Cyber-Ark Software Ltd. Patent applications |
Patent application number | Title | Published |
20150350238 | CORRELATION BASED SECURITY RISK IDENTIFICATION - Methods and systems are disclosed for identifying security risks, arising from credentials existing on machines in the networks that enable access to other machines on the networks. Account credentials indications are retrieved from machines in the network, which indicate that credentials for accounts are stored on those machines. Access rights for accounts are collected, describing the access and operation permissions of these accounts on machines in the networks. A correlation is then performed to identify machines that can be accessed by employing credentials of accounts retrieved from other machines in the network. | 12-03-2015 |
20150304349 | ANOMALY DETECTION IN GROUPS OF NETWORK ADDRESSES - A method for identifying anomalies in a group of network addresses includes building a model of the group of network addresses and identifying a network address as anomalous based on the deviation of the network address from the model. The model is built from a group of network addresses. The network addresses are input and parsed into one or more address trees. A ripeness score is maintained for each of the nodes in the address trees, based, at least in part, on the number of occurrences of the network address portion represented by the node. Nodes having respective ripeness scores within a specified range are classified as ripe nodes, and may be indicative of normal behavior, and nodes having respective ripeness scores outside the specified range of ripeness scores are classified as unripe, and may be indicative of anomalous behavior. | 10-22-2015 |
20150304292 | A SYSTEM AND METHOD FOR SECURE PROXY-BASED AUTHENTICATION - A system and method for secure authentication facilitates improving the security of authentication between a client and a target by using an innovative authentication module on a proxy. The client can connect to the proxy using a native protocol and provides client credentials to the proxy. The proxy uses an authentication module to authenticate the client and then to provide target access credentials for proxy-target authentication, thereby giving the client access to the target through the proxy. The invention facilitates connection between the client and the target without requiring the client to be in possession of the target access credentials. The proxy can optionally be connected to a privileged, access management system which can provide and/or store target access credentials. Proxy-provided target access credentials facilitate preventing a client security breech from exposing target access credentials. | 10-22-2015 |
20150271162 | SYSTEMS AND METHODS FOR CONTROLLING SENSITIVE APPLICATIONS - A method and system is provided for controlling a remote target application, including sensitive and privileged applications, via a remote application connection. The target application is executed with a set of credentials, different than those credentials submitted by the user to access the target application. The user, via a local client terminal, accesses the target application over the remote application connection, such that the user experience of interaction with the target application is similar to that of the target application running locally, while the target application is actually being run remotely. The execution is protected by the second set of credentials unknown to the user, thus preventing credential hijacking and various other threats to the sensitive application. | 09-24-2015 |
20150222639 | Maintaining Continuous Operational Access Augmented with User Authentication and Action Attribution in Shared Environments - A system and method for maintaining continuous operational access augmented with user authentication and action attribution in shared environments. Multiple users use the same machine/platform to perform their actions. The system includes an access control application and enforcement module that limit users' actions based on authentication and authority level, enabling each user to perform the user's role in the shared environment. In addition, the user's activities can be monitored, logged, and interfered with (such as terminating the session), enabling a key requirement of action attribution. | 08-06-2015 |
20150200821 | MONITORING SESSIONS WITH A SESSION-SPECIFIC TRANSIENT AGENT - A method of monitoring a session on a target system includes receiving from a user client a user request to open a session with the target system. A session-specific transient agent for monitoring the session is installed onto the target system. The session is established between the user and the target system over a communication network. The transient agent monitors the session, collects data of events occurring on the target system during the session. The transient agent is terminated when the session ends. | 07-16-2015 |
20150150125 | CORRELATION BASED SECURITY RISK IDENTIFICATION - Methods and systems are disclosed for identifying security risks, arising from credentials existing on machines in the networks that enable access to other machines on the networks. Account credentials indications are retrieved from machines in the network, which indicate that credentials for accounts are stored on those machines. Access rights for accounts are collected, describing the access and operation permissions of these accounts on machines in the networks. A correlation is then performed to identify machines that can be accessed by employing credentials of accounts retrieved from other machines in the network. | 05-28-2015 |
20150121548 | System and method for protected publication of sensitive documents - Protected publication of sensitive documents with authentication and accountability enables storing and sharing confidential files, while reducing risk that a recipient will distribute and share the file information with unauthorized recipients. Every user request for an original file generates a unique provided file based on the original file, the user request, and configuration information. The provided file has characteristics that make the provided file based on a first user request unique from any other provided file based on any other user request. Unique characteristics include changing the format of the original file to another format for the provided file, altering file properties, altering file content, and watermarking. | 04-30-2015 |
20150121461 | METHOD AND SYSTEM FOR DETECTING UNAUTHORIZED ACCESS TO AND USE OF NETWORK RESOURCES WITH TARGETED ANALYTICS - Methods and systems are disclosed for detecting improper, and otherwise unauthorized actions, associated with network resources, the actions including access to the resource and activity associated with the resource. The unauthorized actions are detected by analyzing action data of user actions employing accounts managed by a privileged access management system and associated with a network resource against profiles and rules to discover anomalies and/or deviations from rules associated with the network resource or accounts. | 04-30-2015 |
20150113600 | METHOD AND SYSTEM FOR DETECTING UNAUTHORIZED ACCESS TO AND USE OF NETWORK RESOURCES - Methods and systems are disclosed for detecting unauthorized actions associated with network resources, the actions including access to the resource and activity associated with the resource. The unauthorized actions are detected by analyzing action data of a client action associated with the network resource against credential retrieval data including records of authorized actions and/or procedures for performing an action associated with the network resource. | 04-23-2015 |
20090119359 | Server, computerized network including same, and method for increasing level of efficiency of a network - A data access engine | 05-07-2009 |