| 发明名称 |
AUTOMATED CONSTRUCTION OF NETWORK WHITELISTS USING HOST-BASED SECURITY CONTROLS |
| 摘要 |
Techniques are disclosed for constructing network whitelists in server endpoints using host-based security controls. Once constructed, the network whitelists are used to detect unauthorized communications at the server endpoints. In one embodiment, a method is disclosed for constructing a network whitelist. The method includes identifying at least a first application hosted on a computing system. The method also includes inspecting one or more configuration files associated with the first application to identify one or more configuration settings that specify how the first application communicates with one or more second applications. The method further includes generating a whitelist that specifies expected network communications activity for the first application, based on the configuration settings. |
| 申请公布号 |
US2017093918(A1) |
申请公布日期 |
2017.03.30 |
| 申请号 |
US201514871800 |
申请日期 |
2015.09.30 |
| 申请人 |
Symantec Corporation |
发明人 |
BANERJEE Deb;HASSALL Susan |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method, comprising:
identifying at least a first application hosted on a computing system; inspecting one or more configuration files associated with the first application to identify one or more configuration settings that specify how the first application communicates with one or more second applications; and generating a whitelist that specifies expected network communications activity for the first application, based on the configuration settings. |
| 地址 |
Mountain View CA US |
