Patents by Inventor Sumit Sarin
Sumit Sarin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11068611Abstract: The disclosed computer-implemented method for preventing data loss from data containers may include (1) identifying, at a computing device, a process running in a data container on the computing device, (2) intercepting an attempt by the process to exfiltrate information from the computing device via at least one of a file system operation or a network operation, and (3) performing a security action to prevent the intercepted attempt. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: July 31, 2018Date of Patent: July 20, 2021Assignee: CA, Inc.Inventor: Sumit Sarin
-
Patent number: 10819748Abstract: The disclosed computer-implemented method for enforcing data loss prevention policies on endpoint devices may include (i) detecting that an endpoint device has terminated a connection with a protected network that is protected by a network-level data loss prevention system and has connected to an external network that is not protected, (ii) switching, in response to detecting that the endpoint device has connected to the external network, from an in-network data loss prevention policy to an out-of-network data loss prevention policy, (iii) detecting an inbound data transfer to the endpoint device, (iv) determining that the inbound data transfer comprises a transfer from a protected source that is protected by the out-of-network data loss prevention policy, and (v) performing a security action in response to determining that the inbound data transfer to the endpoint device comprises the transfer from the protected source. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: January 4, 2018Date of Patent: October 27, 2020Assignee: CA, Inc.Inventors: Sumit Sarin, Dhananjay Dodke, Bishnu Chaturvedi, Kedar Apte
-
Publication number: 20200082081Abstract: The disclosed computer-implemented method for threat and information protection through file classification may include (1) assigning a classification tag to each of an number of files on a computing device based on a set of rules, (2) storing the classification tag in the files and a corresponding file descriptor describing a sensitivity level of the files externally to the files, (3) detecting creation of a process associated with accessing the files, (4) determining whether the process is potentially suspicious, (5) identifying an operation initiated by the potentially suspicious process to access the files, and (6) performing a security action that protects the computing device from malicious activity by the operation initiated by the potentially suspicious process. Various other methods, systems, and computer-readable media are also disclosed.Type: ApplicationFiled: September 12, 2018Publication date: March 12, 2020Inventors: Sumit Sarin, Shireen Rivera, Nicolas Popp, Milind Torney
-
Patent number: 10547531Abstract: The disclosed computer-implemented method for enforcing data loss prevention policies may include (i) identifying an application installed on the computing device, where the computing device is capable of transmitting data to other computing devices via a wireless technology standard for exchanging data over short distances, (ii) examining the application for a module that indicates that the application is capable of transferring files via the wireless technology standard, (iii) monitoring for initiations of connections via the wireless technology standard by the application, (iv) monitoring, in response to detecting an initiation of a connection via the wireless technology standard by the application, file system access by the application, (v) determining that the application is attempting to open a file, and (vi) analyzing the file to determine if transferring the file via the wireless technology standard violates a data loss prevention policy.Type: GrantFiled: March 27, 2017Date of Patent: January 28, 2020Assignee: CA, Inc.Inventor: Sumit Sarin
-
Publication number: 20190207980Abstract: The disclosed computer-implemented method for enforcing data loss prevention policies on endpoint devices may include (i) detecting that an endpoint device has terminated a connection with a protected network that is protected by a network-level data loss prevention system and has connected to an external network that is not protected, (ii) switching, in response to detecting that the endpoint device has connected to the external network, from an in-network data loss prevention policy to an out-of-network data loss prevention policy, (iii) detecting an inbound data transfer to the endpoint device, (iv) determining that the inbound data transfer comprises a transfer from a protected source that is protected by the out-of-network data loss prevention policy, and (v) performing a security action in response to determining that the inbound data transfer to the endpoint device comprises the transfer from the protected source. Various other methods, systems, and computer-readable media are also disclosed.Type: ApplicationFiled: January 4, 2018Publication date: July 4, 2019Inventors: Sumit Sarin, Dhananjay Dodke, Bishnu Chaturvedi, Kedar Apte
-
Patent number: 10157290Abstract: The disclosed computer-implemented method for encrypting files may include (i) detecting an event within a network that triggers an encryption of a file on the network, (ii) performing, in response to detecting the event, both encrypting the file to a file encryption key and encrypting the file encryption key to a public key of a source of the file, (iii) receiving, from a client, a file access request that includes the encrypted file encryption key, and (iv) transmitting, in response to determining that the client is authorized to access the file, a re-encrypted file encryption key to the client to enable the client to access the file. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: October 11, 2017Date of Patent: December 18, 2018Assignee: Symantec CorporationInventors: Nikhil Sinha, Earle Lowe, Sumit Sarin, Sumesh Jaiswal
-
Publication number: 20180278505Abstract: The disclosed computer-implemented method for enforcing data loss prevention policies may include (i) identifying an application installed on the computing device, where the computing device is capable of transmitting data to other computing devices via a wireless technology standard for exchanging data over short distances, (ii) examining the application for a module that indicates that the application is capable of transferring files via the wireless technology standard, (iii) monitoring for initiations of connections via the wireless technology standard by the application, (iv) monitoring, in response to detecting an initiation of a connection via the wireless technology standard by the application, file system access by the application, (v) determining that the application is attempting to open a file, and (vi) analyzing the file to determine if transferring the file via the wireless technology standard violates a data loss prevention policy.Type: ApplicationFiled: March 27, 2017Publication date: September 27, 2018Inventor: Sumit Sarin
-
Patent number: 9870180Abstract: Print operations are monitored and a DLP policy is applied, independently of the print interface technology used by applications that initiate print operations. A DLP component monitors for and detects print drivers being loaded into the print spooler. When a print driver is loaded, the print spooler creates a corresponding driver object, which is intercepted. The instantiated driver object creates multiple device objects to carry out various print functions. The device object print functions of interest are intercepted. Attempts to send text to the printer at a print driver level by intercepted device object functions are monitored, and application level context information is identified, such as the associated 0user. The DLP policy is applied to monitored attempts to send text to the printer at the print driver level, taking into account application level context information and the specific text of the monitored attempt.Type: GrantFiled: March 14, 2016Date of Patent: January 16, 2018Assignee: Symantec CorporationInventor: Sumit Sarin
-
Publication number: 20170262236Abstract: Print operations are monitored and a DLP policy is applied, independently of the print interface technology used by applications that initiate print operations. A DLP component monitors for and detects print drivers being loaded into the print spooler. When a print driver is loaded, the print spooler creates a corresponding driver object, which is intercepted. The instantiated driver object creates multiple device objects to carry out various print functions. The device object print functions of interest are intercepted. Attempts to send text to the printer at a print driver level by intercepted device object functions are monitored, and application level context information is identified, such as the associated 0user. The DLP policy is applied to monitored attempts to send text to the printer at the print driver level, taking into account application level context information and the specific text of the monitored attempt.Type: ApplicationFiled: March 14, 2016Publication date: September 14, 2017Inventor: Sumit Sarin
-
Publication number: 20160292454Abstract: Techniques describe preventing sensitive data from being misappropriated during a clipboard operation. A copy operation for data being copied to a clipboard is intercepted. Information describing a first application from which the data was copied is retrieved. The data and the information is stored into the clipboard. A paste operation is evaluated based on the data and the information is evaluated against a policy to determine whether the paste operation should be blocked.Type: ApplicationFiled: April 15, 2015Publication date: October 6, 2016Inventors: Sumit Sarin MANMOHAN, Sumant MODAK, Amit SHINDE, Bishnu CHATURVEDI
-
Publication number: 20160292437Abstract: Techniques describe preventing sensitive data from being misappropriated during an operation performed by a cloud synchronization application. A request from a cloud sync application to upload a file to a cloud storage service is intercepted. The file is currently stored on a client computer of an enterprise network. An account associated with the request is identified. The file is evaluated based on a data loss prevention policy and the account associated with the request. The request is blocked based on the evaluation.Type: ApplicationFiled: April 16, 2015Publication date: October 6, 2016Inventors: Sumit Sarin MANMOHAN, Kedar V. APTE
-
Patent number: 9230096Abstract: A data loss prevention (DLP) manager running on a security virtual machine manages DLP policies for a plurality of guest virtual machines. The DLP manager identifies a startup event of a guest virtual machine, and installs a DLP component in the guest virtual machine. The DLP component communicates with the DLP manager operating within the security virtual machine. The DLP manager also receives file system events from the DLP component, and enforces a response rule associated with the guest virtual machine if the file system event violates a DLP policy.Type: GrantFiled: July 2, 2012Date of Patent: January 5, 2016Assignee: Symantec CorporationInventors: Sumit Sarin, Sumesh Jaiswal
-
Patent number: 8832780Abstract: A data loss prevention (DLP) agent manages DLP polices of a shared network file system. The DLP agent identifies a request by an application to access a file from a shared storage device over a network, and enables monitoring on a local data store to detect file system requests by the application in response to the identifying. The DLP agent also analyzes data associated with the file to determine if the data violates a data loss prevention (DLP) policy, and enforces a response rule associated with the file if the data associated with the file violates the DLP policy.Type: GrantFiled: June 26, 2012Date of Patent: September 9, 2014Assignee: Symantec CorporationInventors: Sumit Sarin, Amit Shinde
-
Publication number: 20140007181Abstract: A data loss prevention (DLP) manager running on a security virtual machine manages DLP policies for a plurality of guest virtual machines. The DLP manager identifies a startup event of a guest virtual machine, and installs a DLP component in the guest virtual machine. The DLP component communicates with the DLP manager operating within the security virtual machine. The DLP manager also receives file system events from the DLP component, and enforces a response rule associated with the guest virtual machine if the file system event violates a DLP policy.Type: ApplicationFiled: July 2, 2012Publication date: January 2, 2014Inventors: Sumit Sarin, Sumesh Jaiswal