公开(公告)号：US20250071124A1

公开(公告)日：2025-02-27

申请号：US18236441

申请日：2023-08-22

Applicant: Sophos Limited

Inventor： NarendraKumar Shah ,  Deepak Kharpuriya ,  John Mears

IPC: H04L9/40 ,  H04L51/214

Abstract: Systems and methods for processing an electronic communication. The method may include receiving an electronic message including a first location indicator of a network resource, wherein the first location indicator has a first length and includes an identifier of a recipient of the electronic message, wherein the identifier indicates an action allowed to be performed by the recipient, and transforming the first location indicator into a second location indicator of the network resource, wherein the second location indicator has a second length that is less than the first length. The method may further include storing the first location indicator in a network accessible storage location and forwarding the second location indicator of the resource to a recipient to allow the recipient to automatically access the network resource and perform the allowed action upon providing an input with respect to the second location indicator.

公开(公告)号：US20240291839A1

公开(公告)日：2024-08-29

申请号：US18517321

申请日：2023-11-22

Applicant: Sophos Limited

Inventor： Vivek Rudraduttbhai Yagnik ,  John Mears ,  Rakesh Ghanshyamgiri Gauswami ,  Vishal Revabhai Prajapati

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/20

Abstract: Remote services, such as security services, are onboarded for a tenant in a multi-tenant environment, such as a cloud-based electronic mail tenant, by configuring the tenant to permit remote access to local resources used at the tenant to facilitate the remote security services. Mail flow rules associated with the multi-tenant environment govern how electronic mail is handled in the environment. For example, mail flow rules may be used to divert inbound and/or outbound electronic mail through a mail security service. Changes to the mail flow rules are monitored and analyzed to determine whether such changes are valid (e.g., not unsafe or tampered with) to support secure management of electronic mail traffic. If a change to a mail flow rule is determined to not be valid, an action may be performed, such as deleting, disabling, or reverting the change.

公开(公告)号：US11916858B1

公开(公告)日：2024-02-27

申请号：US17958046

申请日：2022-09-30

Applicant: Sophos Limited

Inventor： John Mears ,  Brett Hunter Cove

IPC: H04L51/214 ,  H04L51/212 ,  H04L61/5061 ,  H04L9/40 ,  H04L51/224

CPC classification number: H04L51/214 ,  H04L51/212 ,  H04L51/224 ,  H04L61/5061 ,  H04L63/10 ,  H04L2463/082

Abstract: A method for mitigating outbound electronic message spam includes determining whether an outbound electronic message to a recipient sent from an electronic messaging account of a sender has at least a predetermined number of indicators of compromise. The outbound electronic message is sent to the recipient using an IP address from a first pool of service delivery IP addresses based on a determination that the message has less than the predetermined number of indicators of compromise. The outbound electronic message is sent to the recipient using an IP address from a second pool of service delivery IP addresses based on a determination that the message has at least the predetermined number of indicators of compromise. The method may further include providing a notification of a possible compromise of the electronic messaging account and the notification may include a request to modify a security feature of the electronic messaging account.

公开(公告)号：US12238121B2

公开(公告)日：2025-02-25

申请号：US17708825

申请日：2022-03-30

Applicant: SOPHOS LIMITED

Inventor： John Mears

IPC: H04L9/40 ,  H04L51/21 ,  H04L51/212 ,  H04L51/224 ,  H04L51/42

Abstract: A computer-implemented method includes generating behavior patterns based on historical behavior of a plurality of emails. The method further includes receiving an email message from a sender, wherein the email message is withheld from delivery to a recipient. The method further includes extracting a plurality of features from the email message. The method further includes determining whether content of the email message matches at least one criterion for suspicious content. The method further includes determining a reputation score associated with the sender based on a comparison of the extracted features with the behavior patterns, wherein the extracted features include an identity of the sender. The method further includes responsive to the content of the email message not matching the at least one criterion for suspicious content and the reputation score meeting a reputation threshold, delivering the email message to the recipient.

公开(公告)号：US20230319065A1

公开(公告)日：2023-10-05

申请号：US17708825

申请日：2022-03-30

Applicant: SOPHOS LIMITED

Inventor： John Mears

IPC: H04L9/40 ,  H04L51/42 ,  H04L51/00

CPC classification number: H04L63/1416 ,  H04L51/22 ,  H04L51/12

Abstract: A computer-implemented method includes generating behavior patterns based on historical behavior of a plurality of emails. The method further includes receiving an email message from a sender, wherein the email message is withheld from delivery to a recipient. The method further includes extracting a plurality of features from the email message. The method further includes determining whether content of the email message matches at least one criterion for suspicious content. The method further includes determining a reputation score associated with the sender based on a comparison of the extracted features with the behavior patterns, wherein the extracted features include an identity of the sender. The method further includes responsive to the content of the email message not matching the at least one criterion for suspicious content and the reputation score meeting a reputation threshold, delivering the email message to the recipient.

公开(公告)号：US20250148074A1

公开(公告)日：2025-05-08

申请号：US18503920

申请日：2023-11-07

Applicant: SOPHOS LIMITED

Inventor： John Mears ,  Balakrishnan Rajkumar

IPC: G06F21/55

Abstract: A computer-implemented method includes receiving an email for processing. The method further includes prior to delivering the email, providing the email to a set of scanners, wherein one or more of the scanners are associated with a respective type of content and are configured to detect whether the email includes the respective type of content. The method further includes receiving, from the set of scanners, an identification of a plurality of types of content in the email. The method further includes for each type of content in the email providing the email to a user of a particular role, wherein users of the particular role are authorized to review the type of content and receiving, from the user, approval of the email for the type of content. The method further includes responsive to the email being approved for each type of content, delivering the email to a recipient.

公开(公告)号：US20240364651A1

公开(公告)日：2024-10-31

申请号：US18308560

申请日：2023-04-27

Applicant: SOPHOS LIMITED

Inventor： John Mears

IPC: H04L51/212 ,  G06F21/56

CPC classification number: H04L51/212 ,  G06F21/566

Abstract: A computer-implemented method includes sending email scan requests to an email scanner. The method further includes receiving, from the email scanner, a verdict of suspicion and one or more data fragments. The method further includes storing the one or more data fragments for each email of the plurality of emails in a datastore. The method further includes receiving a new email. The method further includes deriving one or more new keys for the new email. The method further includes retrieving one or more matching data fragments from the datastore by matching the one or more new keys with the one or more keys stored in the datastore. The method further includes providing, to the email scanner, the new email and the one or more matching data fragments. The method further includes receiving a new verdict of suspicion and one or more new data fragments.

公开(公告)号：US20240291789A1

公开(公告)日：2024-08-29

申请号：US18517202

申请日：2023-11-22

Applicant: Sophos Limited

Inventor： Vivek Rudraduttbhai Yagnik ,  John Mears

IPC: H04L51/214 ,  G06Q10/107 ,  H04L9/40

CPC classification number: H04L51/214 ,  G06Q10/107 ,  H04L63/0807 ,  H04L63/0823 ,  H04L63/20

Abstract: Remote services, such as security services, are onboarded for a tenant in a multi-tenant environment, such as a cloud-based electronic mail tenant, by configuring the tenant to permit remote access to local resources used at the tenant to facilitate the remote security services. As a significant advantage, this permits use of the remote security services with cloud-based enterprise resources hosted on the tenant, e.g., an enterprise mail server handling inbound and/or outbound electronic mail traffic, without requiring changes to the tenant's network configuration. As an additional advantage, security risks associated with the remote access may be confined to the specific tenant in the multi-tenant environment by creating a unique key for exchanging data between the tenant and the remote security services.