The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 26, 2023
Filed:
Jul. 29, 2022
Palo Alto Networks, Inc., Santa Clara, CA (US);
Yanhui Jia, San Jose, CA (US);
Christian Elihu Navarrete Discua, San Jose, CA (US);
Durgesh Madhavrao Sangvikar, Sunnyvale, CA (US);
Ajaya Neupane, San Jose, CA (US);
Yu Fu, Campbell, CA (US);
Shengming Xu, San Jose, CA (US);
Palo Alto Networks, Inc., Santa Clara, CA (US);
Abstract
Techniques for Cobalt Strike Beacon HTTP C2 heuristic detection are disclosed. In some embodiments, a system/process/computer program product for Cobalt Strike Beacon HTTP C2 heuristic detection includes monitoring HyperText Transfer Protocol (HTTP) network traffic at a firewall; prefiltering the monitored HTTP network traffic at the firewall to select a subset of the HTTP network traffic to forward to a cloud security service; determining whether the subset of the HTTP network traffic is associated with Cobalt Strike Beacon HTTP C2 traffic activity based on a plurality of heuristics; and performing an action in response to detecting the Cobalt Strike Beacon HTTP C2 traffic activity.