Abrégé

A cloud-based traffic classification engine maintains a catalog of application-based traffic classes which have been developed based on known applications, and a local traffic classification engine maintains a subset of these classes. Network traffic intercepted by the firewall which cannot be classified by the local engine is forwarded to the cloud-based engine for classification. Upon determination of a class of the traffic, the cloud-based engine forwards the determined class and corresponding signature to the local engine. The firewall maintains a cache which is updated with the signatures corresponding to the class communicated by the cloud-based engine. Subsequent network traffic sent from the application can be determined to correspond to the application and classified according locally at the firewall based on the cached signatures. Localization of the cache to the firewall reduces latency of traffic classification operations as the catalog of classification information stored in the cloud scales.

Classes IPC  ?

• H04L 9/40 - Protocoles réseaux de sécurité
• H04L 47/2441 - Trafic caractérisé par des attributs spécifiques, p.ex. la priorité ou QoS en s'appuyant sur la classification des flux, p.ex. en utilisant des services intégrés [IntServ]

Abrégé

Techniques for providing multi-access distributed edge security in mobile networks (e.g., service provider networks for mobile subscribers, such as for 5G networks) are disclosed. In some embodiments, a system/process/computer program product for multi- access distributed edge security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting subscription and/or equipment identifier information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscription and/or equipment identifier information.

Classes IPC  ?

• H04W 48/02 - Restriction d'accès effectuée dans des conditions spécifiques
• H04W 12/08 - Sécurité d'accès

Abrégé

In an assessment or audit of a computer system, an auditing subsystem will parse software development kit ("SDK") interfaces and obtain customer usage, configuration and security information by applying requests for information to the application programming interfaces provided by the SDK interfaces.

Classes IPC  ?

• G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p.ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
• G06F 9/44 - Dispositions pour exécuter des programmes spécifiques

Abrégé

In some embodiments, a malware analysis system includes receiving a potential malware sample from a firewall; analyzing the potential malware sample using a virtual machine to determine if the potential malware sample is malware; and automatically generating a signature if the potential malware sample is determined to be malware. In some embodiments, the potential malware sample does not match a preexisting signature, and the malware is a zero-day attack.

Classes IPC  ?

• G06F 21/56 - Détection ou gestion de programmes malveillants, p.ex. dispositions anti-virus

Abrégé

Method and system for dynamically checking an access control list during the data transfers between a client web browser and a web server. The method and system allow checking of access control list by an application firewall, independent from the web application. The rules, upon which the checking is based, can be easily updated without affecting the web application.

Classes IPC  ?

• H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
• H04L 12/22 - Dispositions pour interdire la prise de données sans autorisation dans un canal de transmission de données