Symantec Corporation is an American technology company headquartered in Mountain View, California, United States. The company makes security, storage, backup and availability software and offers professional services to support its software. It is a Fortune 500 company and a member of the S&P 500 stock market index.Symantec is the most used certificate authority according to W3Techs.On October 9, 2014, Symantec declared that the company would separate into two independent publicly traded companies by the end of 2015. One company would focus on security while the other on information management.On January 28, 2015, the new name for the Information Management business is revealed to be Veritas, the same as it was before its acquisition. Wikipedia.
Symantec | Date: 2016-11-03
A non-transitory computer readable storage medium, comprising executable instructions to collect network traffic data, produce a Fourier signature from the network traffic data, associate the Fourier signature with a known pattern, collect new network traffic data, produce a new Fourier signature from the new network traffic data, compare the new Fourier signature with the Fourier signature to selectively identify a match and associate the new network traffic data with the known pattern upon a match.
Symantec | Date: 2016-11-22
A security gateway appliance is configured to evaluate network traffic according to security rules that classify traffic flows according to specifically identified application programs responsible for producing and/or consuming the network traffic and to enforce policies in accordance with network traffic classifications. The appliance includes an on-box anti-virus/anti-malware engine, on-box data loss prevention engine and on-box authentication engine. One or more of these engines is informed by an on-box dynamic real tie rating system that allows for determined levels of scrutiny to be paid to the network traffic. Security gateways of this type can be clustered together to provide a set of resources for one or more networks, and in some instances as the backbone of a cloud-based service.
Symantec | Date: 2015-11-12
The disclosed computer-implemented method for improving the efficiency of point-in- time representations of databases may include (1) identifying a database that includes (A) one or more utilized storage locations that store substantive data and (B) one or more empty storage locations that are not currently storing any substantive data, (2) creating a point-in-time representation of the database by (A) identifying the empty storage locations and (B) flagging the empty storage locations in connection with the point-in-time representation of the database, (3) detecting a request to write certain substantive data to at least one of the empty storage locations, and then in response to detecting the request, (4) satisfying the request while refraining from performing a copy-on-write operation on the empty storage location due at least in part to the empty storage location not currently storing any substantive data. Various other methods, systems, and computer-readable media are also disclosed.
Symantec | Date: 2015-11-20
The present disclosure relates to using reputation information (e.g., of applications, libraries, network destinations, etc.) in a data loss prevention system. According to one embodiment, a computer system (e.g., an endpoint or server system) identifies a first application requesting to access a file accessible through the computer system. The DLP system present on the computer system determines a reputation associated with the first application. The DLP system may determine reputation from information stored locally on the computer system or from a reputation service in the cloud. If the reputation information indicates that the first application is trusted, the computer system allows the first application to access the file, subject to a data loss prevention (DLP) policy. If, however, the reputation information indicates that the first application is untrusted, the computer system blocks access to the file.
Symantec | Date: 2015-09-10
Various systems, methods, and processes for optimizing access to production data in application development and testing environments are disclosed. If an input/output (I/O) operation is a read operation, a storage location on a virtual storage unit at which the read operation is to be performed is determined. Also determined is whether an earlier write operation was performed at the storage location. If an earlier write operation was performed at the storage location, the read operation is performed on one or more virtual data files. However, if the earlier write operation was not performed at the storage location, the read operation is performed on allocated storage space.
Symantec | Date: 2015-08-11
The disclosed computer-implemented method for detecting unknown vulnerabilities in computing processes may include (1) monitoring a computing environment that facilitates execution of a computing process by logging telemetry data related to the computing process while the computing process is running within the computing environment, (2) determining that the computing process crashed while running within the computing environment, (3) searching the telemetry data for evidence of any vulnerabilities that potentially led the computing process to crash while running within the computing environment, (4) identifying, while searching the telemetry data, evidence of at least one vulnerability of the computing process that is not yet known to exist within the computing process and then in response to identifying the evidence of the computing processs vulnerability, (5) performing at least one security action to hinder any potentially malicious exploitation of the computing processs vulnerability. Various other methods, systems, and computer-readable media are also disclosed.
Symantec | Date: 2015-09-17
The disclosed computer-implemented method for provisioning frequently used image segments from caches may include (1) storing a representation and a use counter for an image segment that is hosted on a storage system in a list of representations and use counters for image segments hosted on the storage system, (2) incrementing a current value of the use counter for the image segment in the list of representations and use counters each time the image segment is provisioned from the storage system, (3) determining that the current value of the use counter for the image segment has met a predetermined threshold for frequent image-segment provisioning, (4) hosting the image segment in a cache that enables quicker provisioning than the storage system enables, and (5) provisioning the image segment from the cache in response to a request to provision the image segment. Various other methods, systems, and computer-readable media are also disclosed.
Symantec | Date: 2015-09-22
In one embodiment, a device in a network intercepts webpage data sent by one or more servers for presentation in a browser application. The device identifies undesirable code in the intercepted webpage data based on one or more rules. The device modifies the webpage data to alter functionality of the undesirable code. The device provides the modified webpage data to the browser application.
Symantec | Date: 2016-09-19
A method for detecting loss of sensitive information in partial data streams may include identifying partial data streams containing segments lost while capturing network traffic at a network computing device, determining characteristics of content of the partial data streams, padding content portions of the lost segments in the partial data streams, and scanning the partial data streams for sensitive information according to at least one data loss prevention (DLP) policy.
Symantec | Date: 2016-02-08
A method to identify machines infected by malware is provided. The method includes determining whether a universal resource locator in a network request is present in a first cache and determining whether a fully qualified domain name from the uniform resource locator is present in a second cache. The method includes evaluating a parent hostname as to suspiciousness. The method includes indicating the computing device has a likelihood of infection, responsive to one of: the universal resource locator being present in the first cache with a first indication of suspiciousness, the fully qualified domain name being present in the second cache with a second indication of suspiciousness, or the evaluating the parent hostname having a third indication of suspiciousness, wherein at least one method operation is performed by the processor. A system and computer readable media are provided.