SentinelOne. has been granted a patent for a real-time malware detection system that monitors program operations in a live environment. The method involves building stateful models, analyzing behaviors, and scoring them to determine the likelihood of malware presence based on identified behaviors. GlobalData’s report on SentinelOne gives a 360-degree view of the company including its patenting strategy. Buy the report here.
Smarter leaders trust GlobalData
According to GlobalData’s company profile on SentinelOne, was a key innovation area identified from patents. SentinelOne's grant share as of July 2024 was 57%. Grant share is based on the ratio of number of grants to total number of patents.
Real-time malware detection using behavior-based analysis
The patent US12026257B2 outlines a computer-implemented method and system for conducting behavior-based analysis of program execution within an operating system. The method involves monitoring operations performed by a program in a live environment through kernel filter drivers and callback functions. This monitoring encompasses both user space and kernel space operations. The system generates event data for each monitored operation, which is then normalized into a logical data structure for analysis. A stateful model is constructed based on this normalized data, featuring a hierarchical structure that links monitored operations through an event context. This context includes objects derived from the operations, parameters characterizing these objects, and relationships among them. The system analyzes the event context to identify behaviors related to the program execution and applies a scoring mechanism to assess the likelihood of malware presence based on these behaviors.
Additionally, the patent specifies that the system can update the stateful model in real-time in response to new events and can output representations of identified behaviors. It also allows for the storage of these behaviors in a behavioral profile database. The system may be cloud-based or distributed across multiple computers, and it is designed to operate concurrently with other programs in a live environment. Furthermore, the behaviors identified can be aggregated and analyzed to determine if the program execution exhibits characteristics of malware. This comprehensive approach aims to enhance the detection and analysis of potentially malicious activities within software applications.
To know more about GlobalData’s detailed insights on SentinelOne, buy the report here.
Data Insights
From
The gold standard of business intelligence.
Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.
GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.
GlobalData Patent Analytics tracks bibliographic data, legal events data, point in time patent ownerships, and backward and forward citations from global patenting offices. Textual analysis and official patent classifications are used to group patents into key thematic areas and link them to specific companies across the world’s largest industries.
