Patents by Inventor Atif Mahadik
Atif Mahadik has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11968101Abstract: Techniques are described for enabling a cloud-based IT and security operations application to execute playbooks containing custom code in a manner that mitigates types of risk related to the misuse of cloud-based resources and security of user data. Users use a client application to create and modify playbooks and, upon receiving input to save a playbook, the client application determines whether the playbook includes custom code. If the client application determines that the playbook includes custom code, the client application establishes a connection with a proxy application (also referred to as an “automation broker”) running in the user's own on-premises network and sends a representation of the playbook to the proxy application. The client application further sends to the IT and security operations application an identifier of the playbook and an indication that the playbook (or the custom code portions of the playbook) is stored within the user's on-premises network.Type: GrantFiled: May 16, 2023Date of Patent: April 23, 2024Assignee: Splunk Inc.Inventors: Chakravarthy Sridhar, Minjie Qiu, Atif Mahadik
-
Patent number: 11895143Abstract: Systems, methods, and software described herein provide action recommendations to administrators of a computing environment based on effectiveness of previously implemented actions. In one example, an advisement system identifies a security incident for an asset in the computing environment, and obtains enrichment information for the incident. Based on the enrichment information a rule set and associated recommended security actions are identified for the incident. Once the recommended security actions are identified, a subset of the action recommendations are organized based on previous action implementations in the computing environment, and the subset is provided to an administrator for selection.Type: GrantFiled: May 20, 2021Date of Patent: February 6, 2024Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Publication number: 20240031397Abstract: Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.Type: ApplicationFiled: August 8, 2023Publication date: January 25, 2024Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11870802Abstract: Systems, methods, and software described herein provide security actions based on related security threat communications. In one example, a method of operating an advisement system includes identifying a security threat within the computing environment, wherein the computing environment comprises a plurality of computing assets. The method further provides obtaining descriptor information for the security threat, and retrieving related communication interactions based on the descriptor information. The method also includes generating a response to the security threat based on the related communication interactions.Type: GrantFiled: March 31, 2022Date of Patent: January 9, 2024Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11863583Abstract: Described herein are systems and methods for enhancing an interface for an information technology (IT) environment. In one implementation, an incident service causes display of a first version of a course of action and obtains input indicative of a request for a new action in the course of action. The incident service further determines suggested actions based at least one the input and causes display of the suggested actions. Once displayed, the incident service obtains input indicative of a selection of at least one action from the suggested actions, and causes display input indicative of a selection of at least one action from the suggested actions.Type: GrantFiled: May 21, 2021Date of Patent: January 2, 2024Assignee: Splunk Inc.Inventors: Oliver Friedrichs, Atif Mahadik, Govind Salinas, Sourabh Satish
-
Publication number: 20230388338Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.Type: ApplicationFiled: August 1, 2023Publication date: November 30, 2023Inventors: Sourabh SATISH, Oliver FRIEDRICHS, Atif MAHADIK, Govind SALINAS
-
Patent number: 11811587Abstract: Described herein are systems, methods, and software to enhance the management of responses to incidents. In one example, a method of improving incident response comprises identifying an incident in an information technology (IT) environment associated with a first entity of a plurality of entities, and identifying action implementation information related to the incident. The method further anonymizes the action implementation information for the incident, and determines action suggestions based at least on the anonymized action implementation information.Type: GrantFiled: January 23, 2023Date of Patent: November 7, 2023Assignee: Splunk Inc.Inventors: Oliver Friedrichs, Atif Mahadik, Govind Salinas, Sourabh Satish
-
Patent number: 11805148Abstract: Systems, methods, and software described herein provide for managing service level agreements (SLAs) for security incidents in a computing environment. In one example, an advisement system identifies a rule set for a security incident based on enrichment information obtained for the security incident, wherein the rule set is associated with action recommendations to be taken against the incident. The advisement system further identifies a default SLA for the security incident based on the rule set, and obtains environmental characteristics related to the security incident. Based on the environmental characteristics, the advisement system determines a modified SLA for the security incident.Type: GrantFiled: October 28, 2021Date of Patent: October 31, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11765198Abstract: Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.Type: GrantFiled: February 25, 2021Date of Patent: September 19, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11757925Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.Type: GrantFiled: April 27, 2021Date of Patent: September 12, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11716260Abstract: Techniques are described for enabling a cloud-based IT and security operations application to execute playbooks containing custom code in a manner that mitigates types of risk related to the misuse of cloud-based resources and security of user data. Users use a client application to create and modify playbooks and, upon receiving input to save a playbook, the client application determines whether the playbook includes custom code. If the client application determines that the playbook includes custom code, the client application establishes a connection with a proxy application (also referred to as an “automation broker”) running in the user's own on-premises network and sends a representation of the playbook to the proxy application. The client application further sends to the IT and security operations application an identifier of the playbook and an indication that the playbook (or the custom code portions of the playbook) is stored within the user's on-premises network.Type: GrantFiled: October 5, 2022Date of Patent: August 1, 2023Assignee: Splunk Inc.Inventors: Chakravarthy Sridhar, Minjie Qiu, Atif Mahadik
