Patents Examined by Christopher J. Brown
  • Patent number: 11556906
    Abstract: A blockchain configuration may be used to store a distributed ledger for information security and accessibility. One example method of operation may include one or more of logging an asset in a blockchain, identifying a sub-asset linked to the asset, creating a use constraint for the sub-asset, logging the use constraint associated with the sub-asset, and during an access attempt of the sub-asset, prohibiting access to the sub-asset based on the use constraint.
    Type: Grant
    Filed: July 8, 2019
    Date of Patent: January 17, 2023
    Assignee: International Business Machines Corporation
    Inventors: Praveen Jayachandran, Palanivel A. Kodeswaran, Sayandeep Sen
  • Patent number: 11552983
    Abstract: A computer-implemented method, computer program product and computing system for: detecting one or more security events within a computing platform of a client; notifying the client of the one or more security events within the computing platform; determining if the client responded to the one or more security events within the computing platform; and providing a response report to the client that quantifies client response performance based, at least in part, upon if the client responded to the one or more security events within the computing platform.
    Type: Grant
    Filed: September 9, 2020
    Date of Patent: January 10, 2023
    Assignee: Reliaquest Holdings, LLC
    Inventors: Brian P. Murphy, Joe Partlow, Colin O'Connor, Jason Pfeiffer, Brian Philip Murphy
  • Patent number: 11522899
    Abstract: Embodiments herein provide a system, method and an apparatus for vulnerability management for connected devices on a network. The proposed method includes identifying vulnerability in a device. The method includes determining whether the vulnerability affects the device by applying one or more rules. Further, the method includes calculating vulnerability score by assigning weights to impact metric and exploitability metric. In various embodiments, the method includes predicting security incident for the device based on the computed vulnerability score, security capabilities of the device and various anomalies on the device.
    Type: Grant
    Filed: March 30, 2019
    Date of Patent: December 6, 2022
    Assignee: Asimily, INC.
    Inventors: Shankar Somasundaram, Hithesh Nama
  • Patent number: 11496503
    Abstract: A method for event data fencing includes initializing a media monitoring algorithm, wherein the media monitoring algorithm scans for one or more words relating to a data breach in publicly available reports. Responsive to identifying a report from the publicly available reports relating to a vulnerability associated with the data breach, the method determines whether the vulnerability is associated with event data utilized for an authentication process. Responsive to determining the vulnerability is associated with a portion of the event data utilized for the authentication process, the method fences the portion of event data associated with the vulnerability, wherein fencing prevents the portion of event data from being utilized in the authentication process.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: November 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Cheranellore Vasudevan, Swaminathan Balasubramanian, Sibasis Das, Priyansh Jaiswal, Peeyush Jaiswal
  • Patent number: 11483418
    Abstract: Various systems and methods for network optimization or bandwidth conservation may use plugin migration or mirroring to access a plugin utilizing a first network protocol in the cloud. A cloud-based plugin allows for routing optimization to leverage resource directory from the first network protocol to provide discovery or access to the plugin. The plugin may be used when a device operating the first network protocol communicates with a device operating a second, different, network protocol.
    Type: Grant
    Filed: August 23, 2018
    Date of Patent: October 25, 2022
    Assignee: Intel Corporation
    Inventors: Mats Gustav Agerstam, Vijay Sarathi Kesavan
  • Patent number: 11477240
    Abstract: Systems and methods for remote monitoring of a Security Operations Center (SOC) via a mobile application are provided. According to one embodiment, a management service retrieves information regarding multiple network elements that are associated with an enterprise network and extracts parameters of the monitored network elements from the retrieved information. The management service prioritizes the monitored network elements by determining a severity level associated with security-related issues of the network elements and generates various monitoring views that summarize in real time various categories of potential security-related issues detected by the SOC. Further, the management service assigns a priority to each monitoring view and displays a video on the display device that cycles through monitoring views in accordance with their respective assigned priorities.
    Type: Grant
    Filed: June 26, 2019
    Date of Patent: October 18, 2022
    Assignee: Fortinet, Inc.
    Inventors: Robert A. May, Jordan E. Thompson
  • Patent number: 11470110
    Abstract: A method by one or more electronic devices for identifying and classifying community attacks. The method includes determining, for each of a plurality of enterprise networks, one or more incidents occurring in that enterprise network based on analyzing security alerts generated by a web application layer attack detector used to protect a web application hosted in that enterprise network, where each incident represents a group of security alerts that have been determined as being associated with the same security event, grouping incidents occurring across the plurality of enterprise networks into groups of incidents, where incidents that are determined as having similar features are grouped into the same group of incidents, and classifying each of one or more of the groups of incidents as being an industry-based attack or a spray-and-pray attack based on industry classifications of incidents within that group of incidents.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: October 11, 2022
    Assignee: Imperva, Inc.
    Inventors: Shiri Margel, Amit Leibovitz
  • Patent number: 11457024
    Abstract: Embodiments described include a computing device for generating risk scores of network entities. The computing device can include one or more processors configured to detect a plurality of risk indicators. Each of the risk indicators identify one of a plurality of activities of a network entity of an organization. The network entity includes a device, an application or a user in the organization's network. The one or more processors can generate a risk score of the network entity, by combining a risk value, an amplification factor and a dampening factor of each of the plurality of risk indicators, and adding an adjustment value for the plurality of risk indicators. The one or more processors can determine, using the generated risk score, a normalized risk score of the network entity. The one or more processors can initiate an action according to the normalized risk score.
    Type: Grant
    Filed: February 22, 2019
    Date of Patent: September 27, 2022
    Assignee: Citrix Systems, Inc.
    Inventors: Rishabh Bindal, Nastaran Baradaran
  • Patent number: 11456864
    Abstract: The present disclosure discloses an information storage method performed at a server.
    Type: Grant
    Filed: March 15, 2019
    Date of Patent: September 27, 2022
    Inventors: Rui Guo, Maocai Li, Wenwei Zou, Jianjun Zhang, Haitao Tu, Qi Zhao, Zongyou Wang, Jun Liang, Dawei Zhu, Binhua Liu
  • Patent number: 11451570
    Abstract: A testing computer system communicates with a cloud computing platform coupled to one or more target computer systems. The testing computer system receives a list of target computer systems from the cloud computing platform, generates respective test payloads for a set of the target systems, and sends the test payloads to the set of target systems. Each respective test payload is useable by its respective target system to perform a security scan of the target system and send test results to the testing computer system and includes instructions that cause the test payloads to be deleted after the security scan is performed. The testing computer system receives test results generated by the set of target systems and evaluates the test results to determine whether any of the set of target systems is implicated in a security breach.
    Type: Grant
    Filed: June 27, 2019
    Date of Patent: September 20, 2022
    Assignee: Kaseya Limited
    Inventors: Ryan Brandt Morris, Christopher Michael Gerritz
  • Patent number: 11451574
    Abstract: Methods, apparatus, and processor-readable storage media for detecting security threats in storage systems using AI techniques are provided herein. An example computer-implemented method includes obtaining historical performance data and historical capacity data pertaining to one or more storage objects within a storage system; determining supervised datasets pertaining to security threat-related data and non-security threat-related data by processing at least a portion of the obtained data using a first set of AI techniques; configuring a second set of AI techniques based at least in part on the determined supervised datasets; detecting one or more security threats in connection with at least one storage object within the storage system by processing input data from the at least one storage object using the second set of AI techniques; and performing at least one automated action based at least in part on the one or more detected security threats.
    Type: Grant
    Filed: June 29, 2020
    Date of Patent: September 20, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Deepak Gowda, Bina K. Thakkar, Wenjin Liu
  • Patent number: 11438168
    Abstract: A server application may request an authentication token from an authentication token provider on behalf of a client application instance. An application instance public key of a client application instance may be received at the server application, in which the application instance public key belongs to an application instance public-private key pair of the client application instance. An authentication token request is generated at the server application, in which the request includes the application instance public key of the client application instance and is signed with a server application private key of a server application public-private key pair that belongs to the server application. The authentication token request is sent by the server application to an authentication token provider to request an authentication token for use by the client application instance.
    Type: Grant
    Filed: November 29, 2018
    Date of Patent: September 6, 2022
    Assignee: T-Mobile USA, Inc.
    Inventors: Michael Engan, Douglas McDorman, James Latham, Vikash Kodati
  • Patent number: 11438363
    Abstract: Systems and methods include receiving a domain of interest; performing an analysis of the domain to extract namespaces of the domain, hosts associated with the domain, subdomains associated with the domain, namespaces of the subdomains, and addresses including address ranges of any identified namespaces; performing a Common Vulnerabilities and Exposures (CVE) search based on the analysis to identify a CVE list associated with the domain; determining weightings of the namespaces of the domain and the subdomains to provide a name list; obtaining cloud monitoring content associated with the domain; and utilizing the name list, the CVE list, and the cloud monitoring content to determine a risk associated with the domain.
    Type: Grant
    Filed: April 3, 2020
    Date of Patent: September 6, 2022
    Assignee: Zscaler, Inc.
