	US 12,443,707 B2
	Trust-based workspace instantiation
Girish S. Dhoble, Austin, TX (US); Nicholas D. Grobelny, Evergreen, CO (US); and David Konetski, Austin, TX (US)
Assigned to Dell Products L.P., Round Rock, TX (US)
Filed by Dell Products L.P., Round Rock, TX (US)
Filed on Jul. 22, 2022, as Appl. No. 17/870,912.
Prior Publication US 2024/0028713 A1, Jan. 25, 2024
Int. Cl. G06F 21/00 (2013.01); G06F 21/55 (2013.01); G06F 21/56 (2013.01)

CPC G06F 21/554 (2013.01) [G06F 21/552 (2013.01); G06F 21/568 (2013.01)]

20 Claims

1. A method for detecting suspicious computer behavior, the method comprising:

collecting, by each one of a plurality of client endpoint computers, security context information for the associated client endpoint computer;

providing, by each one of the client endpoint computers, the security context information to an information handling system;

generating, by the information handling system, a plurality of workspaces, each workspace being associated with a particular one of the client endpoint computers based on the associated client endpoint computer's associated security context information;

receiving a first workspace instantiation event log from a first one of the client endpoint computers, the first workspace instantiation event log describing historical workspace events associated with a first one of the workspaces associated with the first client endpoint computer, wherein the historical workspace events include a record of workspace instantiations attempted for the first workspace;

inferring the suspicious computer behavior based on the first workspace instantiation event log; and

in response to the inferring of the suspicious computer behavior, terminating a first workspace instantiation associated with the first workspace.