Symantec Corporation is an American technology company headquartered in Mountain View, California, United States. The company makes security, storage, backup and availability software and offers professional services to support its software. It is a Fortune 500 company and a member of the S&P 500 stock market index.Symantec is the most used certificate authority according to W3Techs.On October 9, 2014, Symantec declared that the company would separate into two independent publicly traded companies by the end of 2015. One company would focus on security while the other on information management.On January 28, 2015, the new name for the Information Management business is revealed to be Veritas, the same as it was before its acquisition. Wikipedia.
Symantec | Date: 2016-11-03
A non-transitory computer readable storage medium, comprising executable instructions to collect network traffic data, produce a Fourier signature from the network traffic data, associate the Fourier signature with a known pattern, collect new network traffic data, produce a new Fourier signature from the new network traffic data, compare the new Fourier signature with the Fourier signature to selectively identify a match and associate the new network traffic data with the known pattern upon a match.
Symantec | Date: 2016-11-22
A security gateway appliance is configured to evaluate network traffic according to security rules that classify traffic flows according to specifically identified application programs responsible for producing and/or consuming the network traffic and to enforce policies in accordance with network traffic classifications. The appliance includes an on-box anti-virus/anti-malware engine, on-box data loss prevention engine and on-box authentication engine. One or more of these engines is informed by an on-box dynamic real tie rating system that allows for determined levels of scrutiny to be paid to the network traffic. Security gateways of this type can be clustered together to provide a set of resources for one or more networks, and in some instances as the backbone of a cloud-based service.
Symantec | Date: 2015-09-10
Various systems, methods, and processes for optimizing access to production data in application development and testing environments are disclosed. If an input/output (I/O) operation is a read operation, a storage location on a virtual storage unit at which the read operation is to be performed is determined. Also determined is whether an earlier write operation was performed at the storage location. If an earlier write operation was performed at the storage location, the read operation is performed on one or more virtual data files. However, if the earlier write operation was not performed at the storage location, the read operation is performed on allocated storage space.
Symantec | Date: 2015-08-11
The disclosed computer-implemented method for detecting unknown vulnerabilities in computing processes may include (1) monitoring a computing environment that facilitates execution of a computing process by logging telemetry data related to the computing process while the computing process is running within the computing environment, (2) determining that the computing process crashed while running within the computing environment, (3) searching the telemetry data for evidence of any vulnerabilities that potentially led the computing process to crash while running within the computing environment, (4) identifying, while searching the telemetry data, evidence of at least one vulnerability of the computing process that is not yet known to exist within the computing process and then in response to identifying the evidence of the computing processs vulnerability, (5) performing at least one security action to hinder any potentially malicious exploitation of the computing processs vulnerability. Various other methods, systems, and computer-readable media are also disclosed.
Symantec | Date: 2015-09-17
The disclosed computer-implemented method for provisioning frequently used image segments from caches may include (1) storing a representation and a use counter for an image segment that is hosted on a storage system in a list of representations and use counters for image segments hosted on the storage system, (2) incrementing a current value of the use counter for the image segment in the list of representations and use counters each time the image segment is provisioned from the storage system, (3) determining that the current value of the use counter for the image segment has met a predetermined threshold for frequent image-segment provisioning, (4) hosting the image segment in a cache that enables quicker provisioning than the storage system enables, and (5) provisioning the image segment from the cache in response to a request to provision the image segment. Various other methods, systems, and computer-readable media are also disclosed.
Symantec | Date: 2015-09-22
In one embodiment, a device in a network intercepts webpage data sent by one or more servers for presentation in a browser application. The device identifies undesirable code in the intercepted webpage data based on one or more rules. The device modifies the webpage data to alter functionality of the undesirable code. The device provides the modified webpage data to the browser application.
Symantec | Date: 2017-01-04
A computer-implemented method for optimizing scans of pre-installed applications may include (1) identifying, on a client device, a plurality of applications that are subject to scan-based assessments, (2) determining that the plurality of applications were pre-installed on the client device via a system image for the client device, (3) generating a fingerprint that represents the system image, and (4) fulfilling the scan-based assessments for the plurality of applications by transmitting the fingerprint that represents the system image to an assessment server and receiving, in response, an assessment of the system image. Various other methods, systems, and computer-readable media are also disclosed.
Symantec | Date: 2017-02-08
A computer-implemented method for identifying a source of a suspect event is described. In one embodiment, system events may be registered in a database. A suspicious event associated with a first process may be detected and the first process may be identified as being one of a plurality of potential puppet processes. The registered system events in the database may be queried to identify a second process, where the second process is detected as launching the first process.
Symantec | Date: 2016-09-19
A method for detecting loss of sensitive information in partial data streams may include identifying partial data streams containing segments lost while capturing network traffic at a network computing device, determining characteristics of content of the partial data streams, padding content portions of the lost segments in the partial data streams, and scanning the partial data streams for sensitive information according to at least one data loss prevention (DLP) policy.
Symantec | Date: 2016-02-08
A method to identify machines infected by malware is provided. The method includes determining whether a universal resource locator in a network request is present in a first cache and determining whether a fully qualified domain name from the uniform resource locator is present in a second cache. The method includes evaluating a parent hostname as to suspiciousness. The method includes indicating the computing device has a likelihood of infection, responsive to one of: the universal resource locator being present in the first cache with a first indication of suspiciousness, the fully qualified domain name being present in the second cache with a second indication of suspiciousness, or the evaluating the parent hostname having a third indication of suspiciousness, wherein at least one method operation is performed by the processor. A system and computer readable media are provided.