US 11,792,008 B2
Actively monitoring encrypted traffic by inspecting logs
Matan Binyamin Fattal, Raanana (IL); Yaron Kassner, Hod Hasharon (IL); Hed Kovetz, Atzmon-Segev (IL); and Rotem Zach, Pardesiya (IL)
Assigned to SILVERFORT LTD., Tel Aviv (IL)
Appl. No. 16/612,422
Filed by SILVERFORT LTD., Tel Aviv (IL)
PCT Filed Jun. 19, 2018, PCT No. PCT/IB2018/054491
§ 371(c)(1), (2) Date Nov. 11, 2019,
PCT Pub. No. WO2018/234980, PCT Pub. Date Dec. 27, 2018.
Claims priority of provisional application 62/521,576, filed on Jun. 19, 2017.
Prior Publication US 2020/0213116 A1, Jul. 2, 2020
Int. Cl. H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04W 12/06 (2021.01)
CPC H04L 9/3213 (2013.01) [H04L 9/3271 (2013.01); H04L 63/0815 (2013.01); H04L 63/10 (2013.01); H04L 63/1425 (2013.01); H04L 63/20 (2013.01); H04W 12/06 (2013.01)] 42 Claims
OG exemplary drawing
 
1. A system, comprising:
a network interface; and
one or more processors, configured to cooperatively perform a process that includes:
receiving, via the network interface, a request originating from a request- origin application and directed to a request-destination application that runs on a request-destination device,
subsequently to receiving the request, communicating the request to the request-destination device,
subsequently to communicating the request to the request-destination device, matching the request to at least one log entry of multiple log entries recorded by the request-destination application by identifying that the log entry was recorded responsively to the request, and receiving a response, from the request-destination application, to the request,
while holding the response, identifying, in the at least one log entry, information associated with the request or with the response, and
performing a function in response to the information and in accordance with a security rule.