 | Altera Corporation | Serializer-deserializer circuits formed from input-output circuit registers |
US8566946B1 (en) | 2006-04-20 | 2013-10-22 | Fireeye, Inc. | Malware containment on connection |
US8898788B1 (en) | 2004-04-01 | 2014-11-25 | Fireeye, Inc. | Systems and methods for malware attack prevention |
US8528086B1 (en) | 2004-04-01 | 2013-09-03 | Fireeye, Inc. | System and method of detecting computer worms |
US8793787B2 (en) | 2004-04-01 | 2014-07-29 | Fireeye, Inc. | Detecting malicious network content using virtual environment components |
US8549638B2 (en) | 2004-06-14 | 2013-10-01 | Fireeye, Inc. | System and method of containing computer worms |
US8281363B1 (en) * | 2008-03-31 | 2012-10-02 | Symantec Corporation | Methods and systems for enforcing network access control in a virtual environment |
US8997219B2 (en) | 2008-11-03 | 2015-03-31 | Fireeye, Inc. | Systems and methods for detecting malicious PDF network content |
US8832829B2 (en) | 2009-09-30 | 2014-09-09 | Fireeye, Inc. | Network-based binary file extraction and analysis for malware detection |
WO2011142753A1 (en) * | 2010-05-12 | 2011-11-17 | Hewlett-Packard Development Company, L.P. | Methods, apparatus and articles of manufacture to update virtual machine templates |
US8010992B1 (en) * | 2010-07-14 | 2011-08-30 | Domanicom Corp. | Devices, systems, and methods for providing increased security when multiplexing one or more services at a customer premises |
US9191327B2 (en) | 2011-02-10 | 2015-11-17 | Varmour Networks, Inc. | Distributed service processing of network gateways using virtual machines |
US9292324B2 (en) * | 2011-02-18 | 2016-03-22 | Telefonaktiebolaget L M Ericsson (Publ) | Virtual machine supervision by machine code rewriting to inject policy rule |
JP5505654B2 (ja) * | 2011-04-04 | 2014-05-28 | 日本電気株式会社 | 検疫ネットワークシステム及び検疫方法 |
US8881258B2 (en) | 2011-08-24 | 2014-11-04 | Mcafee, Inc. | System, method, and computer program for preventing infections from spreading in a network environment using dynamic application of a firewall policy |
US8959572B2 (en) | 2011-10-28 | 2015-02-17 | Google Inc. | Policy enforcement of client devices |
US8813169B2 (en) * | 2011-11-03 | 2014-08-19 | Varmour Networks, Inc. | Virtual security boundary for physical or virtual network devices |
US9529995B2 (en) | 2011-11-08 | 2016-12-27 | Varmour Networks, Inc. | Auto discovery of virtual machines |
US9787681B2 (en) | 2012-01-06 | 2017-10-10 | Optio Labs, Inc. | Systems and methods for enforcing access control policies on privileged accesses for mobile devices |
US9609020B2 (en) * | 2012-01-06 | 2017-03-28 | Optio Labs, Inc. | Systems and methods to enforce security policies on the loading, linking, and execution of native code by mobile applications running inside of virtual machines |
US9712530B2 (en) | 2012-01-06 | 2017-07-18 | Optio Labs, Inc. | Systems and methods for enforcing security in mobile computing |
US9256742B2 (en) | 2012-01-30 | 2016-02-09 | Intel Corporation | Remote trust attestation and geo-location of servers and clients in cloud computing environments |
CN104081713B (zh) * | 2012-01-30 | 2018-08-17 | 英特尔公司 | 云计算环境中的服务器和客户机的远程信任认证和地理位置 |
US9032014B2 (en) * | 2012-02-06 | 2015-05-12 | Sap Se | Diagnostics agents for managed computing solutions hosted in adaptive environments |
CN103379481B (zh) * | 2012-04-26 | 2015-05-06 | 腾讯科技(深圳)有限公司 | 一种实现安全防护的方法 |
EP2696303B1 (en) * | 2012-08-03 | 2017-05-10 | Alcatel Lucent | Mandatory access control (MAC) in virtual machines |
US9509553B2 (en) * | 2012-08-13 | 2016-11-29 | Intigua, Inc. | System and methods for management virtualization |
US10572665B2 (en) | 2012-12-28 | 2020-02-25 | Fireeye, Inc. | System and method to create a number of breakpoints in a virtual machine via virtual machine trapping events |
US9773107B2 (en) | 2013-01-07 | 2017-09-26 | Optio Labs, Inc. | Systems and methods for enforcing security in mobile computing |
US9195829B1 (en) | 2013-02-23 | 2015-11-24 | Fireeye, Inc. | User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications |
US9367681B1 (en) | 2013-02-23 | 2016-06-14 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application |
US9009823B1 (en) | 2013-02-23 | 2015-04-14 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications installed on mobile devices |
US9176843B1 (en) | 2013-02-23 | 2015-11-03 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications |
US8990944B1 (en) | 2013-02-23 | 2015-03-24 | Fireeye, Inc. | Systems and methods for automatically detecting backdoors |
US9626509B1 (en) | 2013-03-13 | 2017-04-18 | Fireeye, Inc. | Malicious content analysis with multi-version application support within single operating environment |
US9355247B1 (en) | 2013-03-13 | 2016-05-31 | Fireeye, Inc. | File extraction from memory dump for malicious content analysis |
US20140282992A1 (en) | 2013-03-13 | 2014-09-18 | Optio Labs, Inc. | Systems and methods for securing the boot process of a device using credentials stored on an authentication token |
US9104867B1 (en) | 2013-03-13 | 2015-08-11 | Fireeye, Inc. | Malicious content analysis using simulated user interaction without user involvement |
US9430646B1 (en) | 2013-03-14 | 2016-08-30 | Fireeye, Inc. | Distributed systems and methods for automatically detecting unknown bots and botnets |
US9311479B1 (en) | 2013-03-14 | 2016-04-12 | Fireeye, Inc. | Correlation and consolidation of analytic data for holistic view of a malware attack |
US10713358B2 (en) | 2013-03-15 | 2020-07-14 | Fireeye, Inc. | System and method to extract and utilize disassembly features to classify software intent |
US9413781B2 (en) | 2013-03-15 | 2016-08-09 | Fireeye, Inc. | System and method employing structured intelligence to verify and contain threats at endpoints |
JP6036464B2 (ja) * | 2013-03-26 | 2016-11-30 | 富士通株式会社 | プログラム、診断方法及び診断システム |
US9336384B2 (en) * | 2013-04-24 | 2016-05-10 | Symantec Corporation | Systems and methods for replacing application methods at runtime |
US9495180B2 (en) | 2013-05-10 | 2016-11-15 | Fireeye, Inc. | Optimized resource allocation for virtual machines within a malware content detection system |
US9635039B1 (en) | 2013-05-13 | 2017-04-25 | Fireeye, Inc. | Classifying sets of malicious indicators for detecting command and control communications associated with malware |
US10133863B2 (en) | 2013-06-24 | 2018-11-20 | Fireeye, Inc. | Zero-day discovery system |
US9300686B2 (en) | 2013-06-28 | 2016-03-29 | Fireeye, Inc. | System and method for detecting malicious links in electronic messages |
GB2515757A (en) | 2013-07-02 | 2015-01-07 | Ibm | Managing virtual machine policy compliance |
US20150052614A1 (en) * | 2013-08-19 | 2015-02-19 | International Business Machines Corporation | Virtual machine trust isolation in a cloud environment |
US20150058926A1 (en) * | 2013-08-23 | 2015-02-26 | International Business Machines Corporation | Shared Page Access Control Among Cloud Objects In A Distributed Cloud Environment |
US9736179B2 (en) | 2013-09-30 | 2017-08-15 | Fireeye, Inc. | System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection |
US10515214B1 (en) | 2013-09-30 | 2019-12-24 | Fireeye, Inc. | System and method for classifying malware within content created during analysis of a specimen |
US9171160B2 (en) | 2013-09-30 | 2015-10-27 | Fireeye, Inc. | Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses |
US9690936B1 (en) | 2013-09-30 | 2017-06-27 | Fireeye, Inc. | Multistage system and method for analyzing obfuscated content for malware |
US9294501B2 (en) | 2013-09-30 | 2016-03-22 | Fireeye, Inc. | Fuzzy hash of behavioral results |
US9628507B2 (en) | 2013-09-30 | 2017-04-18 | Fireeye, Inc. | Advanced persistent threat (APT) detection center |
US10033693B2 (en) | 2013-10-01 | 2018-07-24 | Nicira, Inc. | Distributed identity-based firewalls |
US9921978B1 (en) | 2013-11-08 | 2018-03-20 | Fireeye, Inc. | System and method for enhanced security of storage devices |
US9223964B2 (en) * | 2013-12-05 | 2015-12-29 | Mcafee, Inc. | Detecting JAVA sandbox escaping attacks based on JAVA bytecode instrumentation and JAVA method hooking |
US9438506B2 (en) * | 2013-12-11 | 2016-09-06 | Amazon Technologies, Inc. | Identity and access management-based access control in virtual networks |
US9747446B1 (en) | 2013-12-26 | 2017-08-29 | Fireeye, Inc. | System and method for run-time object classification |
US9756074B2 (en) | 2013-12-26 | 2017-09-05 | Fireeye, Inc. | System and method for IPS and VM-based detection of suspicious objects |
US9740857B2 (en) | 2014-01-16 | 2017-08-22 | Fireeye, Inc. | Threat-aware microvisor |
US9262635B2 (en) | 2014-02-05 | 2016-02-16 | Fireeye, Inc. | Detection efficacy of virtual machine-based analysis with application specific events |
US9560081B1 (en) | 2016-06-24 | 2017-01-31 | Varmour Networks, Inc. | Data network microsegmentation |
US9973472B2 (en) | 2015-04-02 | 2018-05-15 | Varmour Networks, Inc. | Methods and systems for orchestrating physical and virtual switches to enforce security boundaries |
US10091238B2 (en) | 2014-02-11 | 2018-10-02 | Varmour Networks, Inc. | Deception using distributed threat detection |
US10264025B2 (en) | 2016-06-24 | 2019-04-16 | Varmour Networks, Inc. | Security policy generation for virtualization, bare-metal server, and cloud computing environments |
JP2015166952A (ja) * | 2014-03-04 | 2015-09-24 | 順子 杉中 | 情報処理装置、情報処理監視方法、プログラム、及び記録媒体 |
US9241010B1 (en) | 2014-03-20 | 2016-01-19 | Fireeye, Inc. | System and method for network behavior detection |
US10242185B1 (en) | 2014-03-21 | 2019-03-26 | Fireeye, Inc. | Dynamic guest image creation and rollback |
US9591015B1 (en) | 2014-03-28 | 2017-03-07 | Fireeye, Inc. | System and method for offloading packet processing and static analysis operations |
