Patents by Inventor Brian Frederik Hosea Che HEIN
Brian Frederik Hosea Che HEIN has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11962609Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.Type: GrantFiled: February 12, 2016Date of Patent: April 16, 2024Assignee: Micro Focus LLCInventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Patent number: 11356484Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.Type: GrantFiled: February 12, 2016Date of Patent: June 7, 2022Assignee: Micro Focus LLCInventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Patent number: 10956565Abstract: Examples disclosed herein relate to visualization of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a first data record comprising a security indicator, and a second data record. Some examples may further enable providing a visual representation of the first data record, the second data record, and the association, wherein the first data record represents a first node in the visual representation, the second data record represents a second node in the visual representation, and the association represents an edge that connects the first node and the second node.Type: GrantFiled: February 12, 2016Date of Patent: March 23, 2021Assignee: MICRO FOCUS LLCInventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Patent number: 10896259Abstract: In one example in accordance with the present disclosure, a method for threat score determination includes detecting a change in malicious activity for a security object. The method also includes identifying an indicator that provides contextual information for the security object and determining a linked resource that is associated with a database record of the security object. The method also includes determining a first threat score associated with the security object and determining a relationship between the linked resource and the security object. The method also includes determining a second threat score associated with the linked resource based on the indicator, the threat score of the linked object and the relationship between the linked resource and the security object.Type: GrantFiled: September 28, 2015Date of Patent: January 19, 2021Assignee: MICRO FOCUS LLCInventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Publication number: 20200351292Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.Type: ApplicationFiled: February 12, 2016Publication date: November 5, 2020Inventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Patent number: 10764329Abstract: Examples disclosed herein relate to associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform that enables sharing of security information among a plurality of users, an association between a first security indicator comprising a first observable and a first data record based on sightings of the first observable by at least one source entity associated with the first data record. Some examples may further enable obtaining a search query that specifies the first security indicator, and identifying a set of data records that satisfy the search query. The set of data records may include the first data record.Type: GrantFiled: September 25, 2015Date of Patent: September 1, 2020Assignee: Micro Focus LLCInventors: Tomas Sander, Nadav Cohen, Brian Frederik Hosea Che Hein, Ted Ross
-
Patent number: 10715534Abstract: Examples relate to collaborative security lists. The examples disclosed herein enable obtaining a first candidate entry suggested by a first user of a community to be included in a collaborative security list. The collaborative security list may comprise a list of entries known to be secure or a list of entries known to be insecure. The examples disclosed herein further enable providing a candidate security list comprising at least the first candidate entry to the community and obtaining, from a second user of the community, a first score indicating how confident the second user is that the first candidate entry is secure. The examples disclosed herein further enable determining whether to include the first candidate entry in the collaborative security list based on the first score.Type: GrantFiled: January 30, 2015Date of Patent: July 14, 2020Assignee: MICRO FOCUS LLCInventors: Tomas Sander, Prasad V. Rao, Brian Frederik Hosea Che Hein
-
Patent number: 10701044Abstract: Examples disclosed herein relate to sharing of community-based security information. Some examples may enable generating a first community on a security information sharing platform that enables sharing of security information among a plurality of communities; obtaining a first security indicator from a first user of the first community; providing the first security indicator to the first community; obtaining contextual information related to the first security indicator from a second user of the first community; including the first security indicator and the contextual information related to the first security indicator in the security information of the first community; and encrypting a portion of the security information of the first community with an encryption key, wherein the encryption key is unavailable to users outside of the first community.Type: GrantFiled: June 26, 2015Date of Patent: June 30, 2020Assignee: MICRO FOCUS LLCInventors: Tomas Sander, Nadav Cohen, Brian Frederik Hosea Che Hein, Amir Kibbar, Ted Ross
-
Patent number: 10693914Abstract: Examples disclosed herein relate to alerts for communities of a security information sharing platform. Some examples may enable obtaining a security indicator from a user of a first community of a security information sharing platform that enables sharing of security information among a plurality of communities; including the security indicator in community-based security information associated with the first community, the first security indicator comprising a first observable; sharing the first security indicator with the security information sharing platform; obtaining, from the security information sharing platform, information related to sightings of the first observable; and providing a first alert to the first community based on the information related to the sightings of the first observable.Type: GrantFiled: June 26, 2015Date of Patent: June 23, 2020Assignee: Micro Focus LLCInventors: Tomas Sander, Nadav Cohen, Brian Frederik Hosea Che Hein, Ted Ross
-
Patent number: 10356109Abstract: According to an example, security indicator linkage determination may include parsing input data that is used to determine a plurality of sequences of steps that are involved in attacks. A linkage selected from temporal, spatial, and/or behavioral linkages may be applied to the parsed input data to determine the plurality of sequences of steps. A security indicator that is related to a potential attack may be received. The plurality of sequences of steps may be used to determine whether the security indicator matches a step in one of the plurality of sequences of steps. In response to a determination that the security indicator matches a step in one of the plurality of sequences of steps, linkage between the security indicator and another security indicator from the one of the plurality of sequences of steps that are involved in the attacks may be identified.Type: GrantFiled: July 21, 2014Date of Patent: July 16, 2019Assignee: ENTIT SOFTWARE LLCInventors: Anurag Singla, Edward Ross, Brian Frederik Hosea Che Hein
