Patents Assigned to Zscaler, Inc.
-
Publication number: 20250225260Abstract: Systems and methods for Data Loss Protection (DLP) utilizing distilled models include receiving a plurality of general data predictions from a teacher model; determining one or more strengths of the teacher model based on the received general data predictions; generating a synthetic dataset based on the one or more strengths of the teacher model; providing the synthetic dataset to the teacher model and receiving a plurality of synthetic data predictions from the teacher model based thereon; and performing knowledge distillation on a student model based on the synthetic data predictions received from the teacher model to produce a distilled model. The distilled model is then used in production for classifying inputs to a DLP system.Type: ApplicationFiled: June 17, 2024Publication date: July 10, 2025Applicant: Zscaler, Inc.Inventors: Chenhui Hu, Kabir Nagpal, Arun Bhallamudi
-
Publication number: 20250227116Abstract: Systems and methods for structural similarity based hash for sample identification and detection include, monitoring traffic associated with a cloud-based system; identifying a unique file within the traffic and computing a Structural Similarity Hash (SSHash) for the file, wherein the SSHash is based on auxiliary information and a complexity of the file; identifying one or more similar files based on the SSHash; and defining the file as belonging to one or more groups based on the one or more similar files.Type: ApplicationFiled: February 21, 2024Publication date: July 10, 2025Applicant: Zscaler, Inc.Inventors: Sandeep Paul, Deepen Desai
-
Publication number: 20250227110Abstract: Systems and methods for enforcing policy based on assigned user risk scores in a cloud-based system. Various methods include receiving a request to access a resource; determining whether a user associated with the request is allowed to access the resource, wherein the determining is based on a risk score of the user; and responsive to the user being permitted to access the resource, stitching together a connection between a cloud-based system, the resource, and the device to provide access to the resource.Type: ApplicationFiled: February 19, 2024Publication date: July 10, 2025Applicant: Zscaler, Inc.Inventors: John A. Chanak, Vamshidhar Palkonda, Badam Ramesh, Ivan Golovenko, Anjali Anjali, Hanumant Shinde
-
Patent number: 12353311Abstract: Systems and methods for dynamic applicative session separation and grouping. The system receives logs from one of a plurality of machines. The system can receive and manage logs from any number of machines in the cloud-based system. The system resamples the received logs by a given time frame. The system determines time intervals between activities based on the resampling of the logs. After determining the time intervals, the system determines a probability of a new log to be received after a time interval. The system then defines a session separation breaker and defines one or more logs as opening or closing a session.Type: GrantFiled: July 20, 2022Date of Patent: July 8, 2025Assignee: Zscaler, Inc.Inventors: Hila Paz Herszfang, Eden Meyuhas
-
Patent number: 12355767Abstract: Systems and methods for securely handling data traffic on local or private networks, such as by using cloud computing, are provided. A non-transitory computer-readable medium, according to one implementation, may be configured to store executable instructions enabling a processor of a user device to perform the step of discovering an origin of a source application associated with network packets bound for a private address space. The executable instructions may further enable the processor to send a tuple regarding the discovered origin to a cloud server to request an analysis of the tuple. Upon receiving an allow instruction from the cloud server, the instructions enable the processor to allow the network packets to flow normally to a destination associated with the private address space. Upon receiving a deny instruction from the cloud server, the instructions enable the processor to drop the network packets.Type: GrantFiled: April 15, 2021Date of Patent: July 8, 2025Assignee: Zscaler, Inc.Inventors: Abhinav Bansal, Rohit Goyal
-
Patent number: 12353309Abstract: The present disclosure includes systems and methods for anomaly detection on resource activity logs. Various embodiments include collecting resource activity data from a plurality of resources in a cloud environment, the resource activity data including information related to a plurality of events associated with the plurality of resources in the cloud environment; aggregating and performing one or more calculations on the resource activity data to represent the plurality of resources in vector form; determining a probability of a sequence of events to be executed by a resource of the plurality of resources based on the vector form of the resource; and determining an anomaly score for the sequence of events being executed by the resource based on the probability.Type: GrantFiled: October 24, 2023Date of Patent: July 8, 2025Assignee: Zscaler, Inc.Inventor: Eden Meyuhas
-
Patent number: 12346445Abstract: The methods described herein include receiving a plurality of packets associated with a file, each of the plurality of packets comprising content, and a source domain; extracting one or more features from content of a first packet of the plurality of packets; applying a trained machine learning model to the extracted one or more features to determine a probability of maliciousness associated with the first packet; responsive to determining that the probability maliciousness of the first packet is between a first threshold value and a second threshold value, labeling the first packet as having an uncertain maliciousness; extracting one or more features from content of a second packet of the plurality of packets; and applying the trained machine learning model to the extracted one or more features of the first packet and the second packet to determine a probability of maliciousness associated with the second packet.Type: GrantFiled: October 17, 2023Date of Patent: July 1, 2025Assignee: Zscaler, Inc.Inventors: Huihsin Tseng, Hao Xu, Jian L. Zhen
-
Patent number: 12348525Abstract: Systems and methods include obtaining log data for a plurality of users of an enterprise where the log data relates to usage of a plurality of applications by the plurality of users; determining i) app-segments that are groupings of application of the plurality of applications and ii) user-groups that are groupings of users of the plurality of users; and providing access policy of the plurality of applications based on the user-groups and the app-segments. The steps can further include monitoring the access policy over time based on ongoing log data, manual verification of the access policy, and incidents where users are prevented from accessing any application; and adjusting the determined based on the monitoring.Type: GrantFiled: October 13, 2021Date of Patent: July 1, 2025Assignee: Zscaler, Inc.Inventors: Dianhuan Lin, Raimi Shah, Rex Shang, Loc Bui, Subramanian Srinivasan, William Fehring, Arvind Nadendla, John A. Chanak, Shudong Zhou, Howie Xu
-
Patent number: 12341794Abstract: A computer system automatically tests a network communication model by predicting whether particular traffic (whether actual or simulated) should be allowed on the network, and then estimating the accuracy of the network communication model based on the prediction. Such an estimate may be generated even before the model has been applied to traffic on the network. For example, steps can include observing positive data associated with a network; generating a network communication model based on the positive data; generating negative data based on the network communication model; calculating a precision of the network communication model based on the network communication model and the negative data; and calculating an accuracy of the network communication model based on one or more of the precision of the network communication model, or the network communication model and the positive data.Type: GrantFiled: November 2, 2022Date of Patent: June 24, 2025Assignee: Zscaler, Inc.Inventors: John O'Neil, Michael J. Melson
-
Patent number: 12341789Abstract: Systems and methods for access key abuse detection, the systems and methods including steps of receiving activity data relating to an access key from cloud providers associated with a cloud-based system, generating a baseline for the access key based on the activity data, monitoring activities associated with the access key in the cloud-based system, and calculating a score for monitored activities based on a comparison of the monitored activities to the baseline. The present scoring system helps identify an abnormal and risky activity that indicates an attacker is abusing the access key. In addition, a baseline is created for a plurality of selected attributes that present the normal access key usage in order to identify malicious abnormal activities.Type: GrantFiled: January 19, 2023Date of Patent: June 24, 2025Assignee: Zscaler, Inc.Inventors: Shoham Danino, Aharon Fridman
-
Patent number: 12341809Abstract: Systems and methods for defending against volumetric attacks, implemented in a cloud-based system. Embodiments include steps of, monitoring flows and a rate of requests to a Data Center (DC); receiving a request from an address to the DC, the request being for a service in a cloud-based system; determining if the address has been successfully authenticated within a past predetermined time period; responsive to the address not having been successfully authenticated within the past time period, and one of (i) the rate of requests being above a threshold or (ii) the number of flows being above a threshold, placing the address in a penalty box for a predetermined amount of time; and blocking requests from the address in the penalty box for the predetermined amount of time.Type: GrantFiled: November 16, 2022Date of Patent: June 24, 2025Assignee: Zscaler, Inc.Inventors: Clifford Kahn, Jian Liu, Victor Pavlov, Srinivas Kavuri, John A. Chanak
-
Patent number: 12341799Abstract: Systems and methods for cloud activity anomaly detection include receiving historical data from a historical time span associated with an identity, wherein the historical data includes activities performed by the identity and times when the activities took place; computing an activity prediction for a future time span based on the historical data, wherein the activity prediction specifies intervals within the future time span when future activities are expected to take place; performing inline monitoring of activity between the identity and a cloud-based system; and responsive to an activity taking place outside of the activity prediction, performing an action based thereon.Type: GrantFiled: July 3, 2023Date of Patent: June 24, 2025Assignee: Zscaler, Inc.Inventor: Hila Paz Herszfang
-
Publication number: 20250202926Abstract: Systems and methods include discovering and classifying any of data discovered by inline cloud inspection, data stored across one or more cloud services, and data stored across one or more endpoints; continuously monitoring access to and usage of classified data, wherein the monitoring is performed in real-time and includes analyzing data access patterns, user behaviors, and application interactions; evaluating a security posture of the classified data by identifying misconfigurations, compliance violations, excessive permissions, and vulnerabilities; and enforcing one or more security policies based on the evaluated security posture.Type: ApplicationFiled: March 5, 2025Publication date: June 19, 2025Applicant: Zscaler, Inc.Inventors: Krishnakumar Chandrabose, Jeevan Reddy Ragula, Raghavendra Prasad, Neha Kabra, Lokanadha Venkata Rama Chandra Sai Kishore Tummalapalli, Arun Bhallamudi, Shankar Vivekanandan, Sreekanth Tangudu, Narinder Paul