US9432389B1 (en) | 2014-03-31 | 2016-08-30 | Fireeye, Inc. | System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object |
US9223972B1 (en) | 2014-03-31 | 2015-12-29 | Fireeye, Inc. | Dynamically remote tuning of a malware content detection system |
RU2580030C2 (ru) | 2014-04-18 | 2016-04-10 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ распределения задач антивирусной проверки между виртуальными машинами в виртуальной сети |
US9594912B1 (en) | 2014-06-06 | 2017-03-14 | Fireeye, Inc. | Return-oriented programming detection |
US9973531B1 (en) | 2014-06-06 | 2018-05-15 | Fireeye, Inc. | Shellcode detection |
US9438623B1 (en) | 2014-06-06 | 2016-09-06 | Fireeye, Inc. | Computer exploit detection using heap spray pattern matching |
US10084813B2 (en) | 2014-06-24 | 2018-09-25 | Fireeye, Inc. | Intrusion prevention and remedy system |
US10805340B1 (en) | 2014-06-26 | 2020-10-13 | Fireeye, Inc. | Infection vector and malware tracking with an interactive user display |
US9398028B1 (en) | 2014-06-26 | 2016-07-19 | Fireeye, Inc. | System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers |
US10002252B2 (en) | 2014-07-01 | 2018-06-19 | Fireeye, Inc. | Verification of trusted threat-aware microvisor |
US9363280B1 (en) | 2014-08-22 | 2016-06-07 | Fireeye, Inc. | System and method of detecting delivery of malware using cross-customer data |
US10671726B1 (en) | 2014-09-22 | 2020-06-02 | Fireeye Inc. | System and method for malware analysis using thread-level event monitoring |
US9773112B1 (en) | 2014-09-29 | 2017-09-26 | Fireeye, Inc. | Exploit detection of malware and malware families |
US10027689B1 (en) | 2014-09-29 | 2018-07-17 | Fireeye, Inc. | Interactive infection visualization for improved exploit detection and signature generation for malware and malware families |
US9690933B1 (en) | 2014-12-22 | 2017-06-27 | Fireeye, Inc. | Framework for classifying an object as malicious with machine learning for deploying updated predictive models |
US10075455B2 (en) | 2014-12-26 | 2018-09-11 | Fireeye, Inc. | Zero-day rotating guest image profile |
US9934376B1 (en) | 2014-12-29 | 2018-04-03 | Fireeye, Inc. | Malware detection appliance architecture |
US9838417B1 (en) | 2014-12-30 | 2017-12-05 | Fireeye, Inc. | Intelligent context aware user interaction for malware detection |
CN104601568B (zh) * | 2015-01-13 | 2019-05-21 | 深信服科技股份有限公司 | 虚拟化安全隔离方法和装置 |
US10095534B2 (en) * | 2015-02-24 | 2018-10-09 | Red Hat Israel, Ltd. | Guest controlled virtual device packet filtering |
US10193929B2 (en) | 2015-03-13 | 2019-01-29 | Varmour Networks, Inc. | Methods and systems for improving analytics in distributed networks |
US9467476B1 (en) | 2015-03-13 | 2016-10-11 | Varmour Networks, Inc. | Context aware microsegmentation |
US10178070B2 (en) | 2015-03-13 | 2019-01-08 | Varmour Networks, Inc. | Methods and systems for providing security to distributed microservices |
US9609026B2 (en) | 2015-03-13 | 2017-03-28 | Varmour Networks, Inc. | Segmented networks that implement scanning |
US9294442B1 (en) | 2015-03-30 | 2016-03-22 | Varmour Networks, Inc. | System and method for threat-driven security policy controls |
US9438634B1 (en) | 2015-03-13 | 2016-09-06 | Varmour Networks, Inc. | Microsegmented networks that implement vulnerability scanning |
US9690606B1 (en) | 2015-03-25 | 2017-06-27 | Fireeye, Inc. | Selective system call monitoring |
US10148693B2 (en) | 2015-03-25 | 2018-12-04 | Fireeye, Inc. | Exploit detection system |
US10009381B2 (en) | 2015-03-30 | 2018-06-26 | Varmour Networks, Inc. | System and method for threat-driven security policy controls |
US9438613B1 (en) | 2015-03-30 | 2016-09-06 | Fireeye, Inc. | Dynamic content activation for automated analysis of embedded objects |
US9380027B1 (en) | 2015-03-30 | 2016-06-28 | Varmour Networks, Inc. | Conditional declarative policies |
US10417031B2 (en) | 2015-03-31 | 2019-09-17 | Fireeye, Inc. | Selective virtualization for security threat detection |
US10474813B1 (en) | 2015-03-31 | 2019-11-12 | Fireeye, Inc. | Code injection technique for remediation at an endpoint of a network |
US9483644B1 (en) | 2015-03-31 | 2016-11-01 | Fireeye, Inc. | Methods for detecting file altering malware in VM based analysis |
US9525697B2 (en) | 2015-04-02 | 2016-12-20 | Varmour Networks, Inc. | Delivering security functions to distributed networks |
US9654485B1 (en) | 2015-04-13 | 2017-05-16 | Fireeye, Inc. | Analytics-based security monitoring system and method |
US9594904B1 (en) | 2015-04-23 | 2017-03-14 | Fireeye, Inc. | Detecting malware based on reflection |
US10216927B1 (en) | 2015-06-30 | 2019-02-26 | Fireeye, Inc. | System and method for protecting memory pages associated with a process using a virtualization layer |
US10140140B2 (en) | 2015-06-30 | 2018-11-27 | Microsoft Technology Licensing, Llc | Cloud virtual machine customization using extension framework |