    Inventor: Nathan Howe
  • Patent number: 11438362
    Abstract: A system, a method, and a computer program for remediating a vulnerability on a computing resource asset located in a computer network that has a plurality of other computing resource assets each having at last one vulnerability, where a Common Vulnerability Scoring System (CVSS) score is determined for the vulnerability. Vulnerability scanning results data corresponding to the computing resource asset can be analyzed and an environmental factor weighting score value determined for each of a plurality of environmentally-dependent factors. The environmental factor weighting score values and CVSS score can be aggregated and an adjusted environmental factor weighting score aggregate value generated. A prioritization score value for the vulnerability on the computing resource asset can be determined based on the adjusted environmental factor weighting score aggregate value and the vulnerability remediated on each of the computing resource assets according to the prioritization score value.
    Type: Grant
    Filed: January 2, 2020
    Date of Patent: September 6, 2022
    Assignee: Saudi Arabian Oil Company
    Inventor: Eidan K. Aleidan
  • Patent number: 11431734
    Abstract: A computer-implemented method for dynamically identifying security threats comprising a cyber-attack chain composed of a sequence of partial cyber-attacks represented by attack patterns may be provided. The method comprises receiving a sequence of security events, determining, a first cyber-attack pattern by applying a set of predefined rules for detecting an indicator of compromise of a first partial cyber-attack of the cyber-attack chain—thereby, identifying a specific cyber-attack chain—and determining a type and an attribute in the pattern of the first partial cyber-attack. The method comprises further configuring at least one rule for a downstream partial cyber-attack in the specific cyber-attack chain based on the type and the attribute in the attack pattern of the first partial cyber-attack, and adding the at least one configured rule to the set of predefined rules to be used by the correlation engine for dynamically identifying security threats to information technology systems.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: August 30, 2022
    Assignee: KYNDRYL, INC.
    Inventors: Matthias Seul, Arjun Udupi Raghavendra, Tim Uwe Scheideler, Tiziano Airoldi
  • Patent number: 11425126
    Abstract: A policy management service receives a request to associate a version of a computing resource policy as a default version of the policy. In response to the request, the service identifies, from a policy database, an entry for the default version of the policy. The service updates the entry in order to associate the version specified in the request as the default version of the policy. This results in the version of the policy becoming applicable to control access to the computing resources associated with principals associated with the default version of the policy.
    Type: Grant
    Filed: September 30, 2015
    Date of Patent: August 23, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Per Mikael Horal, Bradford Taylor Lyman, Luke Edward Kennedy, Ritwick Dhar, Anders Samuelsson
  • Patent number: 11403406
    Abstract: A method for computer-aided testing and confirmation of at least one system state of a first system by a confirmation device, is provided. After the testing of a first item of integrity information, which is provided by the first system, the confirmation device provides a second, combined item of integrity information and confirms the same cryptographically. The second item of integrity information includes at least part of the first item of integrity information and can be transmitted to a second system, in order to confirm the integrity of the first system to the latter. A confirmation device, to a first system, to a second system and to a computer program product in order to carry out the steps of the method is also provided.
    Type: Grant
    Filed: October 26, 2018
    Date of Patent: August 2, 2022
    Inventor: Rainer Falk
  • Patent number: 11392938
    Abstract: A system and method for generating a limited use login credential associated with an account maintained by an institution, where the credential facilitates secure access to the account.
    Type: Grant
    Filed: July 27, 2015
    Date of Patent: July 19, 2022
    Assignee: Miri Systems, LLC
    Inventors: Ludwik F. Zon, Ronald W. Sandstrom
  • Patent number: 11388546
    Abstract: Exemplary embodiments are disclosed of systems and methods for providing location-based security and/or privacy for restricting user access. In an exemplary embodiment, a system is configured to restrict and condition access to the system and/or data based on a user's selection of location-based data from a plurality of options presented by the system for selection by the user. The plurality of options include the location-based data and one or more other options that are selectable by the user.
    Type: Grant
    Filed: December 2, 2019
    Date of Patent: July 12, 2022
    Assignee: conquer your addiction llc
    Inventor: David H. Williams
  • Patent number: 11388592
    Abstract: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, and sends a key change indication to the UE, either directly or through some other network node. The UE can then derive the new NAS key from the old NAS key. In some embodiments, the AMF may provide a key generation parameter to the UE to use in deriving the new NAS key. In other embodiments, the target AMF may change one or more security algorithms.
    Type: Grant
    Filed: December 13, 2019
    Date of Patent: July 12, 2022
    Inventors: Noamen Ben Henda, Christine Jost, Karl Norrman, Monica Wifvesson