Patents Assigned to Fortinet, Inc.
  • Patent number: 12130878
    Abstract: Example systems and methods monitor a cloud compute environment. An example method includes: determining, by an agent deployed in a cloud environment and based on a plurality of data packets transmitted over a plurality of network interfaces of the cloud environment, a set of data packets that are associated with a communication between a first container and a second container; determining, by the agent and based on the set of data packets, communication data associated with the communication; and providing, by the agent, the communication data to a data platform, wherein providing the communication data to the data platform uses less network resources than providing the set of data packets to the data platform.
    Type: Grant
    Filed: April 26, 2022
    Date of Patent: October 29, 2024
    Assignee: Fortinet, Inc.
    Inventors: Anil K. Nanduri, Prakash Jalan, Matti A. Vanninen, Ammar G. Ekbote, Alex Ramachandran Nirmala, Yijou Chen
  • Patent number: 12126695
    Abstract: Learning from other cloud deployments to combat security threats, including: identifying, for at least a portion of a first cloud deployment, one or more additional cloud deployments to utilize for cross-customer learning; receiving information describing a security threat to one or more of the additional cloud deployments; receiving information describing configuration settings used to combat the security threat; and identifying, based on the information describing configuration settings used to combat the security threat, one or more configurations to adopt for the first cloud deployment.
    Type: Grant
    Filed: July 28, 2023
    Date of Patent: October 22, 2024
    Assignee: Fortinet, Inc.
    Inventors: Úlfar Erlingsson, Yijou Chen
  • Patent number: 12126643
    Abstract: Leveraging generative artificial intelligence (‘AI’) for securing a monitored deployment, including: receiving natural language input associated with the monitored deployment, the monitored deployment monitored by a monitoring tool; and receiving, from a generative AI application, a response to the natural language input, wherein: the generative AI application accesses publicly available information as well as data sources associated with the monitoring tool; and the response is generated based at least in part on information contained in the data sources associated with the monitoring tool.
    Type: Grant
    Filed: September 18, 2023
    Date of Patent: October 22, 2024
    Assignee: Fortinet, Inc.
    Inventors: Njall Skarphedinsson, Pamela Bhattacharya, Úlfar Erlingsson, Jay Parikh, Timothy Chase, Yijou Chen
  • Patent number: 12125061
    Abstract: Methods and systems for AP location based content presentation are provided. According to one embodiment, a web service receives from a widget executing within a web page requested by a wireless computing device of multiple wireless computing devices operating within an enterprise, a unique identifier of the wireless computing device. An access point (AP) identifier is determined for an AP of multiple APs of the enterprise that is servicing the wireless computing device by querying a log database with the unique identifier. AP specific content is displayed within the web page as a result of the web service retrieving the AP specific content from a content database based on the AP identifier and returning the AP specific content to the widget.
    Type: Grant
    Filed: May 20, 2015
    Date of Patent: October 22, 2024
    Assignee: Fortinet, Inc.
    Inventor: Keerthi K. Sethuraman
  • Patent number: 12120140
    Abstract: An illustrative method includes generating, based on log data associated with at least one user session in a network environment associated with a user, a logical graph, wherein the logical graph comprises: (1) a first node corresponding to the user, (2) a plurality of additional nodes, and (3) a set of edges connecting the first node to one or more of the additional nodes, wherein each edge in the set of edges represents a change in behavior of the user; using the logical graph to detect an anomaly, wherein detecting the anomaly includes determining that a change has been made to at least one edge included in the set of edges; and generating, in response to detecting the anomaly, an alert.
    Type: Grant
    Filed: May 11, 2023
    Date of Patent: October 15, 2024
    Assignee: Fortinet, Inc.
    Inventors: Harish Kumar Bharat Singh, Vikram Kapoor, Murat Bog, Yijou Chen
  • Publication number: 20240340221
    Abstract: Various embodiments provide systems and methods for automating an SD-WAN setup process.
    Type: Application
    Filed: June 21, 2024
    Publication date: October 10, 2024
    Applicant: Fortinet, Inc.
    Inventor: Robert A. May
  • Publication number: 20240338444
    Abstract: Various embodiments provide systems and methods for identifying malicious files based upon file structure.
    Type: Application
    Filed: April 7, 2023
    Publication date: October 10, 2024
    Applicant: Fortinet, Inc.
    Inventor: Samer Moein
  • Publication number: 20240340294
    Abstract: Systems, methods, and apparatuses enable one or more security microservices to resolve the disparate impact of security exploits to resources within a resource group. When a resource group is determined to be impacted by a security exploit, the one or more security microservices determines whether the members of the resource group are disparately impacted. In response, the one or more security microservices splits the resource group into an impacted resource group and a non-impacted resource group and applies exploit mitigation to the resource group members in the impacted resource group. When the one or more security microservices determine that the resource group members of the split resource group are no longer disparately impacted, the one or more security microservices combine the impacted resource group and the non-impacted resource group back into a single resource group.
    Type: Application
    Filed: June 17, 2024
    Publication date: October 10, 2024
    Applicant: Fortinet, Inc.