US10642753B1 (en) | 2015-06-30 | 2020-05-05 | Fireeye, Inc. | System and method for protecting a software component running in virtual machine using a virtualization layer |
US10454950B1 (en) | 2015-06-30 | 2019-10-22 | Fireeye, Inc. | Centralized aggregation technique for detecting lateral movement of stealthy cyber-attacks |
US10726127B1 (en) | 2015-06-30 | 2020-07-28 | Fireeye, Inc. | System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer |
US11113086B1 (en) | 2015-06-30 | 2021-09-07 | Fireeye, Inc. | Virtual system and method for securing external network connectivity |
US10395029B1 (en) | 2015-06-30 | 2019-08-27 | Fireeye, Inc. | Virtual system and method with threat protection |
US9553891B1 (en) | 2015-07-27 | 2017-01-24 | Bank Of America Corporation | Device blocking tool |
US9736152B2 (en) | 2015-07-27 | 2017-08-15 | Bank Of America Corporation | Device blocking tool |
US9628480B2 (en) | 2015-07-27 | 2017-04-18 | Bank Of America Corporation | Device blocking tool |
WO2017019061A1 (en) | 2015-07-29 | 2017-02-02 | Hewlett Packard Enterprise Development Lp | Firewall to determine access to a portion of memory |
US10715542B1 (en) | 2015-08-14 | 2020-07-14 | Fireeye, Inc. | Mobile application risk analysis |
US9483317B1 (en) | 2015-08-17 | 2016-11-01 | Varmour Networks, Inc. | Using multiple central processing unit cores for packet forwarding in virtualized networks |
US10176321B2 (en) | 2015-09-22 | 2019-01-08 | Fireeye, Inc. | Leveraging behavior-based rules for malware family classification |
US10033759B1 (en) | 2015-09-28 | 2018-07-24 | Fireeye, Inc. | System and method of threat detection under hypervisor control |
US10033747B1 (en) | 2015-09-29 | 2018-07-24 | Fireeye, Inc. | System and method for detecting interpreter-based exploit attacks |
US10706149B1 (en) | 2015-09-30 | 2020-07-07 | Fireeye, Inc. | Detecting delayed activation malware using a primary controller and plural time controllers |
US9825976B1 (en) | 2015-09-30 | 2017-11-21 | Fireeye, Inc. | Detection and classification of exploit kits |
US10210329B1 (en) | 2015-09-30 | 2019-02-19 | Fireeye, Inc. | Method to detect application execution hijacking using memory protection |
US10601865B1 (en) | 2015-09-30 | 2020-03-24 | Fireeye, Inc. | Detection of credential spearphishing attacks using email analysis |
US9825989B1 (en) | 2015-09-30 | 2017-11-21 | Fireeye, Inc. | Cyber attack early warning system |
US10817606B1 (en) | 2015-09-30 | 2020-10-27 | Fireeye, Inc. | Detecting delayed activation malware using a run-time monitoring agent and time-dilation logic |
US10324746B2 (en) | 2015-11-03 | 2019-06-18 | Nicira, Inc. | Extended context delivery for context-based authorization |
US10284575B2 (en) | 2015-11-10 | 2019-05-07 | Fireeye, Inc. | Launcher for setting analysis environment variations for malware detection |
US10191758B2 (en) | 2015-12-09 | 2019-01-29 | Varmour Networks, Inc. | Directing data traffic between intra-server virtual machines |
US10846117B1 (en) | 2015-12-10 | 2020-11-24 | Fireeye, Inc. | Technique for establishing secure communication between host and guest processes of a virtualization architecture |
US10447728B1 (en) | 2015-12-10 | 2019-10-15 | Fireeye, Inc. | Technique for protecting guest processes using a layered virtualization architecture |
US10108446B1 (en) | 2015-12-11 | 2018-10-23 | Fireeye, Inc. | Late load technique for deploying a virtualization layer underneath a running operating system |
US10050998B1 (en) | 2015-12-30 | 2018-08-14 | Fireeye, Inc. | Malicious message analysis system |
US10621338B1 (en) | 2015-12-30 | 2020-04-14 | Fireeye, Inc. | Method to detect forgery and exploits using last branch recording registers |
US10565378B1 (en) | 2015-12-30 | 2020-02-18 | Fireeye, Inc. | Exploit of privilege detection framework |
US10133866B1 (en) | 2015-12-30 | 2018-11-20 | Fireeye, Inc. | System and method for triggering analysis of an object for malware in response to modification of that object |
US10581874B1 (en) | 2015-12-31 | 2020-03-03 | Fireeye, Inc. | Malware detection system with contextual analysis |
US11552986B1 (en) | 2015-12-31 | 2023-01-10 | Fireeye Security Holdings Us Llc | Cyber-security framework for application of virtual features |
US9824216B1 (en) | 2015-12-31 | 2017-11-21 | Fireeye, Inc. | Susceptible environment detection system |
US9965313B2 (en) | 2016-01-05 | 2018-05-08 | Bitdefender IPR Management Ltd. | Systems and methods for auditing a virtual machine |
US9762599B2 (en) | 2016-01-29 | 2017-09-12 | Varmour Networks, Inc. | Multi-node affinity-based examination for computer network security remediation |
US9680852B1 (en) | 2016-01-29 | 2017-06-13 | Varmour Networks, Inc. | Recursive multi-layer examination for computer network security remediation |
US9521115B1 (en) | 2016-03-24 | 2016-12-13 | Varmour Networks, Inc. | Security policy generation using container metadata |
US10601863B1 (en) | 2016-03-25 | 2020-03-24 | Fireeye, Inc. | System and method for managing sensor enrollment |
