Patents by Inventor Aaron Hackworth
Aaron Hackworth has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11632398Abstract: Methods and systems for building security applications can be provided. Data policies for accessing security data can be set, and a module pipeline including one or more modules selected from a plurality of modules can be generated. The modules can include at least one module operable to apply a predictive security application or model for detection or identification of security threats. Module execution policies governing execution of the one or more modules in the module pipeline also can be set. Upon receipt of a request to initiate execution of the module pipeline, it can be determined if the execution thereof would violate the data policies or the module execution policies. If so, execution of the module pipeline can be blocked, otherwise the module pipeline can be executed to process the portion of the security data.Type: GrantFiled: July 15, 2020Date of Patent: April 18, 2023Assignee: Secureworks Corp.Inventors: Timothy Vidas, Jon Ramsey, Aaron Hackworth, Robert Danford, William Urbanski
-
Patent number: 11418524Abstract: The present disclosure provides systems and methods for detection of one or more security threats or malicious actions. According to the present disclosure, data can be received from one or more data producers and provided to a behavior processor. The behavior processor extracts, identifies, or detects one or more behaviors from the data based on one or more datum, features, or characteristics included therein, and provides the one or more identified behaviors to a tactic processor. The tactic processor extracts, identifies, or detects one or more tactics based on the one or more identified behaviors, and submits the one or more identified tactics to a tactic classifier to determine whether the one or more identified tactics are indicative of the one or more security threats or malicious actions. Other aspects are also described.Type: GrantFiled: May 7, 2019Date of Patent: August 16, 2022Assignee: SecureworksCorp.Inventors: William M. Urbanski, Timothy M. Vidas, Kyle Soeder, Jon Ramsey, Robert William Danford, Aaron Hackworth
-
Publication number: 20200358795Abstract: The present disclosure provides systems and methods for detection of one or more security threats or malicious actions. According to the present disclosure, data can be received from one or more data producers and provided to a behavior processor. The behavior processor extracts, identifies, or detects one or more behaviors from the data based on one or more datum, features, or characteristics included therein, and provides the one or more identified behaviors to a tactic processor. The tactic processor extracts, identifies, or detects one or more tactics based on the one or more identified behaviors, and submits the one or more identified tactics to a tactic classifier to determine whether the one or more identified tactics are indicative of the one or more security threats or malicious actions. Other aspects are also described.Type: ApplicationFiled: May 7, 2019Publication date: November 12, 2020Inventors: William M. Urbanski, Timothy M. Vidas, Kyle Soeder, Jon Ramsey, Robert William Danford, Aaron Hackworth
-
Publication number: 20200351307Abstract: Methods and systems for building security applications can be provided. Data policies for accessing security data can be set, and a module pipeline including one or more modules selected from a plurality of modules can be generated. The modules can include at least one module operable to apply a predictive security application or model for detection or identification of security threats. Module execution policies governing execution of the one or more modules in the module pipeline also can be set. Upon receipt of a request to initiate execution of the module pipeline, it can be determined if the execution thereof would violate the data policies or the module execution policies. If so, execution of the module pipeline can be blocked, otherwise the module pipeline can be executed to process the portion of the security data.Type: ApplicationFiled: July 15, 2020Publication date: November 5, 2020Inventors: Timothy Vidas, Jon Ramsey, Aaron Hackworth, Robert Danford, William Urbanski
-
Patent number: 10735470Abstract: Methods and systems for developing and distributing applications and data for building security applications can be provided. A plurality of data policies can be set for access and/or filtering security data based on selected parameters. One or more modules can be generated for processing the security data, with each of the modules governed by one or more module policies. Upon receipt of a request to initiate execution of the one or more modules to access and process a selected portion or filtered set of the security data, it can be determined if the request violates the data policies and/or the module policies applicable for processing the selected portion or filtered set of the security data, and if the data policies and/or the module policies are not violated, the one or more modules can be executed to process the selected portion or filtered set of the security data.Type: GrantFiled: November 6, 2017Date of Patent: August 4, 2020Assignee: SECUREWORKS CORP.Inventors: Timothy Vidas, Jon Ramsey, Aaron Hackworth, Robert Danford, William Urbanski
-
Patent number: 10713360Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: GrantFiled: February 17, 2017Date of Patent: July 14, 2020Assignee: SecureWorks Corp.Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Patent number: 10678919Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: GrantFiled: February 17, 2017Date of Patent: June 9, 2020Assignee: SecureWorks Corp.Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Patent number: 10645124Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: GrantFiled: February 17, 2017Date of Patent: May 5, 2020Assignee: SecureWorks Corp.Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas, Oliver J. Palmer, Jon Ramsey, Matt J. McCormack
-
Patent number: 10484423Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: GrantFiled: February 17, 2017Date of Patent: November 19, 2019Assignee: SecureWorks Corp.Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Patent number: 10333992Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: GrantFiled: February 17, 2017Date of Patent: June 25, 2019Assignee: Dell Products, LPInventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas, Oliver J. Palmer, Jon Ramsey, Matt J. McCormack
-
Publication number: 20190141079Abstract: Methods and systems for developing and distributing applications and data for building security applications can be provided. A plurality of data policies can be set for access and/or filtering security data based on selected parameters. One or more modules can be generated for processing the security data, with each of the modules governed by one or more module policies. Upon receipt of a request to initiate execution of the one or more modules to access and process a selected portion or filtered set of the security data, it can be determined if the request violates the data policies and/or the module policies applicable for processing the selected portion or filtered set of the security data, and if the data policies and/or the module policies are not violated, the one or more modules can be executed to process the selected portion or filtered set of the security data.Type: ApplicationFiled: November 6, 2017Publication date: May 9, 2019Applicant: SECUREWORKS CORP.Inventors: Timothy Vidas, Jon Ramsey, Aaron Hackworth, Robert Danford, William Urbanski
-
Patent number: 9961107Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: GrantFiled: February 17, 2017Date of Patent: May 1, 2018Assignee: SECUREWORKS CORP.Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Publication number: 20170243005Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: ApplicationFiled: February 17, 2017Publication date: August 24, 2017Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Publication number: 20170244734Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: ApplicationFiled: February 17, 2017Publication date: August 24, 2017Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Publication number: 20170244754Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: ApplicationFiled: February 17, 2017Publication date: August 24, 2017Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Publication number: 20170243004Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: ApplicationFiled: February 17, 2017Publication date: August 24, 2017Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas
-
Publication number: 20170244750Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: ApplicationFiled: February 17, 2017Publication date: August 24, 2017Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas, Oliver J. Palmer, Jon Ramsey, Matt J. McCormack
-
Publication number: 20170244762Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.Type: ApplicationFiled: February 17, 2017Publication date: August 24, 2017Inventors: Ross R. Kinder, Aaron Hackworth, Matthew K. Geiger, Kevin R. Moore, Timothy M. Vidas, Oliver J. Palmer, Jon Ramsey, Matt J. McCormack