    Inventors: Manuel Nedbal, Ratinder Paul Singh Ahuja, Sumanth Gangashanaiah
  • Patent number: 12111919
    Abstract: Systems, devices, and methods are discussed for identifying possible improper file accesses by an endpoint device. In some cases an agent is placed on each system to be surveilled that records the absolute paths for each file accessed for each user. This information may be accumulated and sent to a central server or computer for analysis of all such file accesses on a user basis. In some cases, a file access tree is created, and in some implementations be pruned of branches and leaves if deemed to be duplicates or very similar to other branched and leaves via a Levenshtein distance threshold. The resulting tree's edges may be scaled in particular implementations based on the deviation of a user's file accesses from their sphere of permissions. A variance metric may be computed from the final tree's form to capture the user's access patterns.
    Type: Grant
    Filed: September 1, 2021
    Date of Patent: October 8, 2024
    Assignee: Fortinet, Inc.
    Inventor: Sameer T. Khanna
  • Publication number: 20240333579
    Abstract: A downstream wired port receives network packets over the at least one or more downstream wired port. An upstream routing table, responsive the failure of the at least one of the one or more upstream wired ports, in this embodiment, determines whether a valid route for the network packets exists over the upstream network device. The upstream routing table, responsive to determining that a valid route exists, redirects the network packets for the failed upstream wired port to the upstream Wi-Fi port.
    Type: Application
    Filed: March 31, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet. Inc.
    Inventors: Sharathraj Nayak, Venkatesh Kannan
  • Publication number: 20240333600
    Abstract: An adaptive TTL model is generated from connection events, based on varying flight delay times for connecting the device manager to a plurality of managed devices. During a connection event for any of the plurality of managed devices, a TTL value is automatically chosen for the connection event from the adaptive TTL model.
    Type: Application
    Filed: March 27, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventors: Venugopal SethuRamasamy, Shashikiran G. Shirole
  • Publication number: 20240333721
    Abstract: From deep packet inspection, it is determined whether each of the plurality of network devices is part of the IT segment or the OT segment by examining a physical network address, a data type and a network protocol of one or more of the network packets. A network hierarchy is dynamically generated that maps the IT segment with interconnected IT levels having IT devices relative to the OT segment with interconnected OT levels having OT devices. A plurality of security zones is set up from the IT layout and the OT layout. Each of the plurality of security zones has a corresponding one or more security zone policies. The network hierarchy is output and overlaid with the plurality of security zones for display to a user.
    Type: Application
    Filed: March 31, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventor: Aasef Iqbal
  • Publication number: 20240333736
    Abstract: Various embodiments provide systems and methods for visually displaying an developing attack in a computer network based at least in part on historical information.
    Type: Application
    Filed: March 31, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventors: Kevin Graves, Jeremy HUBBLE
  • Publication number: 20240333731
    Abstract: Various embodiments provide systems and methods for granting/denying access to network security services to a plurality of service requesters.
    Type: Application
    Filed: March 24, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventors: Chun Hsu, Chris Gorecki
  • Publication number: 20240330017
    Abstract: A web request to the web browser is intercepted by the web browser extension to determine whether information is synchronously available to evaluate the web request. Responsive to not having information for synchronous evaluation, the web request is redirected to display a gateway page while asynchronous obtaining information from an external information provider server, the request tracked with a request identifier and storing the asynchronously gathered information for synchronous access along with the request identifier. Responsive to an automated notification from the web browser extension, the web request is reissued to the web browser by the gateway page to replace the gateway page with response content from the web request. The reissued web request is again intercepted by the web browser extension to synchronously evaluate the gathered information. The reissued web request is then based on the fetched.
    Type: Application
    Filed: June 30, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventor: Karel Chanivecky Garcia
  • Publication number: 20240333740
    Abstract: Various embodiments provide systems and methods for identifying malicious network behavior based upon historical analysis.
    Type: Application
    Filed: June 12, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc
    Inventors: Dan Caselden, JOHN CONWELL, LINDSEY LACK, MICHAEL LIN, KEVIN GRAVES
  • Publication number: 20240334369
    Abstract: A plurality of access points synch with a first synch event to establish a first predefined time interval for periodically sending STA reports. Responsive to detecting the new access point, each of the plurality of access points is resynched by sending a second sync event to establish a second predefined time interval for periodically sending STA reports. A real-time mapping can be displayed of the station using a first location at a first instance, as initially synched, and a second location at the second instance, as resynched.
    Type: Application
    Filed: March 30, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventors: Pradeep Mohan, Karthikeyan Rajendiran
  • Publication number: 20240333735
    Abstract: Web requests are intercepted and it is determined whether information is synchronously available to evaluate the web request. Responsive to not having information for synchronous evaluation, the web request can be redirected to a parking service to asynchronously obtain information to evaluate the web request. A response from the redirected web request including information for evaluation is received and stored. Then, web requests are reissued for synchronously evaluation by the browser. A decision can be made to allow, redirect, or block, based on the retrieved information.
    Type: Application
    Filed: March 30, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventor: Karel Chanivecky Garcia
  • Publication number: 20240333760
    Abstract: Various embodiments provide systems and methods for detecting and/or stopping lateral movement between endpoint devices by malicious actors.
    Type: Application
    Filed: March 31, 2023
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventor: Radhesh Walwadkar
  • Publication number: 20240333772
    Abstract: Various approaches for providing scalable network access processing. In some cases, approaches discussed relate to systems and methods for providing scalable zero trust network access control.
    Type: Application
    Filed: June 14, 2024
    Publication date: October 3, 2024
    Applicant: Fortinet, Inc.
    Inventors: Wenping Luo, Robert May, Kunal Marwah