US 11,868,495 B2
Cybersecurity active defense in a data storage system
Eric Bednash, Fulton, MD (US); Jonathan Halstuch, Fulton, MD (US); Nicholas Louis Mezei, Catonsville, MD (US); and Garrett Eugene D'Amore, San Marcos, CA (US)
Assigned to RackTop Systems, Inc., Fulton, MD (US)
Filed by RackTop Systems, Inc., Fulton, MD (US)
Filed on Nov. 8, 2021, as Appl. No. 17/521,676.
Claims priority of provisional application 63/113,697, filed on Nov. 13, 2020.
Prior Publication US 2022/0156396 A1, May 19, 2022
Int. Cl. G06F 21/62 (2013.01); G06F 21/55 (2013.01); G06F 21/44 (2013.01); G06F 21/56 (2013.01)
CPC G06F 21/6218 (2013.01) [G06F 21/445 (2013.01); G06F 21/554 (2013.01); G06F 21/568 (2013.01); G06F 2221/2101 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A system comprising:
a file system; and
an architecture installed on the file system, the architecture being configured to protect the file system in a zero-trust manner from a malicious attack by a source system, the architecture comprising a controller that is configured to:
determine file-level operations of files in the file system that are indicative of a malicious event;
block a user account or machine address interacting with the files over a network;
prevent data exfiltration or data corruption of the files;
provide an alert to an administrator regarding the files;
place snapshot holds on immutable snapshots so files that have been modified or deleted can be recovered to prior versions and snapshots are available;
identify the files that were associated with the malicious event;
present a graphical user interface that allows for restoration of the files from an immutable backup copy of the file system; and
restore the files as requested.