Remedial action against malicious code at a client facility
First Claim
1. A method for externally initiating remediation against malicious code executing undetected on a client, the method comprising:
- originating a request for an interaction with a network site by a client computing facility;
determining by the client computing facility that the interaction is unacceptable based on an acceptance policy for an enterprise;
denying access to the network site by the client computing facility;
receiving, by the client computing facility, an information file from a gateway facility to the enterprise including information relating to the requested interaction with the network site, wherein the information indicates that the interaction was requested;
interpreting, by the client computing facility, in response to receipt of the information file, the information relating to the requested interaction;
determining, by the client computing facility, whether the requested interaction was the result of an automatically generated request by malicious code; and
taking, by the client computing facility, remedial action in the event that the attempted interaction was the result of the automatically generated request by malicious code.
5 Assignments
0 Petitions
Accused Products
Abstract
Aspects of this invention may relate to a malicious application remedial action request application where a network site interaction may be requested from a client computing facility; the network site interaction from the client computing facility may be determined to be unacceptable based on an acceptance policy at a gateway facility; access to the network site from the client computing facility may be denied; information relating to the attempted interaction with the network site may be sent from the gateway facility to the client computing facility, wherein the information may indicate that the attempted interaction occurred; and the client computing facility may interpret the information relating to the attempted interaction, determine whether the attempted interaction was the result of an automatically generated request, and take remedial action in the event that the attempted interaction was the result of the automatically generated request.
30 Citations
18 Claims
-
1. A method for externally initiating remediation against malicious code executing undetected on a client, the method comprising:
-
originating a request for an interaction with a network site by a client computing facility; determining by the client computing facility that the interaction is unacceptable based on an acceptance policy for an enterprise; denying access to the network site by the client computing facility; receiving, by the client computing facility, an information file from a gateway facility to the enterprise including information relating to the requested interaction with the network site, wherein the information indicates that the interaction was requested; interpreting, by the client computing facility, in response to receipt of the information file, the information relating to the requested interaction; determining, by the client computing facility, whether the requested interaction was the result of an automatically generated request by malicious code; and taking, by the client computing facility, remedial action in the event that the attempted interaction was the result of the automatically generated request by malicious code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer program product for externally initiating remediation against malicious code executing undetected on a client, the computer program product embodied in a non-transitory computer readable medium that, when executing on one or more computers, performs the steps of:
-
originating a request for an interaction with a network site at a client computing facility; determining at the client computing facility that the interaction is unacceptable based on an acceptance policy for an enterprise; denying access to the network site from the client computing facility; receiving an information file from a gateway facility to the enterprise at the client computing facility including information relating to the requested interaction with the network site, wherein the information indicates that the interaction was requested; and causing the client computing facility, in response to receipt of the information file, to interpret the information relating to the requested interaction, to determine whether the requested interaction was the result of an automatically generated request by malicious code, and to take remedial action in the event that the attempted interaction was the result of the automatically generated request by malicious code.
-
Specification