Patents Assigned to NetWitness Corporation
-
Publication number: 20100281543Abstract: Systems and methods for sensitive data remediation include calculating a Probability of Loss of data on a given computer based on measures of control, integrity, and potential avenues of exploitation of the given computer, determining an Impact of Loss of the data on the given computer based on a type, volume, and nature of the data, and correlating the Probability of Loss with the Impact of Loss to generate a risk score for the given computer that can be compared to other computers in the network. The computers with higher risk scores can then be subjected to data remediation activity.Type: ApplicationFiled: April 16, 2010Publication date: November 4, 2010Applicant: NETWITNESS CORPORATIONInventors: Gary J. Golomb, Kevin T. Douglas, Brian P. Girardi
-
Publication number: 20100046391Abstract: A system for, and method of, extracting information from multiple sessions and in accordance with disparate protocols, and transforming the same into a common language. Packets are collected by packet collectors distributed throughout a network and those packets, and/or metadata relating to those packets, are passed to an aggregator, which is made available via an application program interface to users/applications.Type: ApplicationFiled: October 23, 2009Publication date: February 25, 2010Applicant: NETWITNESS CORPORATIONInventors: Todd A. Moore, Mark E. Longworth, Brian Girardi, Damon Love
-
Publication number: 20100027430Abstract: A system for, and method of, extracting information from multiple sessions and in accordance with disparate protocols, and transforming the same into a common language. Packets are collected by packet collectors distributed throughout a network and those packets, and/or metadata relating to those packets, are passed to an aggregator, which is made available via an application program interface to users/applications.Type: ApplicationFiled: September 4, 2007Publication date: February 4, 2010Applicant: NETWITNESS CORPORATIONInventors: Todd Moore, Scott Moore, Erin Washington, Timothy Menninger, Brian Girardi
-
Publication number: 20100002704Abstract: Systems and methods for performing customizable analysis of a communication session between two entities includes loading predetermined first parser definitions, stored as at least one binary file, receiving second parser definitions in a form other than a binary file form, after the first parser definitions are already operating, loading and compiling the second parser definitions, and applying the first and second parser definitions to a communication session, wherein the first parser definitions identify standard components of the communication session and the second parser definitions are customizable and identify non-standard components of the communication session.Type: ApplicationFiled: June 30, 2009Publication date: January 7, 2010Applicant: NETWITNESS CORPORATIONInventors: Todd A. Moore, Timothy J. Menninger, Edward G. Quackenbush
-
Patent number: 7634557Abstract: A system for and method of extracting information from multiple sessions of disparate protocols into a common language is disclosed. A method of creating a record conforming to an event-based language is also disclosed. A system configured to create a record conforming to an event-based language is also disclosed.Type: GrantFiled: April 29, 2002Date of Patent: December 15, 2009Assignee: NetWitness CorporationInventors: Todd A. Moore, Mark E. Longworth, Brian Girardi, Damon Love
-
Publication number: 20090067443Abstract: A method of visualizing network data includes parsing a collection of packets in accordance with a set of categories related to characteristics of the collection of packets, the categories including listings of categorical elements, wherein at least some of the categorical elements are selectable by a user. When a categorical element is selected by a user, the collection of packets is filtered in accordance with the selected categorical element. Alongside each categorical element is a selectable count value that is indicative of the number of discrete communications sessions in which an associated categorical element is present in the collection of packets. When the count value is selected, a session view or views is/are created for each respective session, with content payload available for review and viewing.Type: ApplicationFiled: September 7, 2007Publication date: March 12, 2009Applicant: NETWITNESS CORPORATIONInventors: Todd Moore, Kenneth Buonforte, Brian Girardi, Matthew Mannarelli, Scott Moore