Patents by Inventor Oliver FRIEDRICH
Oliver FRIEDRICH has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20190014144Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.Type: ApplicationFiled: August 21, 2018Publication date: January 10, 2019Inventors: Sourabh SATISH, Oliver FRIEDRICHS, Atif MAHADIK, Govind SALINAS
-
Publication number: 20190007448Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.Type: ApplicationFiled: August 21, 2018Publication date: January 3, 2019Inventors: Sourabh SATISH, Oliver FRIEDRICHS, Atif MAHADIK, Govind SALINAS
-
Patent number: 10158663Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.Type: GrantFiled: September 8, 2017Date of Patent: December 18, 2018Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20180339293Abstract: The present invention relates to a fast, simple and very sensitive method for the detection of bacteria, comprising the steps of providing one or more suspensions each comprising at least one species of labeled test bacteriophages which specifically bind to a bacterial species to be detected; adding a sample to be tested for the presence of at least one bacterial species to be detected to the one or more suspensions; filtering the reaction mixture; detecting bacteria-bacteriophages-complexes on the surface of the filter in the retentate, provided that at least one bacterial species to be detected is present, wherein the complexes consist of bacteria of the at least one bacterial species to be detected and test bacteriophages of the at least one species of test bacteriophages bound thereto; detecting unbound test bacteriophages in the filtrate; processor-aided processing of received detection signals and output of detection results.Type: ApplicationFiled: November 18, 2016Publication date: November 29, 2018Applicants: SINAMIRA AG, FRIEDRICH-ALEXANDER-UNIVERSITAT ERLANGEN-NURNBERGInventors: Walter MIEDL, Oliver FRIEDRICH, Daniel GILBERT
-
Publication number: 20180332074Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.Type: ApplicationFiled: July 23, 2018Publication date: November 15, 2018Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20180316718Abstract: Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.Type: ApplicationFiled: March 19, 2018Publication date: November 1, 2018Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 10116687Abstract: Systems, methods, and software described herein provide for managing service level agreements (SLAs) for security incidents in a computing environment. In one example, an advisement system identifies a rule set for a security incident based on enrichment information obtained for the security incident, wherein the rule set is associated with action recommendations to be taken against the incident. The advisement system further identifies a default SLA for the security incident based on the rule set, and obtains environmental characteristics related to the security incident. Based on the environmental characteristics, the advisement system determines a modified SLA for the security incident.Type: GrantFiled: December 18, 2017Date of Patent: October 30, 2018Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 10063587Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.Type: GrantFiled: December 2, 2015Date of Patent: August 28, 2018Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20180159893Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.Type: ApplicationFiled: February 1, 2018Publication date: June 7, 2018Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20180124100Abstract: Systems, methods, and software described herein provide for managing service level agreements (SLAs) for security incidents in a computing environment. In one example, an advisement system identifies a rule set for a security incident based on enrichment information obtained for the security incident, wherein the rule set is associated with action recommendations to be taken against the incident. The advisement system further identifies a default SLA for the security incident based on the rule set, and obtains environmental characteristics related to the security incident. Based on the environmental characteristics, the advisement system determines a modified SLA for the security incident.Type: ApplicationFiled: December 18, 2017Publication date: May 3, 2018Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 9954888Abstract: Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.Type: GrantFiled: December 2, 2015Date of Patent: April 24, 2018Assignee: Phantom Cyber CorporationInventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 9888029Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.Type: GrantFiled: August 12, 2015Date of Patent: February 6, 2018Assignee: Phantom Cyber CorporationInventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 9871818Abstract: Systems, methods, and software described herein provide for managing service level agreements (SLAs) for security incidents in a computing environment. In one example, an advisement system identifies a rule set for a security incident based on enrichment information obtained for the security incident, wherein the rule set is associated with action recommendations to be taken against the incident. The advisement system further identifies a default SLA for the security incident based on the rule set, and obtains environmental characteristics related to the security incident. Based on the environmental characteristics, the advisement system determines a modified SLA for the security incident.Type: GrantFiled: April 17, 2015Date of Patent: January 16, 2018Assignee: Phantom Cyber CorporationInventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20180013785Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.Type: ApplicationFiled: September 8, 2017Publication date: January 11, 2018Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20170308700Abstract: Techniques are provided for the detection of malicious software (malware) on a general purpose computing device. A challenge in detecting malicious software is that files are typically scanned for the presence of malicious intent only once (and subsequent rescanning is typically performed in a simplistic manner). Existing methods in the art do not address how to most effectively rescan collections of files in a way that tries to optimize performance and efficacy. These methods may also be useful if additional information is now available regarding a file that might be useful to an end-user or an administrator, even though the file's core disposition might not have changed. More specifically, we describe methods, components, and systems that perform data analytics to intelligently rescan file collections for the purpose of retroactively identifying malware and retroactively identifying clean files.Type: ApplicationFiled: July 13, 2017Publication date: October 26, 2017Inventors: Oliver Friedrichs, Alfred Huger, Zulfikar Ramzan
-
Patent number: 9762607Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.Type: GrantFiled: April 17, 2015Date of Patent: September 12, 2017Assignee: Phantom Cyber CorporationInventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 9747445Abstract: Techniques are provided for the detection of malicious software (malware) on a general purpose computing device. A challenge in detecting malicious software is that files are typically scanned for the presence of malicious intent only once (and subsequent rescanning is typically performed in a simplistic manner). Existing methods in the art do not address how to most effectively rescan collections of files in a way that tries to optimize performance and efficacy. These methods may also be useful if additional information is now available regarding a file that might be useful to an end-user or an administrator, even though the file's core disposition might not have changed. More specifically, we describe methods, components, and systems that perform data analytics to intelligently rescan file collections for the purpose of retroactively identifying malware and retroactively identifying clean files.Type: GrantFiled: December 16, 2015Date of Patent: August 29, 2017Assignee: Cisco Technology, Inc.Inventors: Oliver Friedrichs, Alfred Huger, Zulfikar Ramzan
-
Patent number: 9712555Abstract: Systems, methods, and software described herein provide security actions to computing assets of a computing environment. In one example, a method of operating an advisement system to manage security actions for a computing environment includes identifying a security incident for an asset in the environment, and obtaining enrichment information about the security incident. The method further includes identifying a rule set based on the enrichment information, identifying an action response based on the rule set, and initiating implementation of the action response in the computing environment.Type: GrantFiled: March 31, 2015Date of Patent: July 18, 2017Assignee: Phantom Cyber CorporationInventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 9680863Abstract: Systems, methods, and software described herein provide security actions to computing assets of a computing environment. In one example, a method of operating an advisement system to manage security actions for a computing environment includes identifying a security incident for an asset in the environment, and obtaining enrichment information about the security incident. The method further includes identifying a rule set based on the enrichment information, identifying an action response based on the rule set, and initiating implementation of the action response in the computing environment.Type: GrantFiled: March 31, 2015Date of Patent: June 13, 2017Assignee: Phantom Cyber CorporationInventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 9639697Abstract: A system retroactively detects malicious software on an end user system without performing expensive cross-referencing directly on the endpoint device. A client provides a server with information about files that are on it together with what it knows about these files. The server tracks this information and cross-references it against new intelligence it gathers on clean or malicious files. If a discrepancy in found (i.e., a file that had been called malicious, but that is actually benign or vice versa), the server informs the client, which in turn takes an appropriate action based on this information.Type: GrantFiled: January 30, 2015Date of Patent: May 2, 2017Assignee: Cisco Technology, Inc.Inventors: Oliver Friedrichs, Alfred Huger, Adam J. O'Donnell, Zulfikar Ramzan