&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12355817.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,355,817 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Data loss prevention (DLP) for cloud resources via metadata analysis</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Sudha Iyer,  Sunnyvale, CA (US);  VenkataSwamy Pathapati,  Koduru Mandal (IN);  Kenil Patel,  Surat (IN); and  Krishna Narayanaswamy,  Saratoga, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Netskope, Inc.,  Santa Clara, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Netskope, Inc.,  Santa Clara, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Aug.  1, 2022, as Appl. No. 17/878,875.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/878,875 is a continuation of application No. 16/411,039, filed on May   13, 2019, granted, now 11,405,423.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/411,039 is a continuation in part of application No. 16/118,278, filed on Aug.  30, 2018, granted, now 11,403,418, issued on Aug.  2, 2022.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/411,039 is a continuation in part of application No. 16/000,132, filed on Jun.  5, 2018, granted, now 10,291,657, issued on May   14, 2019.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/118,278 is a continuation of application No. 15/368,246, filed on Dec.  2, 2016, granted, now 11,019,101, issued on May   25, 2021.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/118,278 is a continuation of application No. 15/368,240, filed on Dec.  2, 2016, granted, now 10,826,940, issued on Nov.  3, 2020.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Claims priority of provisional application 62/307,305, filed on Mar.  11, 2016.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2022/0377112 A1, Nov.  24, 2022</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 29/06</b></i> (2006.01); <i><b>G06F 16/28</b></i> (2019.01); <i><b>G06F 16/951</b></i> (2019.01); <i><b>G06F 21/62</b></i> (2013.01); <i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/20</b></i> (2013.01)&#xa0;[<i><b>G06F 16/285</b></i> (2019.01); <i><b>G06F 16/951</b></i> (2019.01); <i><b>G06F 21/6209</b></i> (2013.01); <i><b>H04L 63/0281</b></i> (2013.01); <i><b>H04L 63/10</b></i> (2013.01); <i><b>H04L 63/104</b></i> (2013.01); <i><b>H04L 63/105</b></i> (2013.01); <i><b>H04L 63/12</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12355817-20250708-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A computer-implemented method of enforcing data loss prevention policies on resource-level transactions that do not identify resource data, the method including:<div class="claim_text">intercepting resource-level transactions from client endpoints, wherein:<div class="claim_text">the resource-level transactions request copying of an organization's resources on cloud storage services from controlled locations to uncontrolled locations,</div>
                  <div class="claim_text">the resource-level transactions do not identify data stored in the resources, and the controlled locations are subject to inspection for data loss prevention by a network security system while the uncontrolled locations are not subject to inspection for data loss prevention by the network security system;</div>
                </div>
                <div class="claim_text">extracting identifiers that identify the resources in the resource-level transaction;</div>
                <div class="claim_text">generating substrings of the resource-level transactions by preprocessing the identifiers that identify the resources, wherein the preprocessing comprises lexically tokenizing the identifiers by demarcating the identifier using character-based delimiters;</div>
                <div class="claim_text">comparing the substrings to entries in a resource list that identifies the organization's resources on the cloud storage services;</div>
                <div class="claim_text">finding matches in a subset of the resource-level transactions based on the comparison and classifying the subset of the resource-level transactions as malicious data egress attempts; and</div>
                <div class="claim_text">blocking the malicious data egress attempts by preventing the copying, thereby enforcing the data loss prevention policies.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>