Patents by Inventor Edward Ross

Edward Ross has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12632544
    Abstract: Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.
    Type: Grant
    Filed: August 2, 2024
    Date of Patent: May 19, 2026
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20260113311
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Application
    Filed: September 24, 2025
    Publication date: April 23, 2026
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 12432197
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Grant
    Filed: December 18, 2023
    Date of Patent: September 30, 2025
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20250202934
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Application
    Filed: November 22, 2024
    Publication date: June 19, 2025
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20250036759
    Abstract: Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.
    Type: Application
    Filed: August 2, 2024
    Publication date: January 30, 2025
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 12166794
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Grant
    Filed: July 6, 2023
    Date of Patent: December 10, 2024
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 12093375
    Abstract: Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: September 17, 2024
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20240275777
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Application
    Filed: December 18, 2023
    Publication date: August 15, 2024
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11888843
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Grant
    Filed: June 22, 2022
    Date of Patent: January 30, 2024
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20240007500
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Application
    Filed: July 6, 2023
    Publication date: January 4, 2024
    Inventors: David Endler, Alen Puzk, Edward Ross
  • Patent number: 11750645
    Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.
    Type: Grant
    Filed: February 14, 2022
    Date of Patent: September 5, 2023
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11558409
    Abstract: Provided is a process that includes: obtaining with a distributed application comprising an identity management system, a first password; comparing with the distributed application, the first password to a set of compromised credentials within a database external to the network-accessible resource; receiving one or more passwords that match the first password based on the comparison; determining with the distributed application whether the one or more passwords satisfy a criterion; and in response to the determination that the one or more passwords satisfy the criterion, causing the first user associated with a first account and the first password to be notified that the first password has been compromised.
    Type: Grant
    Filed: October 29, 2019
    Date of Patent: January 17, 2023
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Publication number: 20220407849
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Application
    Filed: June 22, 2022
    Publication date: December 22, 2022
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11461458
    Abstract: Provided is a process that includes: obtaining, with one or more processors, a set of user-authentication credentials of a plurality of users; accessing, with one or more processors, a repository of breached credentials and determining, with one or more processors, an amount of the obtained set of user-authentication credentials in the repository of breached credentials, wherein the repository includes credentials from a plurality of entities obtained after the entities suffered a breach; and determining, with one or more processors, a score based on the amount of the set of user-authentication credentials in the repository of breached credentials, wherein the score is indicative of effectiveness of cybersecurity practices of the entity and the users associated with the entity.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: October 4, 2022
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11438360
    Abstract: Provided is a process that includes: obtaining, with one or more processors, a query identifying a user identification; retrieving, with one or more processors, via an application programming interface, from a database, one or more passwords associated with one or more user identification entries in the database that matches the user identification in response to the obtained query; determining, with one or more processors, whether the one or more passwords matches a password associated with the user identification; blocking, with one or more processors, access to a user account associated with the user identification and the password when the one or more passwords matches the password associated with the user identification; and notifying, with one or more processors, a user associated with the user account to reset the password when the one or more passwords matches the password associated with the user identification.
    Type: Grant
    Filed: October 29, 2019
    Date of Patent: September 6, 2022
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 11399021
    Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.
    Type: Grant
    Filed: October 29, 2019
    Date of Patent: July 26, 2022
    Assignee: SpyCloud, Inc.
    Inventors: David Endler, Alen Puzic, Edward Ross
  • Patent number: 10693895
    Abstract: According to an example, security indicator access determination may include determining a security indicator that is received from a first entity by a security indicator sharing platform for sharing with a second entity. A rule associated with identification of a third entity that has access to the security indicator may be analyzed. The third entity may be different from the second entity, and if the second entity belongs to a community, the third entity may not be in the community of the second entity. A determination may be made as to whether to identify the third entity based on the analysis of the rule. In response to a determination that the third entity is to be identified or not to be identified, the third entity may be identified to the first entity, or not identified to the first entity.
    Type: Grant
    Filed: July 22, 2014
    Date of Patent: June 23, 2020
    Assignee: Micro Focus LLC
    Inventors: Anurag Singla, Amir Kibbar, Tomas Sander, Edward Ross, Serhan Shbeita
  • Patent number: 10356109
    Abstract: According to an example, security indicator linkage determination may include parsing input data that is used to determine a plurality of sequences of steps that are involved in attacks. A linkage selected from temporal, spatial, and/or behavioral linkages may be applied to the parsed input data to determine the plurality of sequences of steps. A security indicator that is related to a potential attack may be received. The plurality of sequences of steps may be used to determine whether the security indicator matches a step in one of the plurality of sequences of steps. In response to a determination that the security indicator matches a step in one of the plurality of sequences of steps, linkage between the security indicator and another security indicator from the one of the plurality of sequences of steps that are involved in the attacks may be identified.
    Type: Grant
    Filed: July 21, 2014
    Date of Patent: July 16, 2019
    Assignee: ENTIT SOFTWARE LLC
    Inventors: Anurag Singla, Edward Ross, Brian Frederik Hosea Che Hein
  • Patent number: 10289838
    Abstract: Example embodiments disclosed herein relate to determining threat scores for threat observables. Information about multiple threat observables are received from providing entities. The information about the threat observables include at least one attribute about a respective threat associated with the threat observable. Threat scores are determined for the respective threat observables for multiple entities. In one example, a first score of a first one of the threat observables is determined and is different than a second score of the first threat observable for a second entity based on a treatment of the attribute(s).
    Type: Grant
    Filed: February 21, 2014
    Date of Patent: May 14, 2019
    Assignee: ENTIT SOFTWARE LLC
    Inventors: Anurag Singla, Tomas Sander, Edward Ross
  • Patent number: 10104112
    Abstract: Example embodiments disclosed herein relate to update a rating of threat submitters. Information is received of threat observables from threat submitters. Information about the threat observables is provided to one or more entities. Feedback about a threat observable is received from one of the entities. A rating of the threat submitter associated with the feedback is updated.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: October 16, 2018
    Assignee: Entit Software, LLC
    Inventors: Anurag Singla, Tomas Sander, Edward Ross