Patents Assigned to ThreatModeler Software Inc.
  • Patent number: 11620386
    Abstract: Threat modeling methods include providing one or more data stores storing threat model components, threats, and security requirements, each threat associated with at least one of the threat model components, each security requirement including a stored indication of whether it is a compensating control, and each compensating control associated with one of the threats. One or more computing devices communicatively coupled with the one or more data stores display a relational diagram of a system, an application, and/or a process, using visual representations of the threat model components, the diagram defining a threat model. The one or more computing devices display a threat report displaying each threat associated with one of the threat model components included in the threat model. The one or more computing devices further display a compensating control report displaying each compensating control that is associated with one of the threats included in the threat report.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: April 4, 2023
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 11568059
    Abstract: Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween.
    Type: Grant
    Filed: July 9, 2020
    Date of Patent: January 31, 2023
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 11468173
    Abstract: Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween.
    Type: Grant
    Filed: July 9, 2020
    Date of Patent: October 11, 2022
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20210294898
    Abstract: Threat modeling methods include providing one or more data stores storing threat model components, threats, and security requirements, each threat associated with at least one of the threat model components, each security requirement including a stored indication of whether it is a compensating control, and each compensating control associated with one of the threats. One or more computing devices communicatively coupled with the one or more data stores display a relational diagram of a system, an application, and/or a process, using visual representations of the threat model components, the diagram defining a threat model. The one or more computing devices display a threat report displaying each threat associated with one of the threat model components included in the threat model. The one or more computing devices further display a compensating control report displaying each compensating control that is associated with one of the threats included in the threat report.
    Type: Application
    Filed: March 15, 2021
    Publication date: September 23, 2021
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10984112
    Abstract: Automated threat modeling methods include providing one or more servers and one or more data stores communicatively coupled with the server(s). The data store(s) may include a plurality of threat model components stored therein (stored components) and a plurality of threats stored therein (stored threats), each stored threat associated through the data store(s) with at least one of the stored components. Using one or more input fields displayed on one or more computing devices communicatively coupled with at least one of the server(s), one or more inputs are received, the input(s) including access credentials associated with an existing computing environment and one or more inputs configured to initiate, using the server(s) and the access credentials, automatic generation of a relational diagram (diagram) of the existing computing environment and automatic generation of a threat report. Automated modeling systems include systems configured to carry out automated modeling of an existing computing environment.
    Type: Grant
    Filed: August 17, 2020
    Date of Patent: April 20, 2021
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20200380138
    Abstract: Automated threat modeling methods include providing one or more servers and one or more data stores communicatively coupled with the server(s). The data store(s) may include a plurality of threat model components stored therein (stored components) and a plurality of threats stored therein (stored threats), each stored threat associated through the data store(s) with at least one of the stored components. Using one or more input fields displayed on one or more computing devices communicatively coupled with at least one of the server(s), one or more inputs are received, the input(s) including access credentials associated with an existing computing environment and one or more inputs configured to initiate, using the server(s) and the access credentials, automatic generation of a relational diagram (diagram) of the existing computing environment and automatic generation of a threat report. Automated modeling systems include systems configured to carry out automated modeling of an existing computing environment.
    Type: Application
    Filed: August 17, 2020
    Publication date: December 3, 2020
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20200342116
    Abstract: Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween.
    Type: Application
    Filed: July 9, 2020
    Publication date: October 29, 2020
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10747876
    Abstract: Modeling methods include providing one or more data stores storing model components and in some cases threats, each threat associated with at least one model components. A relational diagram of a system, application or process is displayed on one or more user interfaces. The diagram includes visual representations of the model components and defines a model. In response to adding a model component to the model, a list of one or more model components associated with the added model component is displayed, along with an indication of whether the model components are required to be added to the model. In some implementations a threat report is displayed on a threat report interface and includes each threat that is associated through the data store(s) with one of the model components in the model. Modeling systems and threat modeling systems include systems configured to carry out the modeling and threat modeling methods.
    Type: Grant
    Filed: October 25, 2019
    Date of Patent: August 18, 2020
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10713366
    Abstract: Threat modeling systems include one or more computing devices communicatively coupled with one or more databases, the database(s) including threat model components and threats associated with one another. One or more mapping files coupled with the database(s) correlate the threat model components with visual diagram components of a third party software application. An import interface initiates reading of a third party generated data file by the computing device(s), the data file including a subset of the third party diagram components and relationships between the subset. An interface receiving input initiates a determination of threat model components correlated with the subset. A diagram interface displays a relational diagram using visual representations of threat model components correlated with the subset, the relational diagram defining a threat model.
    Type: Grant
    Filed: August 15, 2019
    Date of Patent: July 14, 2020
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10699008
    Abstract: Threat model chaining methods include providing one or more databases including a threat model components, threats, each threat associated with at least one of the threat model components, and compensating controls, each compensating control associate with one of the threats, providing a diagram interface configured to display a relational diagram defining a first threat model, and configuring the diagram interface to add a component group to the first threat model include in it a second threat model. Attack simulation methods include providing the one or more databases and diagram interface and configuring the diagram interface to visually display attack paths of threats associated with diagrammed threat model components which compromise a selected threat model component.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: June 30, 2020
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10664603
    Abstract: Threat modeling methods include, in response to receiving user input using computing device interfaces: storing threat model components, threats, and security requirements in a one or more database(s); associating each threat with a component; storing an indication of whether each security requirement is a compensating control; associating each compensating control with one of the threats; displaying a diagram of one of a system, an application, and a process, using visual representations of the components, the diagram defining a threat model, displaying a threat report displaying each threat associated with one of the components included in the threat model; and; displaying a report displaying each compensating control associated with one of the threats included in the threat report.
    Type: Grant
    Filed: February 7, 2019
    Date of Patent: May 26, 2020
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20200057851
    Abstract: Modeling methods include providing one or more data stores storing model components and in some cases threats, each threat associated with at least one model components. A relational diagram of a system, application or process is displayed on one or more user interfaces. The diagram includes visual representations of the model components and defines a model. In response to adding a model component to the model, a list of one or more model components associated with the added model component is displayed, along with an indication of whether the model components are required to be added to the model. In some implementations a threat report is displayed on a threat report interface and includes each threat that is associated through the data store(s) with one of the model components in the model. Modeling systems and threat modeling systems include systems configured to carry out the modeling and threat modeling methods.
    Type: Application
    Filed: October 25, 2019
    Publication date: February 20, 2020
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20190370477
    Abstract: Threat modeling systems include one or more computing devices communicatively coupled with one or more databases, the database(s) including threat model components and threats associated with one another. One or more mapping files coupled with the database(s) correlate the threat model components with visual diagram components of a third party software application. An import interface initiates reading of a third party generated data file by the computing device(s), the data file including a subset of the third party diagram components and relationships between the subset. An interface receiving input initiates a determination of threat model components correlated with the subset. A diagram interface displays a relational diagram using visual representations of threat model components correlated with the subset, the relational diagram defining a threat model.
    Type: Application
    Filed: August 15, 2019
    Publication date: December 5, 2019
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20190205544
    Abstract: Threat modeling methods include, in response to receiving user input using computing device interfaces: storing threat model components, threats, and security requirements in a one or more database(s); associating each threat with a component; storing an indication of whether each security requirement is a compensating control; associating each compensating control with one of the threats; displaying a diagram of one of a system, an application, and a process, using visual representations of the components, the diagram defining a threat model, displaying a threat report displaying each threat associated with one of the components included in the threat model; and; displaying a report displaying each compensating control associated with one of the threats included in the threat report.
    Type: Application
    Filed: February 7, 2019
    Publication date: July 4, 2019
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Publication number: 20190147161
    Abstract: Threat model chaining methods include providing one or more databases including a threat model components, threats, each threat associated with at least one of the threat model components, and compensating controls, each compensating control associate with one of the threats, providing a diagram interface configured to display a relational diagram defining a first threat model, and configuring the diagram interface to add a component group to the first threat model include in it a second threat model. Attack simulation methods include providing the one or more databases and diagram interface and configuring the diagram interface to visually display attack paths of threats associated with diagrammed threat model components which compromise a selected threat model component.
    Type: Application
    Filed: December 20, 2018
    Publication date: May 16, 2019
    Applicant: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10255439
    Abstract: Threat modeling methods include, in response to receiving user input using computing device interfaces: storing threat model components, threats, and security requirements in a database; associating each threat with a component; storing an indication of whether each security requirement is a compensating control; associating each compensating control with one of the threats; displaying a diagram of one of a system, an application, and a process, using visual representations of the components, the diagram defining a threat model, displaying a threat report displaying each threat associated with one of the components included in the threat model; and; displaying a report displaying each compensating control associated with one of the threats included in the threat report. Threat modeling systems include one or more computing devices coupled with a database and having user interfaces for storing, associating, displaying, and editing the components, threats, and security requirements in various ways.
    Type: Grant
    Filed: February 3, 2018
    Date of Patent: April 9, 2019
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal
  • Patent number: 10200399
    Abstract: Attack simulation systems include a computing device coupled with a database, the device displaying input interfaces configured to store a plurality of threat model components, threats, and compensating controls in the database, and associate each stored threat with at least one stored component and associate each stored control with at least one of the stored threats through the database. A diagram interface is configured to diagram a system, application, or process, the diagram including some of the stored components and controls, to define a first threat model, and is further configured to display attack paths of all stored threats associated with the diagrammed components which compromise a selected component. Attack simulation methods include defining threat models and displaying attack paths using system interfaces. Threat model chaining methods include adding a component group to a first threat model to include therein a second threat model associated with a predefined component group.
    Type: Grant
    Filed: March 15, 2018
    Date of Patent: February 5, 2019
    Assignee: ThreatModeler Software Inc.
    Inventor: Anurag Agarwal