Patents by Inventor Daniel Salvatore Schiappa
Daniel Salvatore Schiappa has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11928231Abstract: An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.Type: GrantFiled: March 7, 2023Date of Patent: March 12, 2024Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11741222Abstract: Attachments or other documents can be transmitted to a sandbox environment where they can be concurrently opened for remote preview from an endpoint and scanned for possible malware. A gateway or other intermediate network element may enforce this process by replacing attachments, for example, in incoming electronic mail communications, with links to a document preview hosted in the sandbox environment.Type: GrantFiled: December 15, 2020Date of Patent: August 29, 2023Assignee: Sophos LimitedInventors: Ross McKerchar, John Edward Tyrone Shaw, Andrew J. Thomas, Russell Humphries, Kenneth D. Ray, Daniel Salvatore Schiappa
-
Publication number: 20230214514Abstract: An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.Type: ApplicationFiled: March 7, 2023Publication date: July 6, 2023Inventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Publication number: 20230185945Abstract: A threat management facility stores a number of entity models that characterize reportable events from one or more entities. A stream of events from compute instances within an enterprise network can then be analyzed using these entity models to detect behavior that is inconsistent or anomalous for one or more of the entities that are currently active within the enterprise network.Type: ApplicationFiled: January 13, 2023Publication date: June 15, 2023Inventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11657174Abstract: An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.Type: GrantFiled: June 24, 2021Date of Patent: May 23, 2023Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11599660Abstract: Entity models are used to evaluate potential risk of entities, either individually or in groups, in order to evaluate suspiciousness within an enterprise network. These individual or aggregated risk assessments can be used to adjust the security policy for compute instances within the enterprise network. A security policy may specify security settings such as network speed, filtering levels, network isolation, levels of privilege, and the like.Type: GrantFiled: July 13, 2021Date of Patent: March 7, 2023Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11562089Abstract: An interface for a threat management facility of an enterprise network supports the use of third-party security products within the enterprise network by providing access to relevant internal instrumentation and/or a programmatic interface for direct or indirect access to local security agents on compute instances within the enterprise network.Type: GrantFiled: April 12, 2019Date of Patent: January 24, 2023Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11562088Abstract: A security platform uses a sensor-event-analysis-response methodology to iteratively adapt to a changing security environment by continuously creating and updating entity models based on observed activities and detecting patterns of events that deviate from these entity models.Type: GrantFiled: April 12, 2019Date of Patent: January 24, 2023Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11556664Abstract: A threat management facility stores a number of entity models that characterize reportable events from one or more entities. A stream of events from compute instances within an enterprise network can then be analyzed using these entity models to detect behavior that is inconsistent or anomalous for one or more of the entities that are currently active within the enterprise network.Type: GrantFiled: April 12, 2019Date of Patent: January 17, 2023Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Publication number: 20220156399Abstract: A ledger stores chain of custody information for files throughout an enterprise network. By identifying files with a homologous identifier such as a fuzzy hash that permits piecewise evaluation of similarity, the ledger can be used to track a chain of custody over a sequence of changes in content, ownership, and file properties. The ledger can be used, e.g., to evaluate trustworthiness of a file the first time it is encountered by an endpoint, or to apply enterprise policies based on trust.Type: ApplicationFiled: February 4, 2022Publication date: May 19, 2022Inventors: Karl Ackerman, Russell Humphries, Daniel Salvatore Schiappa, Kenneth D. Ray, Andrew J. Thomas
-
Publication number: 20220131836Abstract: Threat detection instrumentation is simplified by providing and updating labels for computing objects in a context-sensitive manner. This may include simple labeling schemes to distinguish between objects, e.g., trusted/untrusted processes or corporate/private data. This may also include more granular labeling schemes such as a three-tiered scheme that identifies a category (e.g., financial, e-mail, game), static threat detection attributes (e.g., signatures, hashes, API calls), and explicit identification (e.g., what a file or process calls itself). By tracking such data for various computing objects and correlating these labels to malware occurrences, rules can be written for distribution to endpoints to facilitate threat detection based on, e.g., interactions of labeled objects, changes to object labels, and so forth.Type: ApplicationFiled: October 4, 2021Publication date: April 28, 2022Inventors: Andrew J. Thomas, Neil Robert Tyndale Watkiss, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11288385Abstract: A ledger stores chain of custody information for files throughout an enterprise network. By identifying files with a homologous identifier such as a fuzzy hash that permits piecewise evaluation of similarity, the ledger can be used to track a chain of custody over a sequence of changes in content, ownership, and file properties. The ledger can be used, e.g., to evaluate trustworthiness of a file the first time it is encountered by an endpoint, or to apply enterprise policies based on trust.Type: GrantFiled: October 19, 2018Date of Patent: March 29, 2022Assignee: Sophos LimitedInventors: Karl Ackerman, Russell Humphries, Daniel Salvatore Schiappa, Kenneth D. Ray, Andrew J. Thomas
