Patents Assigned to Lacework Inc.
-
Patent number: 11979422Abstract: Elastic privileges in a secure access service edge, including: identifying, based on one or more access policies, an application accessible to a user; determining, for the user, an access pattern of the application; and restricting, without modifying the one or more access policies, access to the application by the user based on the access pattern.Type: GrantFiled: July 1, 2022Date of Patent: May 7, 2024Assignee: LACEWORK, INC.Inventors: Vikram Kapoor, Harish Kumar Bharat Singh, Weifei Zeng, Vimalkumar Jeyakumar, Theron Tock, Ying Xie, Yijou Chen
-
Patent number: 11973784Abstract: A natural language interface for an anomaly detection framework, including: receiving a natural language input associated with a cloud deployment; generating a query corresponding to the natural language input by disambiguating at least a portion of the natural language input based on data describing activity associated with an anomaly detection framework monitoring the cloud deployment; and providing, based on a response to the query, a response to the natural language input.Type: GrantFiled: January 13, 2023Date of Patent: April 30, 2024Assignee: LACEWORK, INC.Inventors: Úlfar Erlingsson, Jay Parikh, Yijou Chen
-
Patent number: 11954130Abstract: A logical graph is generated using at least a portion of log data received from a set of agents executing on one or more nodes in one or more data centers. The logical graph is augmented using data obtained from one or more agents executing in containerized environments, including by representing communications between pods within the logical graph. The augmented logical graph is used to detect an anomaly.Type: GrantFiled: November 19, 2021Date of Patent: April 9, 2024Assignee: Lacework Inc.Inventors: Yijou Chen, Harish Kumar Bharat Singh, Murat Bog, Vikram Kapoor
-
Patent number: 11916947Abstract: Generating user-specific polygraphs for network activity, including: gathering information describing network activity associated with a user and generating, based on the information, a user-specific polygraph that includes one or more destinations associated with the network activity.Type: GrantFiled: July 6, 2022Date of Patent: February 27, 2024Assignee: LACEWORK, INC.Inventors: Vikram Kapoor, Harish Kumar Bharat Singh, Weifei Zeng, Vimalkumar Jeyakumar, Theron Tock, Ying Xie, Yijou Chen
-
Patent number: 11909752Abstract: Detecting deviations from typical user behavior, including: identifying a geographic location of a device that is associated with a user; determining device activity associated with the user; and detecting, based on a profile associated with the user, that the device activity associated with the user deviates from normal activity for the user.Type: GrantFiled: July 5, 2022Date of Patent: February 20, 2024Assignee: LACEWORK, INC.Inventors: Vikram Kapoor, Harish Kumar Bharat Singh, Weifei Zeng, Vimalkumar Jeyakumar, Theron Tock, Ying Xie, Yijou Chen
-
Patent number: 11895135Abstract: Detecting anomalous behavior of a device, including: generating, using information describing historical activity associated with a user device, a trained model for detecting normal activity for the user device; gathering information describing current activity associated with the user device; and determining, by using the information describing current activity associated with the user device as input to the trained model, whether the user device has deviated from normal activity.Type: GrantFiled: July 6, 2022Date of Patent: February 6, 2024Assignee: LACEWORK, INC.Inventors: Vikram Kapoor, Harish Kumar Bharat Singh, Weifei Zeng, Vimalkumar Jeyakumar, Theron Tock, Ying Xie, Yijou Chen
-
Patent number: 11894984Abstract: Configuring cloud deployments based on learnings obtained by monitoring other cloud deployments, including: determining normal behavior for one or more components in a first cloud deployment; determining normal behavior for one or more components in one or more other cloud deployments; and recommending, based on the normal behavior for one or more components in one or more other cloud deployments, a change to the first cloud deployment.Type: GrantFiled: February 14, 2022Date of Patent: February 6, 2024Assignee: LACEWORK, INC.Inventors: Úlfar Erlingsson, Yijou Chen
-
Patent number: 11882141Abstract: In some embodiments, a data platform receives information associated with activities within a network environment, generates a logical graph based on the information, stores data representative of the logical graph in a database, receives, in response to a user interaction with an interface of the data platform, a request to filter the information, in response to the request generates a query using a graph-based schema, and performs the generated query against the database.Type: GrantFiled: March 8, 2023Date of Patent: January 23, 2024Assignee: Lacework Inc.Inventors: Yijou Chen, Sanjay Kalra, Vikram Kapoor
-
Patent number: 11849000Abstract: Using real-time monitoring to inform static analysis, including: inspecting, using one or more static code analysis techniques, one or more components of a cloud deployment; detecting, using data gathered during the execution of the component in the cloud deployment, a condition; and modifying, based on the detected condition, the one or more static code analysis techniques.Type: GrantFiled: February 28, 2022Date of Patent: December 19, 2023Assignee: LACEWORK, INC.Inventors: Oliver M. Williams, Yijou Chen
-
Patent number: 11831668Abstract: A data platform receives data associated with activities in an environment, generates a logical graph using at least a portion of the received data, at least in part by clustering multiple nodes into a node of the logical graph based at least in part on behaviors in the network environment, and provides data representing a portion of the logical graph to a computer, the data representing the portion of the logical graph configured to be processed by the computer to display a visualization of the portion of the logical graph. The data platform may provide the data to the computer in response to receiving a query from the computer. The data platform may use the logical graph to detect an anomaly in the environment.Type: GrantFiled: October 13, 2022Date of Patent: November 28, 2023Assignee: Lacework Inc.Inventors: Harish Kumar Bharat Singh, Vikram Kapoor
-
Patent number: 11818156Abstract: Providing a data lake-enabled security platform, including: storing security data associated with a customer in a data lake comprising a plurality of storage environments implemented in different cloud environments of a plurality of cloud environments; generating, based on a plurality of records in the security data, an abstracted security record describing one or more derived insights of the security data; and providing access to the abstracted security record to one or more users associated with the customer.Type: GrantFiled: December 15, 2022Date of Patent: November 14, 2023Assignee: LACEWORK, INC.Inventors: Jay Parikh, Úlfar Erlingsson, Yijou Chen
-
Patent number: 11792284Abstract: Example systems and methods monitor a cloud compute environment. An example method includes an agent obtaining a data packet from an interface in the cloud compute environment, the data packet including a source address and a non-endpoint destination address; determining, based on the non-endpoint destination address and routing information for the data packet, an endpoint destination address associated with the non-endpoint destination address of the data packet; modifying the data packet by replacing the non-endpoint destination address with the endpoint destination address; and providing, based on the modified data packet, monitoring data to a data platform.Type: GrantFiled: January 31, 2022Date of Patent: October 17, 2023Assignee: Lacework, Inc.Inventors: Anil K. Nanduri, Prakash Jalan, Matti A. Vanninen, Ammar G. Ekbote, Alex Ramachandran Nirmala, Yijou Chen
-
Patent number: 11785104Abstract: Learning from similar cloud deployments, including: identifying, for at least a portion of a first cloud deployment, one or more additional cloud deployments to utilize for cross-customer learning; receiving information describing configurations associated with the additional cloud deployments; and identifying, based on the configurations, one or more configurations to adopt for the first cloud deployment.Type: GrantFiled: February 14, 2022Date of Patent: October 10, 2023Assignee: LACEWORK, INC.Inventors: Úlfar Erlingsson, Yijou Chen
-
Patent number: 11770464Abstract: A frame is received at an agent. The frame is analyzed to determine that the frame is associated with a first known pod. IP information is reported to a backend process. The backend process is configured to stitch the IP information with other IP information reported by one or more additional agents to identify a second pod.Type: GrantFiled: December 9, 2021Date of Patent: September 26, 2023Assignee: Lacework Inc.Inventors: Rakesh Sachdeva, Vikram Kapoor
-
Patent number: 11770398Abstract: A guided anomaly detection framework, including: gathering data describing activity associated with an anomaly detection framework monitoring a cloud deployment; generating, based on the data, a prompt describing one or more natural language inputs for a security workflow, wherein each of the one or more natural language inputs corresponds to a query for information related to the cloud deployment; and providing a selected natural language input to a natural language interface.Type: GrantFiled: January 11, 2023Date of Patent: September 26, 2023Assignee: LACEWORK, INC.Inventors: Úlfar Erlingsson, Jay Parikh, Yijou Chen
-
Patent number: 11765249Abstract: Improving developer efficiency and application quality, including: collecting, for an executing application, information describing the usage of the application; identifying one or more unencountered conditions that the application is configured to handle; identifying one or more encountered conditions that the application is not configured to handle; and presenting information describing the unencountered conditions that the application is configured to handle and the encountered conditions that the application is not configured to handle.Type: GrantFiled: February 14, 2022Date of Patent: September 19, 2023Assignee: LACEWORK, INC.Inventors: Úlfar Erlingsson, Yijou Chen
-
Patent number: 11741238Abstract: Dynamically generating monitoring tools for software applications, including: inspecting, using static code analysis, a non-executable representation of the application to identify one or more points in an application for monitoring; and for each of the one or more points in the application: generating a monitoring program; and inserting, into an executable representation of the application, the monitoring program at a location in the executable representation of the application that corresponds to the identified point in the application.Type: GrantFiled: January 31, 2022Date of Patent: August 29, 2023Assignee: LACEWORK, INC.Inventors: Christien R. Rioux, Yijou Chen
-
Patent number: 11689553Abstract: Log data associated with at least one user session in a network environment associated with an original user is received. A logical graph is generated using at least a portion of the received log data. One example of such a logical graph is a privilege change graph that models privilege changes between processes. Another example of such a logical graph is a user login graph that models machines with which the original user interacts. Another example of such a logical graph is a machine-server graph that clusters machines into nodes based on resources executing on the machine. The generated logical graph is used to detect an anomaly.Type: GrantFiled: March 9, 2021Date of Patent: June 27, 2023Assignee: Lacework Inc.Inventors: Harish Kumar Bharat Singh, Vikram Kapoor, Murat Bog, Yijou Chen
-
Patent number: 11677772Abstract: Activities within a network environment are monitored (e.g., using agents). At least a portion of the monitored activities are used to generate a logical graph model. The generated logical graph model is used to determine an anomaly. The detected anomaly is recorded and can be used to generate an alert.Type: GrantFiled: October 18, 2021Date of Patent: June 13, 2023Assignee: Lacework Inc.Inventors: Vikram Kapoor, Samuel Joseph Pullara, III, Murat Bog, Yijou Chen, Sanjay Kalra
-
Patent number: 11637849Abstract: In some embodiments, a request to filter information associated with activities within a network environment is received in response to a user interaction with a graph that comprises a plurality of nodes. At least one node included in the graph is associated with an activity within a network environment. As one example, the request to filter is triggered by a user interaction with a visual representation of at least a portion of the graph. As another example, the request to filter is triggered by a user interaction with a query field. In response to receiving the filter request, a query is generated based on a join using a query service.Type: GrantFiled: October 25, 2021Date of Patent: April 25, 2023Assignee: Lacework Inc.Inventors: Yijou Chen, Sanjay Kalra, Vikram Kapoor