US10785255B1 (en) | 2016-03-25 | 2020-09-22 | Fireeye, Inc. | Cluster configuration within a scalable malware detection system |
US10671721B1 (en) | 2016-03-25 | 2020-06-02 | Fireeye, Inc. | Timeout management services |
US10476906B1 (en) | 2016-03-25 | 2019-11-12 | Fireeye, Inc. | System and method for managing formation and modification of a cluster within a malware detection system |
US10893059B1 (en) | 2016-03-31 | 2021-01-12 | Fireeye, Inc. | Verification and enhancement using detection systems located at the network periphery and endpoint devices |
US10169585B1 (en) | 2016-06-22 | 2019-01-01 | Fireeye, Inc. | System and methods for advanced malware detection through placement of transition events |
US9787639B1 (en) | 2016-06-24 | 2017-10-10 | Varmour Networks, Inc. | Granular segmentation using events |
US10462173B1 (en) | 2016-06-30 | 2019-10-29 | Fireeye, Inc. | Malware detection verification and enhancement by coordinating endpoint and malware detection systems |
US10755334B2 (en) | 2016-06-30 | 2020-08-25 | Varmour Networks, Inc. | Systems and methods for continually scoring and segmenting open opportunities using client data and product predictors |
US10938837B2 (en) * | 2016-08-30 | 2021-03-02 | Nicira, Inc. | Isolated network stack to manage security for virtual machines |
US10592678B1 (en) | 2016-09-09 | 2020-03-17 | Fireeye, Inc. | Secure communications between peers using a verified virtual trusted platform module |
US10491627B1 (en) | 2016-09-29 | 2019-11-26 | Fireeye, Inc. | Advanced malware detection using similarity analysis |
US10795991B1 (en) | 2016-11-08 | 2020-10-06 | Fireeye, Inc. | Enterprise search |
KR102511451B1 (ko) | 2016-11-09 | 2023-03-17 | 삼성전자주식회사 | 리치 실행 환경에서 보안 어플리케이션을 안전하게 실행하는 컴퓨팅 시스템 |
US10587647B1 (en) | 2016-11-22 | 2020-03-10 | Fireeye, Inc. | Technique for malware detection capability comparison of network security devices |
US10803173B2 (en) | 2016-12-22 | 2020-10-13 | Nicira, Inc. | Performing context-rich attribute-based process control services on a host |
US10581879B1 (en) | 2016-12-22 | 2020-03-03 | Fireeye, Inc. | Enhanced malware detection for generated objects |
US11032246B2 (en) | 2016-12-22 | 2021-06-08 | Nicira, Inc. | Context based firewall services for data message flows for multiple concurrent users on one machine |
US10812451B2 (en) | 2016-12-22 | 2020-10-20 | Nicira, Inc. | Performing appID based firewall services on a host |
US10805332B2 (en) | 2017-07-25 | 2020-10-13 | Nicira, Inc. | Context engine model |
US10802858B2 (en) | 2016-12-22 | 2020-10-13 | Nicira, Inc. | Collecting and processing contextual attributes on a host |
US10552610B1 (en) | 2016-12-22 | 2020-02-04 | Fireeye, Inc. | Adaptive virtual machine snapshot update framework for malware behavioral analysis |
US10523609B1 (en) | 2016-12-27 | 2019-12-31 | Fireeye, Inc. | Multi-vector malware detection and analysis |
US10511631B2 (en) * | 2017-01-25 | 2019-12-17 | Microsoft Technology Licensing, Llc | Safe data access through any data channel |
US10904286B1 (en) | 2017-03-24 | 2021-01-26 | Fireeye, Inc. | Detection of phishing attacks using similarity analysis |
CN110461452B (zh) | 2017-03-24 | 2022-06-24 | 旭化成株式会社 | 膜蒸馏用多孔质膜和膜蒸馏用组件的运转方法 |
US10848397B1 (en) | 2017-03-30 | 2020-11-24 | Fireeye, Inc. | System and method for enforcing compliance with subscription requirements for cyber-attack detection service |
US10791138B1 (en) | 2017-03-30 | 2020-09-29 | Fireeye, Inc. | Subscription-based malware detection |
US10902119B1 (en) | 2017-03-30 | 2021-01-26 | Fireeye, Inc. | Data extraction system for malware analysis |
US10798112B2 (en) | 2017-03-30 | 2020-10-06 | Fireeye, Inc. | Attribute-controlled malware detection |
US10567379B2 (en) | 2017-06-26 | 2020-02-18 | Bank Of America Corporation | Network switch port access control and information security |
US10462134B2 (en) | 2017-06-26 | 2019-10-29 | Bank Of America Corporation | Network device removal for access control and information security |
US10484380B2 (en) | 2017-06-26 | 2019-11-19 | Bank Of America Corporation | Untrusted network device identification and removal for access control and information security |
US10601848B1 (en) | 2017-06-29 | 2020-03-24 | Fireeye, Inc. | Cyber-security system and method for weak indicator detection and correlation to generate strong indicators |
US10855700B1 (en) | 2017-06-29 | 2020-12-01 | Fireeye, Inc. | Post-intrusion detection of cyber-attacks during lateral movement within networks |
US10503904B1 (en) | 2017-06-29 | 2019-12-10 | Fireeye, Inc. | Ransomware detection and mitigation |
US10893068B1 (en) | 2017-06-30 | 2021-01-12 | Fireeye, Inc. | Ransomware file modification prevention technique |
US10567433B2 (en) | 2017-07-06 | 2020-02-18 | Bank Of America Corporation | Network device authorization for access control and information security |
US10609064B2 (en) | 2017-07-06 | 2020-03-31 | Bank Of America Corporation | Network device access control and information security |
US10462141B2 (en) | 2017-07-26 | 2019-10-29 | Bank Of America Corporation | Network device information validation for access control and information security |
US10375076B2 (en) | 2017-07-26 | 2019-08-06 | Bank Of America Corporation | Network device location information validation for access control and information security |
US10320804B2 (en) | 2017-07-26 | 2019-06-11 | Bank Of America Corporation | Switch port leasing for access control and information security |
US10469449B2 (en) | 2017-07-26 | 2019-11-05 | Bank Of America Corporation | Port authentication control for access control and information security |
US10383031B2 (en) | 2017-07-28 | 2019-08-13 | Bank Of America Corporation | Zone-based network device monitoring using a distributed wireless network |
US10104638B1 (en) | 2017-07-28 | 2018-10-16 | Bank Of America Corporation | Network device location detection and monitoring using a distributed wireless network |
US10609672B2 (en) | 2017-07-28 | 2020-03-31 | Bank Of America Corporation | Network device navigation using a distributed wireless network |
US10747872B1 (en) | 2017-09-27 | 2020-08-18 | Fireeye, Inc. | System and method for preventing malware evasion |
US10805346B2 (en) | 2017-10-01 | 2020-10-13 | Fireeye, Inc. | Phishing attack detection |
US11108809B2 (en) | 2017-10-27 | 2021-08-31 | Fireeye, Inc. | System and method for analyzing binary code for malware classification using artificial neural network techniques |
US10778651B2 (en) | 2017-11-15 | 2020-09-15 | Nicira, Inc. | Performing context-rich attribute-based encryption on a host |
US11005860B1 (en) | 2017-12-28 | 2021-05-11 | Fireeye, Inc. | Method and system for efficient cybersecurity analysis of endpoint events |
US11271955B2 (en) | 2017-12-28 | 2022-03-08 | Fireeye Security Holdings Us Llc | Platform and method for retroactive reclassification employing a cybersecurity-based global data store |
US11240275B1 (en) | 2017-12-28 | 2022-02-01 | Fireeye Security Holdings Us Llc | Platform and method for performing cybersecurity analyses employing an intelligence hub with a modular architecture |
US10802893B2 (en) | 2018-01-26 | 2020-10-13 | Nicira, Inc. | Performing process control services on endpoint machines |
US10862773B2 (en) | 2018-01-26 | 2020-12-08 | Nicira, Inc. | Performing services on data messages associated with endpoint machines |
US10826931B1 (en) | 2018-03-29 | 2020-11-03 | Fireeye, Inc. | System and method for predicting and mitigating cybersecurity system misconfigurations |
US11558401B1 (en) | 2018-03-30 | 2023-01-17 | Fireeye Security Holdings Us Llc | Multi-vector malware detection data sharing system for improved detection |
US10956477B1 (en) | 2018-03-30 | 2021-03-23 | Fireeye, Inc. | System and method for detecting malicious scripts through natural language processing modeling |
US11003773B1 (en) | 2018-03-30 | 2021-05-11 | Fireeye, Inc. | System and method for automatically generating malware detection rule recommendations |
US11055444B2 (en) * | 2018-06-20 | 2021-07-06 | NortonLifeLock Inc. | Systems and methods for controlling access to a peripheral device |
US11075930B1 (en) | 2018-06-27 | 2021-07-27 | Fireeye, Inc. | System and method for detecting repetitive cybersecurity attacks constituting an email campaign |
US11314859B1 (en) | 2018-06-27 | 2022-04-26 | FireEye Security Holdings, Inc. | Cyber-security system and method for detecting escalation of privileges within an access token |
US11228491B1 (en) | 2018-06-28 | 2022-01-18 | Fireeye Security Holdings Us Llc | System and method for distributed cluster configuration monitoring and management |
US11316900B1 (en) | 2018-06-29 | 2022-04-26 | FireEye Security Holdings Inc. | System and method for automatically prioritizing rules for cyber-threat detection and mitigation |
US11182473B1 (en) | 2018-09-13 | 2021-11-23 | Fireeye Security Holdings Us Llc | System and method for mitigating cyberattacks against processor operability by a guest process |
US11763004B1 (en) | 2018-09-27 | 2023-09-19 | Fireeye Security Holdings Us Llc | System and method for bootkit detection |
US11368475B1 (en) | 2018-12-21 | 2022-06-21 | Fireeye Security Holdings Us Llc | System and method for scanning remote services to locate stored objects with malware |
US11743290B2 (en) | 2018-12-21 | 2023-08-29 | Fireeye Security Holdings Us Llc | System and method for detecting cyberattacks impersonating legitimate sources |
US11176251B1 (en) | 2018-12-21 | 2021-11-16 | Fireeye, Inc. | Determining malware via symbolic function hash analysis |
US11601444B1 (en) | 2018-12-31 | 2023-03-07 | Fireeye Security Holdings Us Llc | Automated system for triage of customer issues |
EP3694174B1 (en) * | 2019-02-07 | 2021-09-01 | AO Kaspersky Lab | Systems and methods for protecting automated systems using a gateway |
