Systems and methods for endpoint management classification
First Claim
1. A method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network, the method comprising:
- at a computer security platform comprising one or more servers that function to;
(i) detect an authentication attempt by the endpoint computing device to the computer network, wherein detecting the authentication attempt comprises receiving an authentication request originating from the endpoint computing device for accessing the computer network;
(ii) during the authentication attempt, collect management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device, the management status indicating whether the endpoint computing device is actively managed by an entity maintaining the computer network or by an affiliate of the entity maintaining the computer network, wherein collecting management status indicia from the endpoint computing device includes;
implementing at least one inline frame within a web interface; and
using the at least one inline frame to collect (a) authentication attempt data and (b) the management status indicia during the authentication attempt, wherein the authentication attempt data comprises identifying data of the endpoint computing device and authentication credentials;
(iii) use the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and
(iv) control access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.
42 Citations
18 Claims
-
1. A method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network, the method comprising:
at a computer security platform comprising one or more servers that function to; (i) detect an authentication attempt by the endpoint computing device to the computer network, wherein detecting the authentication attempt comprises receiving an authentication request originating from the endpoint computing device for accessing the computer network; (ii) during the authentication attempt, collect management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device, the management status indicating whether the endpoint computing device is actively managed by an entity maintaining the computer network or by an affiliate of the entity maintaining the computer network, wherein collecting management status indicia from the endpoint computing device includes; implementing at least one inline frame within a web interface; and using the at least one inline frame to collect (a) authentication attempt data and (b) the management status indicia during the authentication attempt, wherein the authentication attempt data comprises identifying data of the endpoint computing device and authentication credentials; (iii) use the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and (iv) control access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
15. A method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network, the method comprising:
at a computer security platform comprising one or more servers that function to; (i) detect an authentication attempt by the endpoint computing device to the computer network, wherein detecting the authentication attempt comprises receiving an authentication request originating from the endpoint computing device for accessing the computer network; (ii) during the authentication attempt, collect management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device, the management status indicating whether the endpoint computing device is actively managed by an entity maintaining the computer network or by an affiliate of the entity maintaining the computer network, wherein the management status indicia comprise cookies transmitted by the endpoint computing device to the computer security platform; (iii) use the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device, wherein identifying the management status of the endpoint computing device includes; (a) analyzing the cookies to identify management status data, wherein the management status data relates to information useable by the computer security platform to verify the management status of the endpoint computing device; (b) comparing the management status data to stored endpoint management data; and (c) determining the management status of the endpoint computing device based on results of the comparison; and (iv) control access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device. - View Dependent Claims (16)
-
17. A method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network, the method comprising:
at a computer security platform comprising one or more servers that function to; (i) detect an authentication attempt by the endpoint computing device to the computer network, wherein detecting the authentication attempt comprises receiving an authentication request originating from the endpoint computing device for accessing the computer network; (ii) during the authentication attempt, collect management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device, the management status indicating whether the endpoint computing device is actively managed by an entity maintaining the computer network or by an affiliate of the entity maintaining the computer network, wherein the management status indicia comprise HTTP headers and/or HTTP requests transmitted by the endpoint computing device to the computer security platform; (iii) use the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device, wherein identifying the management status of the endpoint computing device includes; (a) analyzing the HTTP headers and/or the HTTP requests to identify management status data, wherein the management status data relates to information useable by the computer security platform to verify the management status of the endpoint computing device; (b) comparing the management status data from the HTTP headers and/or the HTTP requests to stored endpoint management data; and (c) determining the management status of the endpoint computing device based on results of the comparison; and (iv) control access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device. - View Dependent Claims (18)
Specification