Satya P Gupta, 882602 Carrington Way, Conyers, GA 30094

2022039, Dec 8, 2022

May 18, 2022

17/664009

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/56

Embodiments provide functionality to protect computing workloads from script-based attacks. Upon receipt, at a workload, of a command to commence execution of code of a script, an embodiment determines whether (i) permissions of a user issuing the command comply with a permissions security standard, (ii) an identifier of an interpreter supporting the script is included in an approved interpreter list, (iii) an identifier of a selected parameter of the interpreter is included in an approved parameter list, and (iv) an identifier of the script is included in an approved list of executables. If all of the aforementioned checks pass, such an embodiment allows execution of the code of the script; otherwise, execution is denied, thereby protecting the workload in an event of a script-based attack.

2022022, Jul 14, 2022

Dec 17, 2021

17/645040

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/54
G06F 21/55
G06F 21/56

Embodiments protect computer applications from code injection attacks. An example embodiment includes a runtime memory protection (RMP) user endpoint agent and an RMP kernel driver component. The RMP user endpoint agent receives, from the RMP kernel driver component, representations of events occurring with respect to memory locations associated with a computer application and processes the received representations to determine if a given event includes at least one of a memory permissions change request, a memory write request, and a thread create request. If the given event is determined to include at least one of a memory permissions change request, a memory write request, and a thread create request, the RMP user endpoint agent declares a code injection attack and sends an alarm indication to the RMP kernel driver component. In response to receiving the alarm indication, the RMP kernel driver component implements a protection action.

2022021, Jul 7, 2022

Dec 30, 2021

17/646511

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/56

Embodiments protect computer applications from memory deserialization attacks. An example embodiment receives a data object at a server hosting a software application. In turn, an aspect of the received data object is compared with a representation of an expected data object. If the comparison identifies a difference between the aspect of the received data object and the representation of the expected data object, a protection action is executed to limit a property of the received data object, thus protecting the software application from a memory deserialization attack.

2022020, Jun 30, 2022

Dec 30, 2021

17/646555

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/56
G06F 21/52
G06F 21/64

Embodiments provide improved functionality to monitor processes. One such embodiment is directed to a system that includes a centralized database storing approved file signatures. The system also includes a processor that is configured, in response to a user request to run an executable file, to suspend a process implementing execution of the executable file. In turn, the processor determines a signature of the executable file and compares the determined signature of the executable file to the approved file signatures stored in the centralized database. Then, the processor maintains or stops suspension of the process based on the comparison. In an embodiment, the processor stops suspension if the signatures match and takes a protection action if the signatures do not match.

2022020, Jun 30, 2022

Dec 30, 2021

17/646622

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/57

Embodiments create application-aware software asset inventories for software assets deployed upon computer networks associated with organizations. An example embodiment extracts configuration information pertaining to an application installed on a workload deployed upon a network. In turn, an application topology file is constructed from the extracted configuration information. The constructed application topology file serves as an application-aware software asset inventory wherein information pertaining to identities, locations, and configurations of such software assets is organized and stored.

2022021, Jun 30, 2022

Dec 30, 2021

17/646611

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

H04L 9/40

Embodiments detect cross site scripting attacks. An embodiment captures a web request and captures a response to the captured web request. In turn, it is determined if one or more elements associated with the captured web request and one or more elements of the captured response, in combination, cause a malicious action. A cross site scripting attack is then declared in response to determining the one or more elements associated with the captured web request and the one or more elements of the captured response, in combination, cause a malicious action. Embodiments can take one or more protection actions in response to declaring a cross site scripting attack.

2022018, Jun 16, 2022

Dec 16, 2021

17/644706

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/54
G06F 21/55
G06F 8/73

Embodiments detect security vulnerabilities, e.g., backdoors, in applications. An embodiment reverses object code of a computer application to generate source code of the computer application. In turn, the generated source code is compared to trusted source code of the computer application to detect a security vulnerability in the object code of the computer application. Embodiments can take one or more protection actions, e.g., sending a notification or preventing execution of the object code, amongst other examples, in response to detecting the security vulnerability.

2023000, Jan 5, 2023

May 18, 2022

17/664011

- San Jose CA, US
Satya V. Gupta - Dublin CA, US

G06F 21/57
G06F 21/56

Embodiments assess security vulnerability of an application. An embodiment identifies one or more executables associated with an application and identifies one or more libraries associated with the application. In turn, based on the identified one or more executables and identified one or more libraries, static vulnerability of the application and dynamic vulnerability of the application are determined. Then, an indication of security vulnerability of the application is generated based on the determined static vulnerability and the determined dynamic vulnerability.