Patents by Inventor Feiyin Zhang
Feiyin Zhang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10491624Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.Type: GrantFiled: May 4, 2018Date of Patent: November 26, 2019Assignee: Guidewire Software, Inc.Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
-
Patent number: 10218736Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.Type: GrantFiled: March 13, 2017Date of Patent: February 26, 2019Assignee: Guidewire Software, Inc.Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
-
Publication number: 20180359275Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.Type: ApplicationFiled: May 4, 2018Publication date: December 13, 2018Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco
-
Patent number: 10050989Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in one or more computer networks for an entity. Various embodiments include establishing a plurality of proxy connections with entity resources, evaluating performance of the proxy connections, and scoring the proxy connections based on performance. Various embodiments may further include automatically determining, based on the proxy score, a change or setting regarding the proxy connections. Various embodiments may also include automatically recommending, based on the assessed risk, computer network changes for the one or more computer networks to reduce the assessed risk. Some embodiments may include providing recommended computer network and/or policy changes to reduce the assessed risk, determining the entity has enacted some recommended network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.Type: GrantFiled: December 8, 2016Date of Patent: August 14, 2018Assignee: Guidewire Software, Inc.Inventors: George Y. Ng, Don Ma, Yuen Tsing Ooi, Feiyin Zhang, Fernando Tancioco, Jr.
-
Patent number: 10003609Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in one or more computer networks for an entity. Various embodiments include establishing a plurality of proxy connections with entity resources, evaluating performance of the proxy connections, and scoring the proxy connections based on performance. Various embodiments may further include automatically determining, based on the proxy score, a change or setting regarding the proxy connections. Various embodiments may also include automatically recommending, based on the assessed risk, computer network changes for the one or more computer networks to reduce the assessed risk. Some embodiments may include providing recommended computer network and/or policy changes to reduce the assessed risk, determining the entity has enacted some recommended network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.Type: GrantFiled: December 8, 2016Date of Patent: June 19, 2018Assignee: Guidewire Software, Inc.Inventors: George Y. Ng, Don Ma, Yuen Tsing Ooi, Feiyin Zhang, Fernando Tancioco, Jr.
-
Patent number: 9699209Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyzes. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, assessing cyber security vulnerabilities of the one or more cyber assets, calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.Type: GrantFiled: April 29, 2016Date of Patent: July 4, 2017Assignee: Cyence Inc.Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
-
Publication number: 20170187745Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.Type: ApplicationFiled: March 13, 2017Publication date: June 29, 2017Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, JR.
-
Publication number: 20170093904Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in one or more computer networks for an entity. Various embodiments include establishing a plurality of proxy connections with entity resources, evaluating performance of the proxy connections, and scoring the proxy connections based on performance. Various embodiments may further include automatically determining, based on the proxy score, a change or setting regarding the proxy connections. Various embodiments may also include automatically recommending, based on the assessed risk, computer network changes for the one or more computer networks to reduce the assessed risk. Some embodiments may include providing recommended computer network and/or policy changes to reduce the assessed risk, determining the entity has enacted some recommended network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.Type: ApplicationFiled: December 8, 2016Publication date: March 30, 2017Inventors: George Y. Ng, Don Ma, Yuen Tsing Ooi, Feiyin Zhang, Fernando Tancioco, JR.
-
Patent number: 9521160Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Various embodiments also include automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy, automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk, and providing one or more recommended computer network changes to reduce the assessed risk. Various embodiments further include enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity, determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.Type: GrantFiled: April 28, 2016Date of Patent: December 13, 2016Assignee: Cyence Inc.Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
-
Publication number: 20160248800Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, assessing cyber security vulnerabilities of the one or more cyber assets, calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.Type: ApplicationFiled: April 29, 2016Publication date: August 25, 2016Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, JR.
-
Publication number: 20160248799Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Various embodiments also include automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy, automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk, and providing one or more recommended computer network changes to reduce the assessed risk. Various embodiments further include enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity, determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.Type: ApplicationFiled: April 28, 2016Publication date: August 25, 2016Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, JR.