Patents by Inventor Edward T. Bellis
Edward T. Bellis has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11888887Abstract: Systems and methods for computing times to remediate for asset vulnerabilities are described herein. In an embodiment, a server computer receives first vulnerability data for a plurality of entities identifying asset vulnerabilities and timing data corresponding to the vulnerability data indicating an amount of time between identification of an asset vulnerability and a result of the asset vulnerability. The server computer identifies a strict subset of the first vulnerability data that belongs to a particular category of a first plurality of categories. The server computer receives second vulnerability data for a particular entity identifying asset vulnerabilities. The server computer identifies a strict subset of the second vulnerability data the belongs to the particular category. Based, at least in part, on the strict subset of the first vulnerability data, the server computer computes a time to remediate the asset vulnerabilities in the strict subset of the second vulnerability data.Type: GrantFiled: April 27, 2021Date of Patent: January 30, 2024Inventors: Michael Roytman, Edward T. Bellis, Jason Rolleston
-
Publication number: 20220207152Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: ApplicationFiled: March 14, 2022Publication date: June 30, 2022Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Publication number: 20220156385Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: ApplicationFiled: February 4, 2022Publication date: May 19, 2022Inventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Patent number: 11275844Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: GrantFiled: August 31, 2020Date of Patent: March 15, 2022Assignee: KENNA SECURITY LLCInventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Patent number: 11250137Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: GrantFiled: December 9, 2019Date of Patent: February 15, 2022Assignee: KENNA SECURITY LLCInventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Publication number: 20210336984Abstract: Systems and methods for computing times to remediate for asset vulnerabilities are described herein. In an embodiment, a server computer receives first vulnerability data for a plurality of entities identifying asset vulnerabilities and timing data corresponding to the vulnerability data indicating an amount of time between identification of an asset vulnerability and a result of the asset vulnerability. The server computer identifies a strict subset of the first vulnerability data that belongs to a particular category of a first plurality of categories. The server computer receives second vulnerability data for a particular entity identifying asset vulnerabilities. The server computer identifies a strict subset of the second vulnerability data the belongs to the particular category. Based, at least in part, on the strict subset of the first vulnerability data, the server computer computes a time to remediate the asset vulnerabilities in the strict subset of the second vulnerability data.Type: ApplicationFiled: April 27, 2021Publication date: October 28, 2021Inventors: Michael Roytman, Edward T. Bellis, Jason Rolleston
-
Publication number: 20200401704Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: ApplicationFiled: August 31, 2020Publication date: December 24, 2020Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Patent number: 10762212Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: GrantFiled: October 12, 2018Date of Patent: September 1, 2020Assignee: Kenna Security, Inc.Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Publication number: 20200110885Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: ApplicationFiled: December 9, 2019Publication date: April 9, 2020Inventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Patent number: 10503908Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: GrantFiled: April 4, 2017Date of Patent: December 10, 2019Assignee: KENNA SECURITY, INC.Inventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Publication number: 20190163917Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: ApplicationFiled: October 12, 2018Publication date: May 30, 2019Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Patent number: 10305925Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: GrantFiled: November 20, 2017Date of Patent: May 28, 2019Assignee: Kenna Security, Inc.Inventors: Michael Roytman, Edward T. Bellis, Jeffrey Heuer
-
Patent number: 10114954Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: GrantFiled: November 30, 2017Date of Patent: October 30, 2018Assignee: Kenna Security, Inc.Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Publication number: 20180077193Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: ApplicationFiled: November 20, 2017Publication date: March 15, 2018Inventors: Michael Roytman, Edward T. Bellis, Jeffrey Heuer
-
Patent number: 9825981Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: GrantFiled: November 16, 2015Date of Patent: November 21, 2017Assignee: Kenna Security, Inc.Inventors: Michael Roytman, Edward T. Bellis, Jeffrey Heuer
-
Publication number: 20160072835Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: ApplicationFiled: November 16, 2015Publication date: March 10, 2016Inventors: Michael Roytman, Edward T. Bellis, Jeffrey Heuer
-
Patent number: 9270695Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: GrantFiled: March 9, 2015Date of Patent: February 23, 2016Assignee: Risk I/O, Inc.Inventors: Michael Roytman, Edward T. Bellis, Jeffrey Heuer
-
Publication number: 20150237065Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: ApplicationFiled: March 9, 2015Publication date: August 20, 2015Inventors: MICHAEL ROYTMAN, EDWARD T. BELLIS, JEFFREY HEUER
-
Publication number: 20150237062Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: ApplicationFiled: February 14, 2014Publication date: August 20, 2015Applicant: Risk I/O, Inc.Inventors: Michael Roytman, Edward T. Bellis, Jeffrey Heuer
-
Patent number: 8984643Abstract: Techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.Type: GrantFiled: February 14, 2014Date of Patent: March 17, 2015Assignee: Risk I/O, Inc.Inventors: Michael Krisher, Edward T. Bellis, Jeffrey Heuer