US11310238B1 (en) | 2019-03-26 | 2022-04-19 | FireEye Security Holdings, Inc. | System and method for retrieval and analysis of operational data from customer, cloud-hosted virtual resources |
US11677786B1 (en) | 2019-03-29 | 2023-06-13 | Fireeye Security Holdings Us Llc | System and method for detecting and protecting against cybersecurity attacks on servers |
US11636198B1 (en) | 2019-03-30 | 2023-04-25 | Fireeye Security Holdings Us Llc | System and method for cybersecurity analyzer update and concurrent management system |
US11290493B2 (en) | 2019-05-31 | 2022-03-29 | Varmour Networks, Inc. | Template-driven intent-based security |
US11575563B2 (en) | 2019-05-31 | 2023-02-07 | Varmour Networks, Inc. | Cloud security management |
US11310284B2 (en) | 2019-05-31 | 2022-04-19 | Varmour Networks, Inc. | Validation of cloud security policies |
US11290494B2 (en) | 2019-05-31 | 2022-03-29 | Varmour Networks, Inc. | Reliability prediction for cloud security policies |
US11863580B2 (en) | 2019-05-31 | 2024-01-02 | Varmour Networks, Inc. | Modeling application dependencies to identify operational risk |
US11711374B2 (en) | 2019-05-31 | 2023-07-25 | Varmour Networks, Inc. | Systems and methods for understanding identity and organizational access to applications within an enterprise environment |
US11258806B1 (en) | 2019-06-24 | 2022-02-22 | Mandiant, Inc. | System and method for automatically associating cybersecurity intelligence to cyberthreat actors |
US11556640B1 (en) | 2019-06-27 | 2023-01-17 | Mandiant, Inc. | Systems and methods for automated cybersecurity analysis of extracted binary string sets |
US11392700B1 (en) | 2019-06-28 | 2022-07-19 | Fireeye Security Holdings Us Llc | System and method for supporting cross-platform data verification |
US11886585B1 (en) | 2019-09-27 | 2024-01-30 | Musarubra Us Llc | System and method for identifying and mitigating cyberattacks through malicious position-independent code execution |
US11637862B1 (en) | 2019-09-30 | 2023-04-25 | Mandiant, Inc. | System and method for surfacing cyber-security threats with a self-learning recommendation engine |
US11838300B1 (en) | 2019-12-24 | 2023-12-05 | Musarubra Us Llc | Run-time configurable cybersecurity system |
US11436327B1 (en) | 2019-12-24 | 2022-09-06 | Fireeye Security Holdings Us Llc | System and method for circumventing evasive code for cyberthreat detection |
US11522884B1 (en) | 2019-12-24 | 2022-12-06 | Fireeye Security Holdings Us Llc | Subscription and key management system |
US11539718B2 (en) | 2020-01-10 | 2022-12-27 | Vmware, Inc. | Efficiently performing intrusion detection |
US11108728B1 (en) | 2020-07-24 | 2021-08-31 | Vmware, Inc. | Fast distribution of port identifiers for rule processing |
US11818152B2 (en) | 2020-12-23 | 2023-11-14 | Varmour Networks, Inc. | Modeling topic-based message-oriented middleware within a security system |
US11876817B2 (en) | 2020-12-23 | 2024-01-16 | Varmour Networks, Inc. | Modeling queue-based message-oriented middleware relationships in a security system |
US11777978B2 (en) | 2021-01-29 | 2023-10-03 | Varmour Networks, Inc. | Methods and systems for accurately assessing application access risk |
US11734316B2 (en) | 2021-07-08 | 2023-08-22 | Varmour Networks, Inc. | Relationship-based search in a computing environment |
Family Cites Families (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2378535A (en) | 2001-08-06 | 2003-02-12 | Ibm | Method and apparatus for suspending a software virtual machine |
US7249187B2 (en) * | 2002-11-27 | 2007-07-24 | Symantec Corporation | Enforcement of compliance with network security policies |
US7757231B2 (en) | 2004-12-10 | 2010-07-13 | Intel Corporation | System and method to deprivilege components of a virtual machine monitor |
US7409719B2 (en) * | 2004-12-21 | 2008-08-05 | Microsoft Corporation | Computer security management, such as in a virtual machine or hardened operating system |
US8706877B2 (en) * | 2004-12-30 | 2014-04-22 | Citrix Systems, Inc. | Systems and methods for providing client-side dynamic redirection to bypass an intermediary |
US7647589B1 (en) | 2005-02-07 | 2010-01-12 | Parallels Software International, Inc. | Methods and systems for safe execution of guest code in virtual machine context |
US8572604B2 (en) | 2005-11-12 | 2013-10-29 | Intel Corporation | Method and apparatus to support virtualization with code patches |
US8887241B2 (en) * | 2006-02-22 | 2014-11-11 | International Business Machines Corporation | Virtual roles |
US8886929B2 (en) | 2006-03-29 | 2014-11-11 | Intel Corporation | Generating a chain of trust for a virtual endpoint |
JP2008077558A (ja) | 2006-09-25 | 2008-04-03 | Mitsubishi Electric Corp | 検疫ネットワークシステム |
WO2008039506A2 (en) * | 2006-09-27 | 2008-04-03 | Cipheroptics, Inc. | Deploying group vpns and security groups over an end-to-end enterprise network and ip encryption for vpns |
