Patents by Inventor Drew Dennison
Drew Dennison has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11580680Abstract: Embodiments of the present disclosure relate to a data analysis system that may receive data comprising a plurality of raw data items from one or more data sources, such as a monitoring agent located in a monitored network. The received data may be scored using one or more scoring rules and/or algorithms, with raw data items satisfying a score threshold designated as “data item leads.” Raw data items associated with a data item lead may be searched and displayed to the user via an interactive user interface. The data analysis system may be used to execute searches and additional enrichments against the received raw data items. The data analysis system may group received raw data items based upon shared attribute values. The data analysis system may be used to categorize received data and construct timelines, histograms, and/or other visualizations based upon the various attributes of the raw data items.Type: GrantFiled: December 13, 2019Date of Patent: February 14, 2023Assignee: Palantir Technologies Inc.Inventors: Timothy Yousaf, Drew Dennison, Paul Thoren, Khoa Pham, Eliot Ball, Spencer Tank, John McRaven, Lucas Ray, Jeffrey Tsui
-
Patent number: 11496509Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: GrantFiled: July 21, 2020Date of Patent: November 8, 2022Assignee: Palantir Technologies Inc.Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Patent number: 11470102Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.Type: GrantFiled: November 12, 2018Date of Patent: October 11, 2022Assignee: Palantir Technologies Inc.Inventors: Samuel Jones, Timothy Yousaf, Drew Dennison, Vivek Lakshmanan, Joseph Staehle, Samuel Kremin, Maxim Kesin, Taylor Heroux
-
Publication number: 20200351279Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: ApplicationFiled: July 21, 2020Publication date: November 5, 2020Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Patent number: 10728277Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: GrantFiled: October 1, 2018Date of Patent: July 28, 2020Assignee: Palantir Technologies Inc.Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Publication number: 20200118311Abstract: Embodiments of the present disclosure relate to a data analysis system that may receive data comprising a plurality of raw data items from one or more data sources, such as a monitoring agent located in a monitored network. The received data may be scored using one or more scoring rules and/or algorithms, with raw data items satisfying a score threshold designated as “data item leads.” Raw data items associated with a data item lead may be searched and displayed to the user via an interactive user interface. The data analysis system may be used to execute searches and additional enrichments against the received raw data items. The data analysis system may group received raw data items based upon shared attribute values. The data analysis system may be used to categorize received data and construct timelines, histograms, and/or other visualizations based upon the various attributes of the raw data items.Type: ApplicationFiled: December 13, 2019Publication date: April 16, 2020Inventors: Timothy Yousaf, Drew Dennison, Paul Thoren, Khoa Pham, Eliot Ball, Spencer Tank, John McRaven, Lucas Ray, Jeffrey Tsui
-
Patent number: 10552994Abstract: Embodiments of the present disclosure relate to a data analysis system that may receive data comprising a plurality of raw data items from one or more data sources, such as a monitoring agent located in a monitored network. The received data may be scored using one or more scoring rules and/or algorithms, with raw data items satisfying a score threshold designated as “data item leads.” Raw data items associated with a data item lead may be searched and displayed to the user via an interactive user interface. The data analysis system may be used to execute searches and additional enrichments against the received raw data items. The data analysis system may group received raw data items based upon shared attribute values. The data analysis system may be used to categorize received data and construct timelines, histograms, and/or other visualizations based upon the various attributes of the raw data items.Type: GrantFiled: September 21, 2015Date of Patent: February 4, 2020Assignee: Palantir Technologies Inc.Inventors: Timothy Yousaf, Drew Dennison, Paul Thoren, Khoa Pham, Eliot Ball, Spencer Tank, John McRaven, Lucas Ray, Jeffrey Tsui
-
Publication number: 20190081971Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.Type: ApplicationFiled: November 12, 2018Publication date: March 14, 2019Inventors: Samuel Jones, Timothy Yousaf, Drew Dennison, Vivek Lakshmanan, Joseph Staehle, Samuel Kremin, Maxim Kesin, Taylor Heroux
-
Publication number: 20190036945Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: ApplicationFiled: October 1, 2018Publication date: January 31, 2019Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Patent number: 10135863Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: GrantFiled: December 14, 2016Date of Patent: November 20, 2018Assignee: Palantir Technologies Inc.Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Patent number: 10129282Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.Type: GrantFiled: December 30, 2016Date of Patent: November 13, 2018Assignee: Palantir Technologies Inc.Inventors: Samuel Jones, Timothy Yousaf, Drew Dennison, Vivek Lakshmanan, Joseph Staehle, Samuel Kremin, Maxim Kesin, Taylor Heroux
-
Publication number: 20170134397Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: ApplicationFiled: December 14, 2016Publication date: May 11, 2017Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Publication number: 20170111381Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.Type: ApplicationFiled: December 30, 2016Publication date: April 20, 2017Inventors: Samuel Jones, Timothy Yousaf, Drew Dennison, Vivek Lakshmanan, Joseph Staehle, Samuel Kremin, Maxim Kesin, Taylor Heroux
-
Patent number: 9558352Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: GrantFiled: April 28, 2015Date of Patent: January 31, 2017Assignee: Palantir Technologies Inc.Inventors: Drew Dennison, Geoff Stowe, Adam Anderson
-
Patent number: 9537880Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.Type: GrantFiled: December 29, 2015Date of Patent: January 3, 2017Assignee: PALANTIR TECHNOLOGIES INC.Inventors: Samuel Jones, Timothy Yousaf, Drew Dennison, Vivek Lakshmanan, Joseph Staehle, Samuel Kremin, Maxim Kesin, Taylor Heroux
-
Publication number: 20160180557Abstract: Embodiments of the present disclosure relate to a data analysis system that may receive data comprising a plurality of raw data items from one or more data sources, such as a monitoring agent located in a monitored network. The received data may be scored using one or more scoring rules and/or algorithms, with raw data items satisfying a score threshold designated as “data item leads.” Raw data items associated with a data item lead may be searched and displayed to the user via an interactive user interface. The data analysis system may be used to execute searches and additional enrichments against the received raw data items. The data analysis system may group received raw data items based upon shared attribute values. The data analysis system may be used to categorize received data and construct timelines, histograms, and/or other visualizations based upon the various attributes of the raw data items.Type: ApplicationFiled: September 21, 2015Publication date: June 23, 2016Inventors: Timothy Yousaf, Drew Dennison, Paul Thoren, Khoa Pham, Eliot Ball, Spencer Tank, John McRaven, Lucas Ray, Jeffrey Tsui
-
Patent number: 9043894Abstract: A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.Type: GrantFiled: February 6, 2015Date of Patent: May 26, 2015Assignee: Palantir Technologies Inc.Inventors: Drew Dennison, Geoff Stowe, Adam Anderson