US 11,736,520 B1
Rapid incidence agentless lateral movement protection from ransomware for endpoints deployed under a default gateway with point to point links
Ritesh R. Agrawal, San Jose, CA (US); Vinay Adavi, Sunnyvale, CA (US); and Satish M. Mohan, San Jose, CA (US)
Assigned to AIRGAP NETWORKS INC., Santa Clara, CA (US)
Filed by Airgap Networks Inc., Santa Clara, CA (US)
Filed on Aug. 15, 2022, as Appl. No. 17/888,380.
Application 17/888,380 is a continuation in part of application No. 17/521,092, filed on Nov. 8, 2021.
Application 17/521,092 is a continuation of application No. 17/357,757, filed on Jun. 24, 2021, granted, now 11,171,985, issued on Nov. 9, 2021.
Int. Cl. H04L 9/40 (2022.01); H04L 12/46 (2006.01)
CPC H04L 63/1466 (2013.01) [H04L 12/4641 (2013.01); H04L 63/1416 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A system for rapid incidence response to prevent propagation of ransomware in an enterprise network, comprising:
an endpoint device of the enterprise network having an extended enterprise browser;
the extended enterprise browser configured to receive a ransomware threat level from an IT/control plane indicative of an enterprise ransomware risk level posture;
the extended enterprise browser selecting a certificate for user authentication with an identity provider based on the ransomware threat level, wherein the extended enterprise browser selects from a plurality of different certificates, stored in a secure store of the endpoint device with one certificate for each different level of ransomware risk over a range of ransomware risk levels;
wherein in an authentication process with the identity provider the certificate selected by the extended enterprise browser determines whether access to SaaS applications and private enterprise application of the enterprise will be allowed, denied, or limited by the identity provider.