Patents by Inventor David Endler

David Endler has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12632544
    Abstract: Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.
    Type: Grant
    Filed: August 2, 2024
    Date of Patent: May 19, 2026
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20260113311
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Application
    Filed: September 24, 2025
    Publication date: April 23, 2026
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20260093824
    Abstract: A process that includes receiving a session identity protection query that includes a target domain. The process further includes accessing a security database of compromised cookie data associated with a plurality of domains and determining the target domain is associated with first compromised cookie data of the compromised cookie data included in the security database. The process includes providing the first compromised cookie data in response the session identity protection query.
    Type: Application
    Filed: October 6, 2025
    Publication date: April 2, 2026
    Inventors: David Endler, Jacob Wagh, Nick Brands
  • Publication number: 20260080078
    Abstract: A process that includes receiving an identity risk query for a user, accessing a security database of available user information associated with a plurality of users, and identifying that the user is associated with first available user information of the available user information included in the security database. The process also includes generating a first identity risk score for the user based on the first available user information, and providing the first identity risk score in response to the identity risk query.
    Type: Application
    Filed: September 18, 2025
    Publication date: March 19, 2026
    Inventors: Alen Puzic, David Endler
  • Patent number: 12462051
    Abstract: A process that includes receiving an identity risk query for a user, accessing a security database of available user information associated with a plurality of users, and identifying that the user is associated with first available user information of the available user information included in the security database. The process also includes generating a first identity risk score for the user based on the first available user information, and providing the first identity risk score in response to the identity risk query.
    Type: Grant
    Filed: January 10, 2023
    Date of Patent: November 4, 2025
    Assignee: SpyCloud, Inc.
    Inventors: Alen Puzic, David Endler
  • Patent number: 12437079
    Abstract: A process that includes receiving a session identity protection query that includes a target domain. The process further includes accessing a security database of compromised cookie data associated with a plurality of domains and determining the target domain is associated with first compromised cookie data of the compromised cookie data included in the security database. The process includes providing the first compromised cookie data in response the session identity protection query.
    Type: Grant
    Filed: January 24, 2023
    Date of Patent: October 7, 2025
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Jacob Wagh, Nick Brands
  • Patent number: 12432197
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Grant
    Filed: December 18, 2023
    Date of Patent: September 30, 2025
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20250202934
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Application
    Filed: November 22, 2024
    Publication date: June 19, 2025
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20250036759
    Abstract: Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.
    Type: Application
    Filed: August 2, 2024
    Publication date: January 30, 2025
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 12166794
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Grant
    Filed: July 6, 2023
    Date of Patent: December 10, 2024
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 12093375
    Abstract: Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: September 17, 2024
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20240275777
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Application
    Filed: December 18, 2023
    Publication date: August 15, 2024
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20240248997
    Abstract: A process that includes receiving a session identity protection query that includes a target domain. The process further includes accessing a security database of compromised cookie data associated with a plurality of domains and determining the target domain is associated with first compromised cookie data of the compromised cookie data included in the security database. The process includes providing the first compromised cookie data in response the session identity protection query.
    Type: Application
    Filed: January 24, 2023
    Publication date: July 25, 2024
    Inventors: David Endler, Jacob Wagh, Nick Brands
  • Publication number: 20240232394
    Abstract: A process that includes receiving an identity risk query for a user, accessing a security database of available user information associated with a plurality of users, and identifying that the user is associated with first available user information of the available user information included in the security database. The process also includes generating a first identity risk score for the user based on the first available user information, and providing the first identity risk score in response to the identity risk query.
    Type: Application
    Filed: January 10, 2023
    Publication date: July 11, 2024
    Inventors: Alen Puzic, David Endler
  • Patent number: 11888843
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Grant
    Filed: June 22, 2022
    Date of Patent: January 30, 2024
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20240007500
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Application
    Filed: July 6, 2023
    Publication date: January 4, 2024
    Inventors: David Endler, Alen Puzk, Edward Ross
  • Patent number: 11750645
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Grant
    Filed: February 14, 2022
    Date of Patent: September 5, 2023
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11558409
    Abstract: Provided is a process that includes: obtaining with a distributed application comprising an identity management system, a first password; comparing with the distributed application, the first password to a set of compromised credentials within a database external to the network-accessible resource; receiving one or more passwords that match the first password based on the comparison; determining with the distributed application whether the one or more passwords satisfy a criterion; and in response to the determination that the one or more passwords satisfy the criterion, causing the first user associated with a first account and the first password to be notified that the first password has been compromised.
    Type: Grant
    Filed: October 29, 2019
    Date of Patent: January 17, 2023
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20220407849
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Application
    Filed: June 22, 2022
    Publication date: December 22, 2022
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11461458
    Abstract: Provided is a process that includes: obtaining, with one or more processors, a set of user-authentication credentials of a plurality of users; accessing, with one or more processors, a repository of breached credentials and determining, with one or more processors, an amount of the obtained set of user-authentication credentials in the repository of breached credentials, wherein the repository includes credentials from a plurality of entities obtained after the entities suffered a breach; and determining, with one or more processors, a score based on the amount of the set of user-authentication credentials in the repository of breached credentials, wherein the score is indicative of effectiveness of cybersecurity practices of the entity and the users associated with the entity.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: October 4, 2022
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross