Patents by Inventor Abhinav BANSAL

Abhinav BANSAL has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12355767
    Abstract: Systems and methods for securely handling data traffic on local or private networks, such as by using cloud computing, are provided. A non-transitory computer-readable medium, according to one implementation, may be configured to store executable instructions enabling a processor of a user device to perform the step of discovering an origin of a source application associated with network packets bound for a private address space. The executable instructions may further enable the processor to send a tuple regarding the discovered origin to a cloud server to request an analysis of the tuple. Upon receiving an allow instruction from the cloud server, the instructions enable the processor to allow the network packets to flow normally to a destination associated with the private address space. Upon receiving a deny instruction from the cloud server, the instructions enable the processor to drop the network packets.
    Type: Grant
    Filed: April 15, 2021
    Date of Patent: July 8, 2025
    Assignee: Zscaler, Inc.
    Inventors: Abhinav Bansal, Rohit Goyal
  • Patent number: 12321256
    Abstract: Computer-implemented agile software development, testing, and implementation are provided. At least one computing device accesses at least one input file and processes the file(s) to generate an application framework including a plurality of files. An interactive interface including selectable options associated with the respectively accessible folders is provided. Via the interactive interface, editable access to each of the plurality of files is provided and the at least one computing device receives, via the interface, at least one edit to at least one of the files. A testing case of the generated application framework is generated, includes step definition files. The at least one computing device tests the generated application framework by stepping through automation provided by the generated application framework as a function of the step definition files. Moreover, the at least one computing device generates reporting associated with the testing of the generated application framework.
    Type: Grant
    Filed: February 18, 2025
    Date of Patent: June 3, 2025
    Assignee: Morgan Stanley Services Group Inc.
    Inventors: Neha Singla, Utsav Galphat, Kanwar deep Singh, Abhinav Bansal, Diptanu Nath, Naeem Mushtaq
  • Publication number: 20250138938
    Abstract: Systems and methods for private application access continuity include providing access to one or more private applications for users associated with a tenant of a cloud-based system; detecting one or more criteria suggesting an outage of the cloud-based system; and responsive to activation of a disaster recovery mode based on the one or more criteria, providing access to the one or more private applications via an on-site disaster recovery system including a site controller, wherein providing the access via the site controller does not require communication with the cloud-based system.
    Type: Application
    Filed: January 3, 2025
    Publication date: May 1, 2025
    Applicant: Zscaler, Inc.
    Inventors: Abhinav Bansal, Paul Ling, Vikas Mahajan, Jian Liu, Joby Menon, Lidor Pergament, John Chanak, William Fehring, Ale Mansoor, Ramesh Andavar
  • Patent number: 12273366
    Abstract: The present disclosure relates to systems and methods for risk-based session resumption. The present disclosure addresses the security gaps in the access control workflow of an organization while significantly enhancing the user experience. Instead of users being inquired to reauthenticate at a periodic interval, the present disclosure provides risk-based session resumption and reauthentication established on a verdict determination based on changes detected in metadata. The present disclosure not only prevents unnecessary prompts for user to authenticate again but also improves the security profile of an organization as users need to reauthenticate only if something has changed, malicious activity is detected, and there is a real risk to access control.
    Type: Grant
    Filed: December 1, 2021
    Date of Patent: April 8, 2025
    Assignee: Zscaler, Inc.
    Inventor: Abhinav Bansal
  • Publication number: 20240333652
    Abstract: Systems and methods for detecting and bypassing network throttling in User Datagram Protocol (UDP) connections. Various embodiments include monitoring network traffic to and from a user device, wherein the network traffic is facilitated over a communication mode; collecting telemetry from the network traffic; identifying network throttling based on the telemetry; and responsive to identifying network throttling, utilizing an alternate communication mode, thereby bypassing the network throttling. The network throttling can be identified by calculating a loss value based on the telemetry and determining network throttling based on the loss value.
    Type: Application
    Filed: May 23, 2023
    Publication date: October 3, 2024
    Inventors: Abhinav Bansal, Rohit Goyal
  • Patent number: 12101318
    Abstract: Systems and methods implemented by a mobile device include establishing a plurality of tunnels to a gateway, wherein each of the plurality of tunnels is on one of a plurality of link layer channels at the mobile device; intercepting network traffic on the mobile device; forwarding the network traffic to one of the plurality of tunnels based on a set of traffic forwarding rules; and responsive to a network change for the mobile device, managing the plurality of tunnels and continuing the forwarding based on the managing. The systems and methods can further include determining characteristics including bandwidth of each of the plurality of link layer channels; and utilizing the characteristics with the set of traffic forwarding rules for the forwarding.
    Type: Grant
    Filed: November 23, 2020
    Date of Patent: September 24, 2024
    Assignee: Zscaler, Inc.
    Inventors: Abhinav Bansal, Rohit Goyal
  • Publication number: 20240297881
    Abstract: Systems and methods for transparent proxy chaining for distributed remote access. The various embodiments described herein include intercepting network traffic associated with an end user device; identifying a request to a destination from the network traffic, the destination being in a distributed environment of a plurality of distributed environments; connecting the end user device to the destination based on access control policies associated with a user of the end user device; and logging all traffic associated with the plurality of distributed environments.
    Type: Application
    Filed: March 3, 2023
    Publication date: September 5, 2024
    Inventor: Abhinav Bansal
  • Publication number: 20240214363
    Abstract: Systems and methods include responsive to receiving a request at a remote node, determining whether the request is to be sent directly or via a cloud-based system; establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between the remote node and a local node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier.
    Type: Application
    Filed: March 4, 2024
    Publication date: June 27, 2024
    Applicant: Zscaler, Inc.
    Inventors: Srikanth Devarajan, Vijay Bulusu, Roy Rajan, Ajit Singh, Abhinav Bansal, Vikas Mahajan
  • Publication number: 20240146689
    Abstract: Systems and methods for providing a context aware client firewall. Various embodiments include intercepting all network traffic to and from a mobile device, deriving a static risk profile of the mobile device based on one or more parameters, determining a dynamic risk of the mobile device based on network flow attributes, and computing an overall risk for the network traffic based on the static risk profile and the dynamic risk. Network traffic can therefore be allowed or blocked based on the computed risk. The solution provides granular control to IT administrations to block network traffic based on parameters such as geolocation, network type, and various others described herein.
    Type: Application
    Filed: October 27, 2022
    Publication date: May 2, 2024
    Inventors: Abhinav Bansal, Eric Kampman, Amandeep Singh
  • Publication number: 20240121211
    Abstract: Systems and methods include responsive to a user initiating a session with a resource, determining a master fingerprint of a device associated with the user; collecting, at predefined time intervals, one or more additional fingerprints during the session; comparing the one or more additional fingerprints with the master fingerprint; and performing one or more actions based on the comparing.
    Type: Application
    Filed: November 29, 2023
    Publication date: April 11, 2024
    Applicant: Zscaler, Inc.
    Inventors: Nikhil Bhatia, Sandip Davara, Pankaj Kumar, Vivek Ashwin Raman, Abhinav Bansal
  • Patent number: 11949663
    Abstract: Systems and methods include establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier. The first encryption technique can be one of TLS and SSL, and the second encryption technique can be one of TLS and DTLS.
    Type: Grant
    Filed: July 7, 2020
    Date of Patent: April 2, 2024
    Assignee: Zscaler, Inc.
    Inventors: Srikanth Devarajan, Vijay Bulusu, Roy Rajan, Ajit Singh, Abhinav Bansal, Vikas Mahajan
  • Patent number: 11843577
    Abstract: Systems and methods include obtaining a plurality of parameters associated with a host; determining a fingerprint of the host utilizing the plurality of parameters; and providing the fingerprint to cloud service for enrollment and management of the host in the cloud service. The cloud service can include microsegmentation of the host. The cloud service can include any of Internet access for the host and private resource access by the host.
    Type: Grant
    Filed: August 16, 2021
    Date of Patent: December 12, 2023
    Assignee: Zscaler, Inc.
    Inventors: Ajit Singh, Vivek Ashwin Raman, Abhinav Bansal, Thomas Evan Keiser, Jr., John H. O'Neil
  • Publication number: 20230262030
    Abstract: Systems and methods include receiving one or more disaster recovery configurations; identifying activation of a disaster recovery mode; and controlling traffic flow such that the traffic is any of blocked to all destinations, allowed to all destinations, and allowed to preselected destinations based on the one or more received disaster recovery configurations.
    Type: Application
    Filed: April 26, 2023
    Publication date: August 17, 2023
    Inventors: Abhinav Bansal, Paul Yun Ling, Vikas Mahajan
  • Publication number: 20230171280
    Abstract: The present disclosure relates to systems and methods for risk-based session resumption. The present disclosure addresses the security gaps in the access control workflow of an organization while significantly enhancing the user experience. Instead of users being inquired to reauthenticate at a periodic interval, the present disclosure provides risk-based session resumption and reauthentication established on a verdict determination based on changes detected in metadata. The present disclosure not only prevents unnecessary prompts for user to authenticate again but also improves the security profile of an organization as users need to reauthenticate only if something has changed, malicious activity is detected, and there is a real risk to access control.
