US 12,111,927 B2
Use of an application controller to monitor and control software file and application environments
Andrew J. Thomas, Oxfordshire (GB)
Assigned to Sophos Limited, Abingdon (GB)
Filed by Sophos Limited, Abingdon (GB)
Filed on Jul. 26, 2023, as Appl. No. 18/359,283.
Application 18/359,283 is a continuation of application No. 17/592,996, filed on Feb. 4, 2022, granted, now 11,714,902.
Application 17/592,996 is a continuation of application No. 16/692,599, filed on Nov. 22, 2019, granted, now 11,244,049, issued on Feb. 8, 2022.
Application 16/692,599 is a continuation of application No. 15/729,306, filed on Oct. 10, 2017, granted, now 10,515,211, issued on Dec. 24, 2019.
Application 15/729,306 is a continuation of application No. 15/194,847, filed on Jun. 28, 2016, granted, now 9,852,292, issued on Dec. 26, 2017.
Application 15/194,847 is a continuation of application No. 12/751,087, filed on Mar. 31, 2010, granted, now 9,390,263, issued on Jul. 12, 2016.
Prior Publication US 2024/0143754 A1, May 2, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/56 (2013.01); G06F 21/62 (2013.01); H04L 9/40 (2022.01)
CPC G06F 21/56 (2013.01) [G06F 21/62 (2013.01); H04L 63/107 (2013.01); H04L 63/1408 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for operating an application controller on an endpoint in an enterprise network, the method comprising:
in response to a selection of a file, determining at least one access and security parameter for the file;
selecting a secure software application from a number of software applications on the endpoint suitable for opening the file based on a security configuration according to the at least one access and security parameter, wherein the secure software application includes a secure application for opening the file when the file has a poor or unknown reputation, and wherein the secure software application limits access by the file to resources of an environment of the endpoint more than one or more other files with a good reputation;
launching the selected software application to open the file and access the file in accordance with the security configuration;
controlling a use of the file by the secure software application in a test mode to require that the use of the file is in accord with the at least one access and security parameter for the file;
receiving an update to a reputation of the file; and
in response to the update, permitting a user to escalate the use of the file by the secure software application from the test mode to an insecure mode by providing the secure software application with access to additional resources of the endpoint based on the reputation of the file.