US9038062B2 (en) | 2006-10-17 | 2015-05-19 | Manageiq, Inc. | Registering and accessing virtual systems for use in a managed system |
US20090007100A1 (en) * | 2007-06-28 | 2009-01-01 | Microsoft Corporation | Suspending a Running Operating System to Enable Security Scanning |
CN101334825B (zh) * | 2007-06-29 | 2011-08-24 | 联想(北京)有限公司 | 应用程序管理和运行系统及方法 |
US20090007218A1 (en) | 2007-06-30 | 2009-01-01 | Hubbard Scott M | Switched-Based Network Security |
JP5387415B2 (ja) | 2007-12-26 | 2014-01-15 | 日本電気株式会社 | 仮想計算機システム、ポリシ強制システム、ポリシ強制方法及び仮想計算機制御用プログラム |
WO2009087702A1 (ja) * | 2008-01-09 | 2009-07-16 | Fujitsu Limited | 仮想マシン実行プログラム、ユーザ認証プログラムおよび情報処理装置 |
US9015704B2 (en) * | 2008-03-24 | 2015-04-21 | International Business Machines Corporation | Context agent injection using virtual machine introspection |
US20090328030A1 (en) * | 2008-06-27 | 2009-12-31 | Microsoft Corporation | Installing a management agent with a virtual machine |
US9910688B2 (en) | 2008-11-28 | 2018-03-06 | Red Hat, Inc. | Implementing aspects with callbacks in virtual machines |
US8225317B1 (en) | 2009-04-17 | 2012-07-17 | Symantec Corporation | Insertion and invocation of virtual appliance agents through exception handling regions of virtual machines |
US20110126197A1 (en) | 2009-11-25 | 2011-05-26 | Novell, Inc. | System and method for controlling cloud and virtualized data centers in an intelligent workload management system |
-
2010
- 2010-03-15 US US12/724,414 patent/US8938782B2/en active Active
- 2010-12-28 EP EP10803703A patent/EP2548149A1/en not_active Ceased
- 2010-12-28 WO PCT/US2010/062194 patent/WO2011115655A1/en active Application Filing
- 2010-12-28 CN CN201080065081.3A patent/CN102792307B/zh active Active
- 2010-12-28 JP JP2013500041A patent/JP2013522761A/ja active Pending
-
2015
- 2015-08-13 JP JP2015159919A patent/JP5978365B2/ja active Active
Also Published As
Publication number | Publication date |
---|---|
JP2016006670A (ja) | 2016-01-14 |
CN102792307A (zh) | 2012-11-21 |
WO2011115655A1 (en) | 2011-09-22 |
US8938782B2 (en) | 2015-01-20 |
CN102792307B (zh) | 2015-09-02 |
EP2548149A1 (en) | 2013-01-23 |
JP2013522761A (ja) | 2013-06-13 |
US20110225624A1 (en) | 2011-09-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5978365B2 (ja) | 仮想環境においてネットワークアクセス制御を行うシステムおよび方法 | |
JP6166839B2 (ja) | 実行時のアプリケーションメソッドを置き換えるためのシステム及び方法 | |
CN107949846B (zh) | 恶意线程挂起的检测 | |
US9223966B1 (en) | Systems and methods for replicating computing system environments | |
US9009836B1 (en) | Security architecture for virtual machines | |
EP3692440B1 (en) | Systems and methods for preventing malicious applications from exploiting application services | |
US8490086B1 (en) | Filtering I/O communication of guest OS by inserting filter layer between hypervisor and VM and between hypervisor and devices | |
EP2864876B1 (en) | Systems and methods involving features of hardware virtualization such as separation kernel hypervisors, hypervisors, hypervisor guest context, hypervisor context, rootkit detection/prevention, and/or other features | |
EP3335146B1 (en) | Systems and methods for detecting unknown vulnerabilities in computing processes | |
US20150271139A1 (en) | Below-OS Security Solution For Distributed Network Endpoints | |
US9111089B1 (en) | Systems and methods for safely executing programs | |
US20130333033A1 (en) | Software protection mechanism | |
US8910155B1 (en) | Methods and systems for injecting endpoint management agents into virtual machines | |
US9813443B1 (en) | Systems and methods for remediating the effects of malware | |
JP2011070654A (ja) | アンチマルウェアを有するコンピュータシステムおよび方法 | |
US9330254B1 (en) | Systems and methods for preventing the installation of unapproved applications | |
US9912528B2 (en) | Security content over a management band | |
Wueest | Threats to virtual environments | |
US10803167B1 (en) | Systems and methods for executing application launchers | |
US9942268B1 (en) | Systems and methods for thwarting unauthorized attempts to disable security managers within runtime environments | |
US9552481B1 (en) | Systems and methods for monitoring programs | |
US10846405B1 (en) | Systems and methods for detecting and protecting against malicious software | |
US10243963B1 (en) | Systems and methods for generating device-specific security policies for applications | |
Aarseth | Security in cloud computing and virtual environments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20160712 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20160725 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 5978365 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
S531 | Written request for registration of change of domicile |
Free format text: JAPANESE INTERMEDIATE CODE: R313531 |
|
S533 | Written request for registration of change of name |
Free format text: JAPANESE INTERMEDIATE CODE: R313533 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |