US 11,757,934 B1
Extended browser monitoring inbound connection requests for agentless lateral movement protection from ransomware for endpoints deployed under a default gateway with point to point links
Ritesh R. Agrawal, San Jose, CA (US); Vinay Adavi, Sunnyvale, CA (US); and Satish M. Mohan, San Jose, CA (US)
Assigned to AIRGAP NETWORKS INC., Santa Clara, CA (US)
Filed by Airgap Networks Inc., Santa Clara, CA (US)
Filed on Aug. 15, 2022, as Appl. No. 17/888,422.
Application 17/888,422 is a continuation in part of application No. 17/521,092, filed on Nov. 8, 2021.
Application 17/521,092 is a continuation of application No. 17/357,757, filed on Jun. 24, 2021, granted, now 11,171,985, issued on Nov. 9, 2021.
Int. Cl. H04L 9/00 (2022.01); H04L 9/40 (2022.01); H04L 12/46 (2006.01)
CPC H04L 63/1466 (2013.01) [H04L 12/4641 (2013.01); H04L 63/1416 (2013.01)] 25 Claims
OG exemplary drawing
1. A method of preventing propagation of ransomware, comprising:
monitoring, by an extension to a web browser installed on an endpoint device, inbound connection requests to the endpoint device, the monitoring including monitoring for protocols vulnerable to ransomware attack; and
in response to detecting a vulnerable protocol, the extension of the web browser selecting, from a plurality of certificates for different ransomware threat levels, a certificate corresponding to a heightened ransomware risk level;
the extension to web browser providing the selected certificate to an identity provider during single-sign on authentication.