Patents Assigned to Threat Stack, Inc.
-
Publication number: 20210184948Abstract: A method for cloud-based, control-plane-event monitoring includes receiving control-plane events from a cloud-based element associated with a first and a second cloud environment. The received control-plane events are ingested from the cloud-based elements associated with the first and second cloud environments to generate a multiple-source data set from the control-plane events from the cloud-based elements associated with the first and second cloud environments. The multiple-source data set is then evaluated based on attributes of the first and second cloud environments in order to generate a common event data set. The common event data set is then processed using a rule set to generate an outcome.Type: ApplicationFiled: February 15, 2021Publication date: June 17, 2021Applicant: Threat Stack, Inc.Inventors: Joe Baker, Ryan Plessner, Dan Weiss, Nick Goodwin, Laura Haiduck, Daniel Kirsch
-
Patent number: 10951496Abstract: A method for cloud-based, control-plane-event monitoring includes receiving control-plane events from a cloud-based element associated with a first and a second cloud environment. The received control-plane events are ingested from the cloud-based elements associated with the first and second cloud environments to generate a multiple-source data set from the control-plane events from the cloud-based elements associated with the first and second cloud environments. The multiple-source data set is then evaluated based on attributes of the first and second cloud environments in order to generate a common event data set. The common event data set is then processed using a rule set to generate an outcome.Type: GrantFiled: March 8, 2019Date of Patent: March 16, 2021Assignee: Threat Stack, Inc.Inventors: Joe Baker, Ryan Plessner, Dan Weiss, Nick Goodwin, Laura Haiduck, Daniel Kirsch
-
Publication number: 20210019423Abstract: A method for multi-source cloud-infrastructure vulnerability management includes receiving cloud-element information related to a cloud-based element in a cloud environment. The method also includes receiving first vulnerability information from a first vulnerability source and receiving second vulnerability information from a second vulnerability source. Cloud-element context information is also received about the cloud-based element from the cloud environment. A multiple-source vulnerability database is then generated from both the first vulnerability information and from the second vulnerability information. The cloud-element information and the cloud-element context information are then evaluated using the multiple-source vulnerability database to generate a vulnerability assessment.Type: ApplicationFiled: July 19, 2019Publication date: January 21, 2021Applicant: Threat Stack, Inc.Inventors: Lucas DuBois, Joseph Baker, Charles Hoang
-
Publication number: 20200404011Abstract: A cloud-based operating-system-event and data-access monitoring method includes collecting event information from a monitored cloud-based element. One or more structured event payloads based on the event information is then generated. The structured event payloads that produce one or more validated event collections are then validated. The one or more validated event collections are then serialized and filtered to remove redundant structured event payload data. The filtered validated structured event payloads are then de-serialized to produce a time-sequenced, ordered event stream. The time-sequenced, ordered event stream is de-duplicated to remove duplicate structured event payloads. The time-sequenced ordered event stream is then processed to generate processed information security results.Type: ApplicationFiled: August 31, 2020Publication date: December 24, 2020Applicant: Threat Stack, Inc.Inventors: Christopher Gervais, Sean T. Reed, Nicholas S. Goodwin, Joseph D. Baker, Samuel Bisbee-vonKaufmann, Nathan D. Cooprider, David C. Hagman, Lucas M. Dubois, Jennifer A. Andre
-
Patent number: 10791134Abstract: A cloud-based operating-system-event and data-access monitoring method includes collecting event information from a monitored cloud-based element. One or more structured event payloads based on the event information is then generated. The structured event payloads that produce one or more validated event collections are then validated. The one or more validated event collections are then serialized and filtered to remove redundant structured event payload data. The filtered validated structured event payloads are then de-serialized to produce a time-sequenced, ordered event stream. The time-sequenced, ordered event stream is de-duplicated to remove duplicate structured event payloads. The time-sequenced ordered event stream is then processed to generate processed information security results.Type: GrantFiled: December 19, 2017Date of Patent: September 29, 2020Assignee: Threat Stack, Inc.Inventors: Christopher Gervais, Sean T. Reed, Nicholas S. Goodwin, Joseph D. Baker, Samuel Bisbee-vonKaufmann, Nathan D. Cooprider, David G. Hagman, Lucas M. Dubois, Jennifer A. Andre
-
Publication number: 20200204465Abstract: A method for cloud-based, control-plane-event monitoring includes receiving control-plane events from a cloud-based element associated with a first and a second cloud environment. The received control-plane events are ingested from the cloud-based elements associated with the first and second cloud environments to generate a multiple-source data set from the control-plane events from the cloud-based elements associated with the first and second cloud environments. The multiple-source data set is then evaluated based on attributes of the first and second cloud environments in order to generate a common event data set. The common event data set is then processed using a rule set to generate an outcome.Type: ApplicationFiled: March 8, 2019Publication date: June 25, 2020Applicant: Threat Stack, Inc.Inventors: Joe Baker, Ryan Plessner, Dan Weiss, Nick Goodwin, Laura Haiduck, Daniel Kirsch
-
Publication number: 20180176244Abstract: A cloud-based operating-system-event and data-access monitoring method includes collecting event information from a monitored cloud-based element. One or more structured event payloads based on the event information is then generated. The structured event payloads that produce one or more validated event collections are then validated. The one or more validated event collections are then serialized and filtered to remove redundant structured event payload data. The filtered validated structured event payloads are then de-serialized to produce a time-sequenced, ordered event stream. The time-sequenced, ordered event stream is de-duplicated to remove duplicate structured event payloads. The time-sequenced ordered event stream is then processed to generate processed information security results.Type: ApplicationFiled: December 19, 2017Publication date: June 21, 2018Applicant: Threat Stack, Inc.Inventors: Christopher Gervais, Sean T. Reed, Nicholas S. Goodwin, Joseph D. Baker, Samuel Bisbee-vonKaufmann, Nathan D. Cooprider, David G. Hagman, Lucas M. Dubois, Jennifer A. Andre