US 12,380,215 B2
Cyber security boot status markers
Garrett Moore, Ottawa (CA); and Blair C. Foster, Jr., Ottawa (CA)
Assigned to CrowdStrike, Inc., Sunnyvale, CA (US)
Filed by CrowdStrike, Inc., Sunnyvale, CA (US)
Filed on Jul. 25, 2023, as Appl. No. 18/358,564.
Claims priority of provisional application 63/504,975, filed on May 30, 2023.
Prior Publication US 2024/0403435 A1, Dec. 5, 2024
Int. Cl. G06F 21/00 (2013.01); G06F 21/57 (2013.01)
CPC G06F 21/575 (2013.01) [G06F 2221/033 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method that classifies a boot-start driver, comprising:
determining, by an antimalware driver during a current boot process associated with an operating system, a boot status marker set during a previous boot process;
determining, by the antimalware driver during the current boot process, a driver classification associated with the boot-start driver, the driver classification based on the boot status marker set during the previous boot process; and
reporting, by the antimalware driver during the current boot process, the driver classification to the operating system.