WO2022046366A8 - Privilege assurance of enterprise computer network environments - Google Patents
Privilege assurance of enterprise computer network environments Download PDFInfo
- Publication number
- WO2022046366A8 WO2022046366A8 PCT/US2021/044235 US2021044235W WO2022046366A8 WO 2022046366 A8 WO2022046366 A8 WO 2022046366A8 US 2021044235 W US2021044235 W US 2021044235W WO 2022046366 A8 WO2022046366 A8 WO 2022046366A8
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- professionals
- privilege
- assurance
- computer network
- network environments
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0481—Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
- G06F3/0482—Interaction with lists of selectable items, e.g. menus
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
A system and method for the prevention, mitigation, and detection of cyberattack attacks on computer networks by identifying weaknesses in directory access object allowances and providing professionals with centralized graph-centric tools to maintain and observe key security and performance insights into their security posture. The system uses an interrogation agent to collect Active Directory configuration parameters and activity information about a forest and the devices operating within. Cyber-physical graphs and histograms using persisted time-series data provides critical information, patterns, and alerts about configurations, attack vectors, and vulnerabilities which enable information technology and cybersecurity professionals greater leverage and control over their infrastructure.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/008,276 US11323484B2 (en) | 2015-10-28 | 2020-08-31 | Privilege assurance of enterprise computer network environments |
US17/008,276 | 2020-08-31 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2022046366A1 WO2022046366A1 (en) | 2022-03-03 |
WO2022046366A8 true WO2022046366A8 (en) | 2022-09-22 |
Family
ID=80355544
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2021/044235 WO2022046366A1 (en) | 2020-08-31 | 2021-08-02 | Privilege assurance of enterprise computer network environments |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2022046366A1 (en) |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7023356B2 (en) * | 2001-11-26 | 2006-04-04 | Aero-Vision Technologies, Inc. | System and method for monitoring individuals and objects associated with wireless identification tags |
DE102004015457B3 (en) * | 2004-03-30 | 2005-04-28 | Secardeo Gmbh | Confidentiality protection method for electronic directory information using coding and decoding of information elements of lightweight directory access protocol |
WO2020102601A1 (en) * | 2018-11-14 | 2020-05-22 | Qomplx, Inc. | Comprehensive data loss prevention and compliance management |
-
2021
- 2021-08-02 WO PCT/US2021/044235 patent/WO2022046366A1/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2022046366A1 (en) | 2022-03-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Manoharan et al. | Revolutionizing Cybersecurity: Unleashing the Power of Artificial Intelligence and Machine Learning for Next-Generation Threat Detection | |
Rakas et al. | A review of research work on network-based scada intrusion detection systems | |
CN112769825B (en) | Network security guarantee method, system and computer storage medium | |
Sabahi et al. | Intrusion detection: A survey | |
CA2473444A1 (en) | System and method for network vulnerability detection and reporting | |
CN110543761A (en) | big data analysis method applied to information security field | |
Hasan et al. | Artificial intelligence empowered cyber threat detection and protection for power utilities | |
Balueva et al. | Approach to detection of Denial-of-Sleep attacks in wireless sensor networks on the base of machine learning | |
Dogaru et al. | Cyber attacks of a power grid analysis using a deep neural network approach | |
Mudassir et al. | Detection of botnet attacks against industrial IoT systems by multilayer deep learning approaches | |
IBRAHIM | Guardians of the Virtual Gates: Unleashing AI for Next-Gen Threat Detection in Cybersecurity | |
Chen et al. | Towards realizing self-protecting SCADA systems | |
Chahal | AI-Enhanced Cyber Incident Response and Recovery | |
Eze et al. | A blockchain-based security architecture for the Internet of Things | |
CN112532612A (en) | Industrial control network safety protection system | |
Arora et al. | Security in industrial control systems using machine learning algorithms: An overview | |
WO2022046366A8 (en) | Privilege assurance of enterprise computer network environments | |
Sekonya et al. | The Impact of Edge Computing on the Industrial Internet of Things | |
Al Baalbaki et al. | Autonomic critical infrastructure protection (acip) system | |
US20230328035A1 (en) | Method and firewall configured to monitor messages transiting between two communication elements | |
CN104753939A (en) | Computer network defense decision control system | |
Kagita | Security and privacy issues for business intelligence in lot | |
Bhaiyat et al. | The Emergence of IIoT and its Cyber Security Issues in Critical Information Infrastructure | |
Nabiyev | Investigation of computer incidents for cyber-physical infrastructures in industrial control systems | |
CN111092857A (en) | Information security early warning method and device, computer equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21862339 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21862339 Country of ref document: EP Kind code of ref document: A1 |