-
Publication number: 20210342467Abstract: Entity models are used to evaluate potential risk of entities, either individually or in groups, in order to evaluate suspiciousness within an enterprise network. These individual or aggregated risk assessments can be used to adjust the security policy for compute instances within the enterprise network. A security policy may specify security settings such as network speed, filtering levels, network isolation, levels of privilege, and the like.Type: ApplicationFiled: July 13, 2021Publication date: November 4, 2021Inventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Publication number: 20210326467Abstract: An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.Type: ApplicationFiled: June 24, 2021Publication date: October 21, 2021Inventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11140130Abstract: Threat detection instrumentation is simplified by providing and updating labels for computing objects in a context-sensitive manner. This may include simple labeling schemes to distinguish between objects, e.g., trusted/untrusted processes or corporate/private data. This may also include more granular labeling schemes such as a three-tiered scheme that identifies a category (e.g., financial, e-mail, game), static threat detection attributes (e.g., signatures, hashes, API calls), and explicit identification (e.g., what a file or process calls itself). By tracking such data for various computing objects and correlating these labels to malware occurrences, rules can be written for distribution to endpoints to facilitate threat detection based on, e.g., interactions of labeled objects, changes to object labels, and so forth.Type: GrantFiled: September 27, 2018Date of Patent: October 5, 2021Assignee: Sophos LimitedInventors: Andrew J. Thomas, Neil Robert Tyndale Watkiss, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11087014Abstract: Entity models are used to evaluate potential risk of entities, either individually or in groups, in order to evaluate suspiciousness within an enterprise network. These individual or aggregated risk assessments can be used to adjust the security policy for compute instances within the enterprise network. A security policy may specify security settings such as network speed, filtering levels, network isolation, levels of privilege, and the like.Type: GrantFiled: April 12, 2019Date of Patent: August 10, 2021Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11068615Abstract: An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.Type: GrantFiled: April 12, 2019Date of Patent: July 20, 2021Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Publication number: 20210097171Abstract: Attachments or other documents can be transmitted to a sandbox environment where they can be concurrently opened for remote preview from an endpoint and scanned for possible malware. A gateway or other intermediate network element may enforce this process by replacing attachments, for example, in incoming electronic mail communications, with links to a document preview hosted in the sandbox environment.Type: ApplicationFiled: December 15, 2020Publication date: April 1, 2021Inventors: Ross McKerchar, John Edward Tyrone Shaw, Andrew J. Thomas, Russell Humphries, Kenneth D. Ray, Daniel Salvatore Schiappa
-
Patent number: 10965711Abstract: Threat detection instrumentation is simplified by providing and updating labels for computing objects in a context-sensitive manner. This may include simple labeling schemes to distinguish between objects, e.g., trusted/untrusted processes or corporate/private data. This may also include more granular labeling schemes such as a three-tiered scheme that identifies a category (e.g., financial, e-mail, game), static threat detection attributes (e.g., signatures, hashes, API calls), and explicit identification (e.g., what a file or process calls itself). By tracking such data for various computing objects and correlating these labels to malware occurrences, rules can be written for distribution to endpoints to facilitate threat detection based on, e.g., interactions of labeled objects, changes to object labels, and so forth.Type: GrantFiled: September 14, 2014Date of Patent: March 30, 2021Assignee: Sophos LimitedInventors: Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 10938781Abstract: An enterprise security system is improved by instrumenting endpoints to explicitly label network flows with cryptographically secure labels that identify an application or other source of each network flow. Cryptographic techniques may be used, for example, to protect the encoded information in the label from interception by third parties or to support cryptographic authentication of a source of each label. A label may provide health, status, or other heartbeat information for the endpoint, and may be used to identify compromised endpoints, to make routing decisions for network traffic (e.g., allowing, blocking, rerouting, etc.), to more generally evaluate the health of an endpoint that is sourcing network traffic, or for any other useful purpose.Type: GrantFiled: April 22, 2016Date of Patent: March 2, 2021Assignee: Sophos LimitedInventors: Daniel Salvatore Schiappa, Andrew J. Thomas, Kenneth D. Ray, Joseph H. Levy