18493437. IDENTIFICATION OF THREATS VIA TLS CERTIFICATE ANALYSIS (Arista Networks, Inc.)
IDENTIFICATION OF THREATS VIA TLS CERTIFICATE ANALYSIS
Organization Name
Inventor(s)
Niranjan Kiran Kumar Dhurjaty of Bangalore IN
John Joseph Malinka of Lynbrook NY US
Gary Joshua Golomb of Los Gatos CA US
IDENTIFICATION OF THREATS VIA TLS CERTIFICATE ANALYSIS
This abstract first appeared for US patent application 18493437 titled 'IDENTIFICATION OF THREATS VIA TLS CERTIFICATE ANALYSIS
Original Abstract Submitted
Systems, methods and products for using context-based analyses of information obtained from certificates contained in the TLS handshakes of network communications in order to identify anomalies in the information and detect threats based on the identified anomalies. In one embodiment, a method for detecting threats in network communications includes obtaining static context data associated with the network. A first network communication transmitted via a network is obtained. A certificate is obtained from a TLS handshake of the first network communication and the certificate is parsed to obtain corresponding certificate field values. One or more analyses of the certificate field values are performed against the static context data and, in response to the analyses resulting in detection of a threat, one or more actions are taken based on the analyses.