	US 12,406,060 B2
	Automated interpreted application control for workloads
Satya V. Gupta, Dublin, CA (US)
Assigned to Virsec Systems, Inc., San Jose, CA (US)
Filed by Virsec Systems, Inc., San Jose, CA (US)
Filed on May 18, 2022, as Appl. No. 17/664,009.
Claims priority of provisional application 63/190,100, filed on May 18, 2021.
Claims priority of provisional application 63/190,099, filed on May 18, 2021.
Prior Publication US 2022/0391506 A1, Dec. 8, 2022
Int. Cl. G06F 21/56 (2013.01); G06F 21/57 (2013.01)

CPC G06F 21/563 (2013.01) [G06F 21/562 (2013.01); G06F 21/566 (2013.01); G06F 21/577 (2013.01); G06F 2221/033 (2013.01)]

20 Claims

1. A computer-implemented method of protecting a computing workload from script-based attacks, the method comprising:

receiving, at a workload, a command to commence execution of code of a script;

determining whether:

(i) permissions of a user issuing the command comply with a permissions security standard;

(ii) an identifier of an interpreter supporting the script is included in an approved interpreter list;

(iii) an identifier of a selected parameter of the interpreter is included in an approved parameter list, wherein the selected parameter modifies operations performed by the interpreter and the identifier of the selected parameter is distinct from the identifier of the interpreter; and

(iv) an identifier of the script is included in an approved list of executables; and

allowing or denying the execution of the code of the script based on the determining, thereby protecting the workload from script-based attacks.