WO2022046366A8 - Privilege assurance of enterprise computer network environments - Google Patents

Privilege assurance of enterprise computer network environments Download PDF

Info

Publication number
WO2022046366A8
WO2022046366A8 PCT/US2021/044235 US2021044235W WO2022046366A8 WO 2022046366 A8 WO2022046366 A8 WO 2022046366A8 US 2021044235 W US2021044235 W US 2021044235W WO 2022046366 A8 WO2022046366 A8 WO 2022046366A8
Authority
WO
WIPO (PCT)
Prior art keywords
professionals
privilege
assurance
computer network
network environments
Prior art date
Application number
PCT/US2021/044235
Other languages
French (fr)
Other versions
WO2022046366A1 (en
Inventor
Jason Crabtree
Andrew Sellers
Original Assignee
Qomplx, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US17/008,276 external-priority patent/US11323484B2/en
Application filed by Qomplx, Inc. filed Critical Qomplx, Inc.
Publication of WO2022046366A1 publication Critical patent/WO2022046366A1/en
Publication of WO2022046366A8 publication Critical patent/WO2022046366A8/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0481Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
    • G06F3/0482Interaction with lists of selectable items, e.g. menus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

A system and method for the prevention, mitigation, and detection of cyberattack attacks on computer networks by identifying weaknesses in directory access object allowances and providing professionals with centralized graph-centric tools to maintain and observe key security and performance insights into their security posture. The system uses an interrogation agent to collect Active Directory configuration parameters and activity information about a forest and the devices operating within. Cyber-physical graphs and histograms using persisted time-series data provides critical information, patterns, and alerts about configurations, attack vectors, and vulnerabilities which enable information technology and cybersecurity professionals greater leverage and control over their infrastructure.
PCT/US2021/044235 2020-08-31 2021-08-02 Privilege assurance of enterprise computer network environments WO2022046366A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US17/008,276 US11323484B2 (en) 2015-10-28 2020-08-31 Privilege assurance of enterprise computer network environments
US17/008,276 2020-08-31

Publications (2)

Publication Number Publication Date
WO2022046366A1 WO2022046366A1 (en) 2022-03-03
WO2022046366A8 true WO2022046366A8 (en) 2022-09-22

Family

ID=80355544

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2021/044235 WO2022046366A1 (en) 2020-08-31 2021-08-02 Privilege assurance of enterprise computer network environments

Country Status (1)

Country Link
WO (1) WO2022046366A1 (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7023356B2 (en) * 2001-11-26 2006-04-04 Aero-Vision Technologies, Inc. System and method for monitoring individuals and objects associated with wireless identification tags
DE102004015457B3 (en) * 2004-03-30 2005-04-28 Secardeo Gmbh Confidentiality protection method for electronic directory information using coding and decoding of information elements of lightweight directory access protocol
WO2020102601A1 (en) * 2018-11-14 2020-05-22 Qomplx, Inc. Comprehensive data loss prevention and compliance management

Also Published As

Publication number Publication date
WO2022046366A1 (en) 2022-03-03

Similar Documents

Publication Publication Date Title
Manoharan et al. Revolutionizing Cybersecurity: Unleashing the Power of Artificial Intelligence and Machine Learning for Next-Generation Threat Detection
Rakas et al. A review of research work on network-based scada intrusion detection systems
CN112769825B (en) Network security guarantee method, system and computer storage medium
Sabahi et al. Intrusion detection: A survey
CA2473444A1 (en) System and method for network vulnerability detection and reporting
CN110543761A (en) big data analysis method applied to information security field
Hasan et al. Artificial intelligence empowered cyber threat detection and protection for power utilities
Balueva et al. Approach to detection of Denial-of-Sleep attacks in wireless sensor networks on the base of machine learning
Dogaru et al. Cyber attacks of a power grid analysis using a deep neural network approach
Mudassir et al. Detection of botnet attacks against industrial IoT systems by multilayer deep learning approaches
IBRAHIM Guardians of the Virtual Gates: Unleashing AI for Next-Gen Threat Detection in Cybersecurity
Chen et al. Towards realizing self-protecting SCADA systems
Chahal AI-Enhanced Cyber Incident Response and Recovery
Eze et al. A blockchain-based security architecture for the Internet of Things
CN112532612A (en) Industrial control network safety protection system
Arora et al. Security in industrial control systems using machine learning algorithms: An overview
WO2022046366A8 (en) Privilege assurance of enterprise computer network environments
Sekonya et al. The Impact of Edge Computing on the Industrial Internet of Things
Al Baalbaki et al. Autonomic critical infrastructure protection (acip) system
US20230328035A1 (en) Method and firewall configured to monitor messages transiting between two communication elements
CN104753939A (en) Computer network defense decision control system
Kagita Security and privacy issues for business intelligence in lot
Bhaiyat et al. The Emergence of IIoT and its Cyber Security Issues in Critical Information Infrastructure
Nabiyev Investigation of computer incidents for cyber-physical infrastructures in industrial control systems
CN111092857A (en) Information security early warning method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21862339

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21862339

Country of ref document: EP

Kind code of ref document: A1