    Type: Application
    Filed: December 1, 2021
    Publication date: June 1, 2023
    Inventor: Abhinav Bansal
  • Patent number: 11388177
    Abstract: Systems and methods for security and control of Internet of Things (IOT) and ZeroConf devices using cloud services. The present disclosure uses an application that runs on a user device in a promiscuous mode to look for potentially vulnerable and compromised machines on the local network. Specifically, the user device can fingerprint ZeroConf and IOT networks based on their static and dynamic behavior. The application discovers all hosts on the network and uses a cloud service such as via a cloud-based system to detect potentially malicious IOTs with known vulnerabilities. Based on an enterprise policy or user's preferences, the solution can alert if any IOT device tries to communicate with the user's device or if the user's device itself broadcasts services running on the device such as screen sharing/file sharing.
    Type: Grant
    Filed: October 30, 2019
    Date of Patent: July 12, 2022
    Assignee: Zscaler, Inc.
    Inventor: Abhinav Bansal
  • Publication number: 20210377210
    Abstract: Systems and methods include obtaining a plurality of parameters associated with a host; determining a fingerprint of the host utilizing the plurality of parameters; and providing the fingerprint to cloud service for enrollment and management of the host in the cloud service. The cloud service can include microsegmentation of the host. The cloud service can include any of Internet access for the host and private resource access by the host.
    Type: Application
    Filed: August 16, 2021
    Publication date: December 2, 2021
    Inventors: Ajit Singh, Vivek Ashwin Raman, Abhinav Bansal, Thomas Evan Keiser, JR., John H. O'Neil
  • Publication number: 20210367920
    Abstract: Systems and methods include establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier. The first encryption technique can be one of TLS and SSL, and the second encryption technique can be one of TLS and DTLS.
    Type: Application
    Filed: July 7, 2020
    Publication date: November 25, 2021
    Inventors: Srikanth Devarajan, Vijay Bulusu, Roy Rajan, Ajit Singh, Abhinav Bansal, Vikas Mahajan
  • Patent number: 11134386
    Abstract: Systems and methods for device identification for management and policy in the cloud, using a combination of several hardware parameters and user's identification to generate a unique identifier for a user device and associated user. IOCTL and Assembly can be used to get the different hardware parameters. All the hardware parameters can then run through a process to generate a fixed size hardware fingerprint. A base64 encoding can be performed to convert it into a string, for consumption of database. The resultant identifier is unique and it is never stored on machine. The application can simply generate it whenever needed. The resultant identifier can used by a service provider to uniquely identify the device even when the device is moving hands or locations. The resultant identifier is never stored, so moving data from one device to another will not result in the same identifier for two devices.
    Type: Grant
    Filed: November 5, 2019
    Date of Patent: September 28, 2021
    Assignee: Zscaler, Inc.
    Inventors: Ajit Singh, Vivek Ashwin Raman, Abhinav Bansal
  • Publication number: 20210234860
    Abstract: Systems and methods for securely handling data traffic on local or private networks, such as by using cloud computing, are provided. A non-transitory computer-readable medium, according to one implementation, may be configured to store executable instructions enabling a processor of a user device to perform the step of discovering an origin of a source application associated with network packets bound for a private address space. The executable instructions may further enable the processor to send a tuple regarding the discovered origin to a cloud server to request an analysis of the tuple. Upon receiving an allow instruction from the cloud server, the instructions enable the processor to allow the network packets to flow normally to a destination associated with the private address space. Upon receiving a deny instruction from the cloud server, the instructions enable the processor to drop the network packets.
    Type: Application
    Filed: April 15, 2021
    Publication date: July 29, 2021
    Inventors: Abhinav Bansal, Rohit Goyal
  • Patent number: 10986094
    Abstract: Systems and methods implemented by an application executed on a user device for service discovery and connectivity include discovering one or more cloud services for a user associated with the user device; creating and operating an interface on the user device; and intercepting traffic at the interface from one or more client applications on the user device and splitting the traffic based on configuration to the one or more cloud services. The method can further include authenticating the user into the one or more cloud services prior to the splitting.
    Type: Grant
    Filed: February 21, 2018
    Date of Patent: April 20, 2021
    Assignee: Zscaler, Inc.
    Inventors: Purvi Desai, Vikas Mahajan, Abhinav Bansal, Ajit Singh, Sandeep Kumar, Vivek Raman