Patents by Inventor Andrew Sandoval
Andrew Sandoval has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230160860Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: ApplicationFiled: January 24, 2023Publication date: May 25, 2023Inventor: Andrew Sandoval
-
Patent number: 11593473Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: GrantFiled: April 12, 2021Date of Patent: February 28, 2023Assignee: Webroot Inc.Inventor: Andrew Sandoval
-
Publication number: 20220303136Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.Type: ApplicationFiled: June 9, 2022Publication date: September 22, 2022Inventors: Andrew Sandoval, Eric Klonowski
-
Patent number: 11443032Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: GrantFiled: November 3, 2020Date of Patent: September 13, 2022Assignee: WEBROOT INC.Inventor: Andrew Sandoval
-
Patent number: 11438159Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.Type: GrantFiled: June 17, 2020Date of Patent: September 6, 2022Assignee: Webroot Inc.Inventors: Andrew Sandoval, Eric Klonowski
-
Publication number: 20220129562Abstract: Examples of the present disclosure describe systems and methods for exploit detection via induced exceptions. One embodiment of a method can include generating an inspection point, the inspection point causing an exception when a set of software instructions encounters the inspection point during an execution of the set of software instructions by a processor, registering an exception handler to handle the exception associated with by the inspection point; receiving, in response to the set of software instructions encountering the inspection point, an indication of an exception, accessing a context record associated with the execution of the set of software instructions, evaluating the context record to determine if an exploit is present using the first reputation information, and based on a determination that an exploit is present, performing a corrective action for the exploit.Type: ApplicationFiled: November 1, 2021Publication date: April 28, 2022Inventor: Andrew Sandoval
-
Publication number: 20210232675Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: ApplicationFiled: April 12, 2021Publication date: July 29, 2021Inventor: Andrew Sandoval
-
Publication number: 20210049262Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: ApplicationFiled: November 3, 2020Publication date: February 18, 2021Inventor: Andrew Sandoval
-
Publication number: 20200382302Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.Type: ApplicationFiled: June 17, 2020Publication date: December 3, 2020Inventors: ANDREW SANDOVAL, Eric Klonowski
-
Patent number: 10853480Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: GrantFiled: April 13, 2018Date of Patent: December 1, 2020Assignee: Webroot Inc.Inventor: Andrew Sandoval
-
Patent number: 10728034Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.Type: GrantFiled: February 23, 2018Date of Patent: July 28, 2020Assignee: WEBROOT INC.Inventors: Andrew Sandoval, Eric Klonowski
-
Publication number: 20190318080Abstract: Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.Type: ApplicationFiled: April 13, 2018Publication date: October 17, 2019Applicant: Webroot Inc.Inventor: Andrew Sandoval
-
Publication number: 20190268152Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.Type: ApplicationFiled: February 23, 2018Publication date: August 29, 2019Applicant: Webroot Inc.Inventors: Andrew Sandoval, Eric Klonowski
-
Patent number: 8990685Abstract: A system and a method for loading and displaying content from a plurality of content sources on a user computer is disclosed. The content is placed on a web document having a first web page and at least one other web page. The contents in the first web page are loaded and displayed on the user computer and the contents of the other web pages are loaded in cache and displayed on the first web page after the contents have been fully loaded.Type: GrantFiled: March 31, 2006Date of Patent: March 24, 2015Assignee: United Services Automobile Association (USAA)Inventors: Christopher Andrew Sandoval, Lee William Fastenau
-
Patent number: 8667563Abstract: When a user successfully authenticates into a website associated with an institution system, a cookie may be created and set on the web browser, and cookie information and additional information such as the associated internet protocol (IP) address or network interface card (NIC) identifier may be stored at the institution system. Later, when the user accesses the website again, the website may use the cookie, the cookie information, and additional information such as the stored IP address or NIC identifier to identify the user. After the user is identified, one or more pages of content may be personalized to the user, and provided to the user via the user's computing device.Type: GrantFiled: October 5, 2007Date of Patent: March 4, 2014Assignee: United Services Automobile Association (USAA)Inventor: Christopher Andrew Sandoval
-
Patent number: 8615554Abstract: An electronic communication such as electronic mail (email) may be sent to a recipient through a network and may be monitored for delivery success. The email may contain information regarding generation and delivery of a physical document to the recipient. If the email is not delivered to the recipient's electronic address or is not opened by the recipient, a physical document may be generated and delivered to the recipient's physical address.Type: GrantFiled: April 16, 2008Date of Patent: December 24, 2013Assignee: United Services Automobile Association (USAA)Inventors: Linda Giessel King, Christopher Andrew Sandoval
-
Patent number: D842948Type: GrantFiled: November 16, 2017Date of Patent: March 12, 2019Assignee: Custom Indoor Cycles, LLCInventor: Andrew Sandoval
-
Patent number: D846668Type: GrantFiled: November 16, 2017Date of Patent: April 23, 2019Assignee: Custom Indoor Cycles, LLCInventor: Andrew Sandoval
-
Patent number: D854638Type: GrantFiled: October 17, 2018Date of Patent: July 23, 2019Assignee: Custom Indoor Cycles, LLCInventor: Andrew Sandoval
-
Patent number: D875855Type: GrantFiled: May 21, 2019Date of Patent: February 18, 2020Assignee: Custom Indoor Cycles, LLCInventor: Andrew Sandoval