-
Publication number: 20250193228Abstract: Systems and methods for visualizing security coverage based on MITRE ATT&CK framework include obtaining cybersecurity monitoring data for an organization where the cybersecurity monitoring data is from a plurality of sources including from cybersecurity monitoring of a cloud environment associated with the organization; providing an interactive User Interface (UI), wherein the UI overlays a catalog of known malicious tactics with the cybersecurity monitoring data; and responsive to one or more selections within the UI, providing information related to coverage of one or more threat techniques.Type: ApplicationFiled: February 16, 2024Publication date: June 12, 2025Applicant: Zscaler, Inc.Inventors: Shriyash Shete, Raj Krishna, Jithin Prajeev Nair, Valentin Khechinashvili, Sundar Rajkumar Jothimani, Arjav Vakharia, Karthikeyan Thamilarasu, Christopher Young
-
Publication number: 20250193025Abstract: Systems and methods for automated certificate generation and management inside zero trust private networks. Various methods include monitoring access to one or more private applications; responsive to identifying a request to access an application of the one or more private applications, generating a certificate; providing the generated certificate to a broker; and utilizing the generated certificate to provide access to the application by stitching together a connection between a user and the application.Type: ApplicationFiled: January 19, 2024Publication date: June 12, 2025Applicant: Zscaler, Inc.Inventors: Ginni Dusgotra, Abhinav Saund, Kanti Varanasi, Sumit Guha
-
Publication number: 20250184366Abstract: Systems and methods for updating a security agent installed on a computing device without requiring a scheduled software update window include steps of receiving a digitally signed script from a remote server, wherein the security agent includes an embedded interpreter configured to execute script-based instructions; verifying a digital signature of the digitally signed script using a public key embedded in the security agent; and executing the digitally signed script via the embedded interpreter at runtime to modify functionality of the security agent without recompiling or reinstalling compiled code.Type: ApplicationFiled: February 3, 2025Publication date: June 5, 2025Applicant: Zscaler, Inc.Inventor: Thomas E. Keiser, JR.
-
Publication number: 20250184367Abstract: Systems and methods for operating a scanning system, implemented either on-premises or in a cloud-based service, for crawling and analyzing files stored in one or more data repositories. The scanning system includes a controller, a message broker, and a distributed pool of workers, and, in one embodiment, a method includes receiving, by the controller, policy and configuration data associated with at least one organization; generating, by the controller, job assignments corresponding to files to be analyzed according to the received policy and configuration data; publishing the job assignments to the message broker for parallel distribution among the distributed pool of workers; retrieving and scanning, by at least one worker, the files from the one or more data repositories in accordance with the assigned job; and executing, where required by the policy and configuration data, at least one policy-based action on the files within the data repositories.Type: ApplicationFiled: February 3, 2025Publication date: June 5, 2025Applicant: Zscaler, Inc.Inventors: Shankar Vivekanandan, Narinder Paul, Parth Shah, Pratibha Nayak, Sonal Choudhary, Huan Chen
-
Publication number: 20250159023Abstract: Systems and methods for active exposure and unwanted connection protection. In various embodiments, steps include receiving a request from a user to access a destination service; directing the request to a control layer; enforcing one or more controls, via the control layer, on the request based on a configuration provided by an owner of the destination service; and creating a connection from the destination service to the control layer based on the one or more controls, thereby providing access to the destination service without exposing the destination service to a direct connection.Type: ApplicationFiled: November 13, 2023Publication date: May 15, 2025Applicant: Zscaler, Inc.Inventor: Nathan Howe
-
Publication number: 20250159019Abstract: Systems and methods for utilizing small sized Large Language Models (LLMs) for performing domain classification include responsive to training one or more machine learning models for performing classification of domains, the training including performing one or more optimizations to the one or more machine learning models, receiving a domain; obtaining data associated with the domain including log data from a cloud-based system that performs monitoring of a plurality of users; and analyzing the domain via the one or more trained machine learning models for classifying the domain.Type: ApplicationFiled: January 14, 2025Publication date: May 15, 2025Applicant: Zscaler, Inc.Inventors: Chenhui Hu, Muhammed Salih, Devesh Solanki, Rex Shang, Santhosh Kumar, Narinder Paul
-
Publication number: 20250159024Abstract: Systems and methods for abnormal Classless Inter-Domain Routing (CIDR) access detection. The present systems and methods are configured to perform the steps of scanning one or more security groups associated with a cloud environment; assigning a score to one or more Classless Inter-Domain Routing (CIDR) groups within the one or more security groups; and providing one or more suggested actions based on the score of the one or more CIDR groups.Type: ApplicationFiled: November 13, 2023Publication date: May 15, 2025Applicant: Zscaler, Inc.Inventors: Jonathan Assayag, Shoham Danino