-
Publication number: 20190050563Abstract: Examples disclosed herein relate to visualization of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a first data record comprising a security indicator, and a second data record. Some examples may further enable providing a visual representation of the first data record, the second data record, and the association, wherein the first data record represents a first node in the visual representation, the second data record represents a second node in the visual representation, and the association represents an edge that connects the first node and the second node.Type: ApplicationFiled: February 12, 2016Publication date: February 14, 2019Inventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Publication number: 20190028516Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform, Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.Type: ApplicationFiled: February 12, 2016Publication date: January 24, 2019Inventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Publication number: 20180359232Abstract: Examples disclosed herein relate to sharing of community-based security information. Some examples may enable generating a first community on a security information sharing platform that enables sharing of security information among a plurality of communities; obtaining a first security indicator from a first user of the first community; providing the first security indicator to the first community; obtaining contextual information related to the first security indicator from a second user of the first community; including the first security indicator and the contextual information related to the first security indicator in the security information of the first community; and encrypting a portion of the security information of the first community with an encryption key, wherein the encryption key is unavailable to users outside of the first community.Type: ApplicationFiled: June 26, 2015Publication date: December 13, 2018Inventors: Tomas Sander, Nadav COHEN, Brian Frederik Hosea Che HEIN, Amir KIBBAR, Ted ROSS
-
Publication number: 20180314834Abstract: In one example in accordance with the present disclosure, a method for threat score determination includes detecting a change in malicious activity for a security object. The method also includes identifying an indicator that provides contextual information for the security object and determining a linked resource that is associated with a database record of the security object. The method also includes determining a first threat score associated with the security object and determining a relationship between the linked resource and the security object. The method also includes determining a second threat score associated with the linked resource based on the indicator, the threat score of the linked object and the relationship between the linked resource and the security object.Type: ApplicationFiled: September 28, 2015Publication date: November 1, 2018Inventors: Tomas Sander, Brian Frederik Hosea Che Hein, Nadav Cohen, Ted Ross
-
Publication number: 20180255104Abstract: Examples disclosed herein relate to associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform that enables sharing of security information among a plurality of users, an association between a first security indicator comprising a first observable and a first data record based on sightings of the first observable by at least one source entity associated with the first data record. Some examples may further enable obtaining a search query that specifies the first security indicator, and identifying a set of data records that satisfy the search query. The set of data records may include the first data record.Type: ApplicationFiled: September 25, 2015Publication date: September 6, 2018Inventors: Tomas Sander, Nadav Cohen, Brian Frederik Hosea Che Hein, Ted Ross
-
Publication number: 20180234458Abstract: Examples disclosed herein relate to alerts for communities of a security information sharing platform. Some examples may enable obtaining a security indicator from a user of a first community of a security information sharing platform that enables sharing of security information among a plurality of communities; including the security indicator in community-based security information associated with the first community, the first security indicator comprising a first observable; sharing the first security indicator with the security information sharing platform; obtaining, from the security information sharing platform, information related to sightings of the first observable; and providing a first alert to the first community based on the information related to the sightings of the first observable.Type: ApplicationFiled: June 26, 2015Publication date: August 16, 2018Inventors: Tomas Sander, Nadav Cohen, Brian Frederik Hosea Che Hein, Ted Ross
-
Publication number: 20180013774Abstract: Examples relate to collaborative security lists. The examples disclosed herein enable obtaining a first candidate entry suggested by a first user of a community to be included in a collaborative security list. The collaborative security list may comprise a list of entries known to be secure or a list of entries known to be insecure. The examples disclosed herein further enable providing a candidate security list comprising at least the first candidate entry to the community and obtaining, from a second user of the community, a first score indicating how confident the second user is that the first candidate entry is secure. The examples disclosed herein further enable determining whether to include the first candidate entry in the collaborative security list based on the first score.Type: ApplicationFiled: January 30, 2015Publication date: January 11, 2018Inventors: Tomas SANDER, Prasad V. RAO, Brian Frederik Hosea Che HEIN
-
Publication number: 20170187730Abstract: According to an example, security indicator linkage determination may include parsing input data that is used to determine a plurality of sequences of steps that are involved in attacks. A linkage selected from temporal, spatial, and/or behavioral linkages may be applied to the parsed input data to determine the plurality of sequences of steps. A security indicator that is related to a potential attack may be received. The plurality of sequences of steps may be used to determine whether the security indicator matches a step in one of the plurality of sequences of steps. In response to a determination that the security indicator matches a step in one of the plurality of sequences of steps, linkage between the security indicator and another security indicator from the one of the plurality of sequences of steps that are involved in the attacks may be identified.Type: ApplicationFiled: July 21, 2014Publication date: June 29, 2017Inventors: Anurag SINGLA, Edward ROSS, Brian Frederik Hosea Che HEIN