Patents Examined by Sarah Su
  • Patent number: 12225043
    Abstract: A method and system for cyber-security processes mining are provided. The method comprises correlating events received from a plurality of data sources into a plurality of flows, wherein a flow of the plurality of flows is a sequence of events having a same identifier, and wherein at least one of the plurality of data sources is a cyber-security system; correlating the plurality of flows into a plurality of variants, wherein a variant out of the plurality of variants includes one or more flows having the same repeatable pattern; associating the plurality of variants with at least one cyber-security process based on a predefined template defining the cyber-security process; and causing a display of the least one cyber-security process and its plurality of variants.
    Type: Grant
    Filed: May 17, 2024
    Date of Patent: February 11, 2025
    Assignee: Gutsy.IO, LTD
    Inventors: Ben Bernstein, John Morello, Dima Stopel
  • Patent number: 12218964
    Abstract: The present disclosure relates to a remote attestation in a network. Embodiments provide a method comprising: attesting a first node in a network, by a node adjacent to the first node in the network; and generating an attestation result of the first node. A plurality of attestation results of the first node generated by a plurality of nodes adjacent to the first node in the network are combined to determine a credibility of the first node. In such embodiments, a fixed verifier for other nodes is eliminated, and a risk of a collapse due to a failure of such fixed verifier may be avoided.
    Type: Grant
    Filed: March 21, 2018
    Date of Patent: February 4, 2025
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Anmin Fu, Jingyu Feng
  • Patent number: 12177184
    Abstract: A system and method for providing dynamic network traffic policies is provided. The method includes: inspecting a workload for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk, wherein the workload is deployed in a cloud computing environment having a firewall connected to an external network; detecting the cybersecurity risk on the workload based on the cybersecurity object; generating a policy for the firewall based on the cybersecurity risk; and configuring the firewall to apply the generated policy.
    Type: Grant
    Filed: February 7, 2024
    Date of Patent: December 24, 2024
    Assignee: Wiz, Inc.
    Inventors: Lidor Gonshorowitz, Oron Noah, Ami Luttwak, Yinon Costica, Roy Reznik
  • Patent number: 12177236
    Abstract: To analyze cybersecurity threats, an analysis module of a processor may receive log data from at least one network node. The analysis module may identify at least one statistical outlier within the log data. The analysis module may determine that the at least one statistical outlier represents a cybersecurity threat by applying at least one machine learning algorithm to the at least one statistical outlier.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: December 24, 2024
    Assignee: CYBRAICS, INC.
    Inventors: Richard Edwin Heimann, Jonathan Lee Ticknor, Amanda Lynn Traud, Marshall Thomas Vandegrift, Kaska Adoteye, Jesse Pruitt Jeter, Michael Toru Czerny
  • Patent number: 12170668
    Abstract: Embodiments herein may relate to a technique for identification and verification of compliance with one or more pre-defined security policy sets for a network. Specifically, embodiments may include generation of an access control graph (ACG) that relates to the network. One or more paths of the ACG may be identified, and then compared against the pre-defined security policy sets. Other embodiments may be described or claimed.
    Type: Grant
    Filed: March 8, 2022
    Date of Patent: December 17, 2024
    Assignee: Salesforce, Inc.
    Inventors: Michal Trembacz, Gianstefano Monni
  • Patent number: 12166766
    Abstract: Systems and methods for accountless device control are disclosed. For example, a smart device may be acquired and plugged in for use. The smart device may gain network connectivity and a system associated with the smart device may request enablement of an application for use with the smart device from another system, such as a system associated with a voice-enabled device. The other system may generate and send user identifier data, and the system associated with the smart device may generate a shadow account in association with the user identifier data. The application may be enabled in association with the shadow account, and access credentials may be exchanged to securely send and receive information associated with operation of the access device.
    Type: Grant
    Filed: July 22, 2022
    Date of Patent: December 10, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Venkatesh Krishnamoorthy, Pavan Kumar Kothagorla, Antony Issakov
  • Patent number: 12166787
    Abstract: An online portal receives digital content from a user device. The online portal is communicably coupled to a computer server hosting an online media service in the public or non-public domain. The user device is associated with an online account on the online media service. Based on the digital content, at least one requirement associated with the online account is identified. One or more respondent services are determined satisfy the requirement. By each respondent service, the digital content is processed using a respective machine learning model trained, based on user-attributable content, to generate a respondent evaluation. A quorum of respondent evaluations is generated. The quorum of respondent evaluations is determined to achieve a respondent consensus. Responsive to determining that the respondent consensus satisfies an approval condition, the digital content is sent from the online portal to the computer server for posting the digital content on the online media service.
    Type: Grant
    Filed: January 23, 2023
    Date of Patent: December 10, 2024
    Assignee: STARGUARD, INC.
    Inventor: Jordan Yates
  • Patent number: 12153664
    Abstract: Disclosed are a system and a method for detection of patterns in application for application transformation and applying those patterns for automated application transformation. The system and the method enable user to identify patterns in transformation of the application from existing infrastructure/machines of organization. The transformed application thus created are easily exported and/or installed on multiple computing devices having different system architecture and successful execution of the application containerized within the container is facilitated. The system and the method reduce dependency on individual skills and ability. The system and the method bring consistency and efficiency in application transformation and increase performance of existing techniques that effect application transformation.
    Type: Grant
    Filed: February 3, 2022
    Date of Patent: November 26, 2024
    Assignee: CLOUDHEDGE TECHNOLOGIES PRIVATE LIMITED
    Inventors: Sameer Karmarkar, Ameya Varade, Abhijit Anant Joshi
  • Patent number: 12155652
    Abstract: A system for enabling a user access to one or more products/services of a host offering services through a network or the internet. The system generates a unique user identifier which is unique to the user in response to, or as a result of, creating an account with an authenticator application product of the system. The unique user identifier is used by a host to confirm registration of the user with the services offered by the host. The system requires user authentication involving one or more biometric authentication processes to create an account and thereafter access the account to select one or more host services. Upon selecting a given host service, the host verifies the account and transmits visual indicia to an electronic device on which the services will be displayed and accessed. The system enters the visual indicia through one or more scanning or imaging modalities to access the selected services.
    Type: Grant
    Filed: April 29, 2024
    Date of Patent: November 26, 2024
    Assignee: I IDEAS LLC
    Inventors: Vincent Basilice, Dahna Basilice, James Greco
  • Patent number: 12149558
    Abstract: The present disclosure relates to cybersecurity architectures and systems for assessing and quantifying security threats and risks associated with machine-readable codes, such as quick response codes, barcodes, data matrix codes, and other types of codes. A security application comprises a multi-context threat assessment system configured to analyze a broad spectrum of risk assessment attributes across multiple contexts. These contexts relate to the machine-readable code itself, target network resources identified by the code, entities affiliated with the code, end-users interacting with the code, and enterprise systems policies. The system can evaluate various risk assessment attributes for each of these contexts to more accurately quantify potential security risks associated with the machine-readable codes.
    Type: Grant
    Filed: May 21, 2024
    Date of Patent: November 19, 2024
    Assignee: QRShield LLC
    Inventors: Joseph Brown, Anthony Rodriguez
  • Patent number: 12149557
    Abstract: Systems, methods, and computer-readable storage media are utilized to analyze multi-channel data based on a security model in a computer network environment. One system includes a plurality of data channels configured to access entity data and a processing circuit communicatively coupled to a data channel of the plurality of data channels, the processing circuit configured to identify at least one vulnerability, determine an impact of the at least one vulnerability, assign the first property to a first cybersecurity dimension, generate a cybersecurity risk score based at least on the impact of the at least one vulnerability, and generate a multi-dimensional score for a target computer network environment based on the cybersecurity risk score.
    Type: Grant
    Filed: May 26, 2023
    Date of Patent: November 19, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Daniel Fricano, Thomas Gilheany, Peter Makohon, Dale Miller, Charles Steven Edison, Kodzo Wegba, James Bonk, Shane Cross
  • Patent number: 12135809
    Abstract: Systems and methods are provided that may be implemented in one example to physically transfer or relocate information handling systems between facilities of different system owners in a manner that is downstream of the original equipment manufacturer (OEM) of the transferred information handling system/s, and which in one example may be managed in part or in whole by the OEM's customer base. In conjunction with facilitating physical transfer of each given information handling system directly between different enterprise owners, the disclosed systems and methods may also be implemented at the same time to utilize a unique identifier (that is assigned by the OEM manufacturer to each given information handling system) to manage transfer of the registration or other type of association of the given information handling system assets between the enterprise OEM user accounts of the different enterprise owners that are maintained by an OEM of the information handling system assets.
    Type: Grant
    Filed: December 3, 2021
    Date of Patent: November 5, 2024
    Assignee: Dell Products L.P.
    Inventors: Anantha K. Boyapalle, Charles D. Robison, Vaibhav Soni
  • Patent number: 12132725
    Abstract: Implementations of the present disclosure relate to setting a system time of an access point (AP) for server certificate validation. A method comprises obtaining a default time as a system time of the AP after an AP boots up. The method also comprises obtaining a memory time from a flash memory of the AP. The method also comprises updating the system time with the memory time obtained from the flash memory. The method also comprises validating a server certificate received from an authentication server based on the system time. The system time is synchronized with a network time if the server certificate is successfully validated based on the system time. The synchronized system time is then written into the flash memory. In this way, the authentication can be performed based on a reasonable system time even if the AP reboots.
    Type: Grant
    Filed: September 14, 2022
    Date of Patent: October 29, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Xiaoqing Chen, Kangchang Huang, Xin Zong
  • Patent number: 12126644
    Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to identify and report cloud-based security vulnerabilities. An example apparatus includes memory, instructions, and processor circuitry. The example processor circuitry is to execute the instructions to assess a first security vulnerability associated with an application programming interface (API) of a cloud compute network, the first security vulnerability corresponding to at least one call to the API that deviates from a baseline report, the baseline report based on at least one communication in the cloud compute network, and assess a second security vulnerability associated with identity and access management in the cloud compute network based on an entity in the cloud compute network permitted to access a service provided by the cloud compute network, the second security vulnerability corresponding to an unauthorized request to access at least one of a device of the cloud compute network or the service.
    Type: Grant
    Filed: May 16, 2022
    Date of Patent: October 22, 2024
    Assignee: Skyhigh Security LLC
    Inventors: Sriranga Seetharamaiah, Cedric Cochin
  • Patent number: 12113825
    Abstract: A system obtains security data of interconnected networks. The visibility of the security data is asymmetric for each interconnected network relative to the other. The security data is continuously stored and used in real-time or near real-time to identify services of the interconnected networks that require safeguards against a potential cyberattack. The interworking system determines a security parameter that relates the security data to the potential cyberattack and communicates the security parameter to the interconnected networks. The interconnected networks can safeguard against the potential cyberattack based on the security parameter.
    Type: Grant
    Filed: May 8, 2023
    Date of Patent: October 8, 2024
    Assignee: T-Mobile USA, Inc.
    Inventors: Venson Shaw, Gaviphat Lekutai
  • Patent number: 12107841
    Abstract: A computer-implemented method for activity verification within a network computing environment. The method may include: retrieving a verification requirement defining an activity within the network computing environment, a candidate verifier, and contact information for the candidate verifier; transmitting a request for participation to the candidate verifier; upon confirmation, enrolling the confirmed verifier to the verification requirement; receiving a post-enrollment data record relating to an observed activity within the network computing environment; matching the observed activity to the verification requirement; transmitting a verification request to the enrolled confirmed verifier; receiving a verification response from the enrolled confirmed verifier; based on the verification response, generating a command to restrict or permit the observed activity within the network computing environment.
    Type: Grant
    Filed: December 15, 2021
    Date of Patent: October 1, 2024
    Assignee: ClearVector, Inc.
    Inventor: John N. Laliberte
  • Patent number: 12107883
    Abstract: Described embodiments provide systems and methods for managing session accessed by a client device. The systems and methods can include one or more processors configured to receive data in a plurality of modalities corresponding to a plurality of features of a session for an entity accessed by a client device. The one or more processors can determine based on the data of the session and a distance model trained with historical data of the entity, a distance between a representation of the data of the session and a predetermined representation for the entity established based on the historical data of the entity. The one or more processors can compare the distance with a threshold established for the entity. The one or more processors can generate, based on the comparison between the distance with the threshold, an action to manage access by the client device to the session for the entity.
    Type: Grant
    Filed: March 1, 2021
    Date of Patent: October 1, 2024
    Inventor: Asterios Stergioudis
  • Patent number: 12101418
    Abstract: Disclosed herein is a data storage device. A data port transmits data between a host computer system and the data storage device. A non-volatile storage medium stores encrypted user content data and a cryptography engine connected between the data port and the storage medium uses a cryptographic key to decrypt the encrypted user content data. The access controller generates a challenge for a manager device. The challenge comprises a blinded public key of an ephemeral unlock key pair that is blinded by an unlock blinding key. The challenge further comprises the unlock blinding key in encrypted form. The access controller further provides the challenge to the device to be authorized for sending the challenge to the manager device; receives a response to the challenge; decrypts the unlock blinding key and calculates a shared secret; and upon determining that the response indicates approval of registering the device, registers the device to be authorized as an authorized device.
    Type: Grant
    Filed: March 8, 2022
    Date of Patent: September 24, 2024
    Assignee: Sandisk Technologies, Inc.
    Inventors: Brian Edward Mastenbrook, John So
  • Patent number: 12088711
    Abstract: In one arrangement, a method for a key management server to manage cryptographic key rotation comprises rotating, by the key management server, an initial symmetric key based on a first rotation schedule. Rotating the initial symmetric key comprises rotating bits of the initial symmetric key to create a rotated key, the rotated key being different from the initial symmetric key. The method further comprises enciphering, by the key management server using the rotated key, data sent to a first client server. In another arrangement, a method for a client server to manage cryptographic key rotation comprises rotating, by the client server, an initial symmetric key based on a schedule. The method further comprises deciphering, by the client server, data sent from a key management server using the rotated key and providing the deciphered data to a user.
    Type: Grant
    Filed: December 28, 2021
    Date of Patent: September 10, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Phillip H. Griffin, Jeffrey J. Stapleton
  • Patent number: 12088617
    Abstract: A system has a firewall ingress node carrying network traffic. An attack injector creates a network attack flow on the firewall ingress node and thereby forms with the network traffic a composite firewall input signal on the firewall ingress node. A firewall egress node carries a response signal corresponding to the composite firewall input signal. A network monitor is connected to the firewall ingress node and the firewall egress node. The network monitor includes a homodyne detector to multiply the response signal by an oscillating driver signal to form a product that is integrated over time to form a homodyne detector response signal that is larger when the homodyne detector response signal has some component with the same frequency as the oscillating driver signal.
    Type: Grant
    Filed: January 18, 2022
    Date of Patent: September 10, 2024
    Assignee: Cpacket Networks Inc.
    Inventors: Ron Nevo, Douglas Cooper, Tzahi Grunzweig