-
Patent number: 11677780Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.Type: GrantFiled: November 25, 2020Date of Patent: June 13, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11658998Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.Type: GrantFiled: May 3, 2021Date of Patent: May 23, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11652849Abstract: Systems, methods, and software described herein provide for identifying recommended feature sets for new security applications. In one example, a method of providing recommended feature sets for a new security application includes identifying a request for the new security application, and determining a classification for the new security application. The method further provides identifying related applications to the new security application based on the classification, and identifying a feature set for the new security application based on features provided in the related applications.Type: GrantFiled: December 17, 2020Date of Patent: May 16, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas, Ryan Russell
-
Patent number: 11647043Abstract: Systems, methods, and software described herein provide for identifying and implementing security actions within a computing environment. In one example, a method of operating an advisement system to provide security actions in a computing environment includes identifying communication interactions between a plurality of computing assets and, after identifying the communication interactions, identifying a security incident in a first computing asset. The method further provides identifying at least one related computing asset to the first asset based on the communication interactions, and determining the security actions to be taken in the first computing asset and the related computing asset.Type: GrantFiled: April 30, 2020Date of Patent: May 9, 2023Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
-
Patent number: 11588678Abstract: Described herein are systems, methods, and software to enhance the management of responses to incidents. In one example, a method of improving incident response comprises identifying an incident in an information technology (IT) environment associated with a first entity of a plurality of entities, and identifying action implementation information related to the incident. The method further anonymizes the action implementation information for the incident, and determines action suggestions based at least on the anonymized action implementation information.Type: GrantFiled: August 20, 2021Date of Patent: February 21, 2023Assignee: Splunk Inc.Inventors: Oliver Friedrichs, Atif Mahadik, Govind Salinas, Sourabh Satish
-
Publication number: 20230027188Abstract: Techniques are described for enabling a cloud-based IT and security operations application to execute playbooks containing custom code in a manner that mitigates types of risk related to the misuse of cloud-based resources and security of user data. Users use a client application to create and modify playbooks and, upon receiving input to save a playbook, the client application determines whether the playbook includes custom code. If the client application determines that the playbook includes custom code, the client application establishes a connection with a proxy application (also referred to as an “automation broker”) running in the user's own on-premises network and sends a representation of the playbook to the proxy application. The client application further sends to the IT and security operations application an identifier of the playbook and an indication that the playbook (or the custom code portions of the playbook) is stored within the user's on-premises network.Type: ApplicationFiled: October 5, 2022Publication date: January 26, 2023Applicant: Splunk Inc.Inventors: Chakravarthy SRIDHAR, Minjie QIU, Atif MAHADIK
-
Patent number: 11501184Abstract: Described herein are improvements for generating courses of action for an information technology (IT) environment. In one example, a method includes determining that a decision step occurs between a one step and two or more other steps of a first course of action associated with an incident type in the information technology environment. The method further includes determining possible outputs of the one step that, when used as input to the decision step, cause the first course of action to proceed from the decision step to respective steps of the two or more other steps. The method also includes incorporating logic into the decision step to direct the course of action to respective steps of the two or more other steps based on one or more of the possible outputs.Type: GrantFiled: August 31, 2018Date of Patent: November 15, 2022Assignee: Splunk Inc.Inventors: Atif Mahadik, Govind Salinas, Sourabh Satish
-
Patent number: 11496371Abstract: Techniques are described for enabling a cloud-based IT and security operations application to execute playbooks containing custom code in a manner that mitigates types of risk related to the misuse of cloud-based resources and security of user data. Users use a client application to create and modify playbooks and, upon receiving input to save a playbook, the client application determines whether the playbook includes custom code. If the client application determines that the playbook includes custom code, the client application establishes a connection with a proxy application (also referred to as an “automation broker”) running in the user's own on-premises network and sends a representation of the playbook to the proxy application. The client application further sends to the IT and security operations application an identifier of the playbook and an indication that the playbook (or the custom code portions of the playbook) is stored within the user's on-premises network.Type: GrantFiled: April 5, 2021Date of Patent: November 8, 2022Assignee: Splunk Inc.Inventors: Chakravarthy Sridhar, Minjie Qiu, Atif Mahadik
-
Patent number: 11323472Abstract: Systems, methods, and software described herein provide security actions based on related security threat communications. In one example, a method of operating an advisement system includes identifying a security threat within the computing environment, wherein the computing environment comprises a plurality of computing assets. The method further provides obtaining descriptor information for the security threat, and retrieving related communication interactions based on the descriptor information. The method also includes generating a response to the security threat based on the related communication interactions.Type: GrantFiled: September 25, 2020Date of Patent: May 3, 2022Assignee: Splunk Inc.Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas