Patents by Inventor George Y. Ng

George Y. Ng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200076859
    Abstract: Inferential analysis includes: assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least one accessible Internet elements; automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; and automatically recommending, based on the assessed risk, a computer network change to reduce the assessed risk.
    Type: Application
    Filed: October 24, 2019
    Publication date: March 5, 2020
    Inventors: George Y. Ng, Brian Wu, Ming Yang, Paul Yang, Fernando Tancioco, JR.
  • Publication number: 20200028872
    Abstract: Assessing risk of a cyber security failure in a computer network of an entity includes: assessing risk of an entity, using a computer agent configured to collect information from at least publicly accessible Internet elements, and automatically recommending, based at least in part on the assessed risk, changes to reduce the assessed risk to mitigate the theoretical damage. The assessed risk comprises a cyber security failure risk in a computer network of the entity; and the assessing of risk comprises: generating a disaster scenario that comprises elements of a disaster event; modeling the disaster scenario against a profile of the entity; and determining theoretical damage based at least in part on the modeling.
    Type: Application
    Filed: September 25, 2019
    Publication date: January 23, 2020
    Inventors: George Y. Ng, Frank Beier, Olivier Giulieri, Yoshifumi Yamamoto, Zheng Cheung
  • Patent number: 10511635
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments involve using continual or periodic data collecting to improve inferential analysis, as well as obtaining circumstantial or inferential information from social networks. Machine learning may be used to improve predicitive capabilities. Some embodiments allow for identification of an entity from circumstantial or inferential information based on the machine learning and comparative analyses.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: December 17, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Brian Wu, Ming Yang, Paul Yang, Fernando Tancioco, Jr.
  • Patent number: 10498759
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments include generating a disaster scenario that includes elements of a disaster event, modeling the disaster scenario against a profile of the computer network and the entity, determining theoretical damage based on the modeling, and updating a cyber security policy or a network change to mitigate the theoretical damage.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: December 3, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Frank Beier, Olivier Giulieri, Yoshifumi Yamamoto, Zheng Cheung
  • Patent number: 10491624
    Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: November 26, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
  • Publication number: 20190342343
    Abstract: Systems and methods for cyber risk analysis and remediation using network monitored sensors are provided herein. An example system includes one or more data collecting devices deployed within a network that collect entity information and monitor network traffic of the network that is related to security information. The network includes computing systems that are subject to a cyber risk policy having breach parameters defining one or more events that are indicative of a cyber security breach. A cyber security risk assessment and management system is used to automatically detect occurrence of one or more of the events that are indicative of a cyber security breach, automatically determine the breach parameters that apply for the one or more events that occurred, and generates a remediation of cyber security parameters for the network.
    Type: Application
    Filed: July 16, 2019
    Publication date: November 7, 2019
    Inventors: Arvind Parthasarathi, George Y. Ng, Matthew Honea
  • Patent number: 10404748
    Abstract: Systems and methods for cyber risk analysis and remediation using network monitored sensors are provided herein. An example system includes one or more data collecting devices deployed within a network that collect entity information and monitor network traffic of the network that is related to security information. The network includes computing systems that are subject to a cyber risk policy having breach parameters defining one or more events that are indicative of a cyber security breach. A cyber security risk assessment and management system is used to automatically detect occurrence of one or more of the events that are indicative of a cyber security breach, automatically determine the breach parameters that apply for the one or more events that occurred, and generates a remediation of cyber security parameters for the network.
    Type: Grant
    Filed: March 28, 2016
    Date of Patent: September 3, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: Arvind Parthasarathi, George Y. Ng, Matthew Honea
  • Patent number: 10341376
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Various embodiments also include automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy, automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk, and providing one or more recommended computer network changes to reduce the assessed risk. Various embodiments further include enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity, determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: July 2, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Arvind Parthasarathi
  • Patent number: 10291642
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Various embodiments also include automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy, automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk, and providing one or more recommended computer network changes to reduce the assessed risk. Various embodiments further include enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity, determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: May 14, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Arvind Parthasarathi
  • Patent number: 10230764
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments involve using continual or periodic data collecting to improve inferential analysis, as well as obtaining circumstantial or inferential information from social networks. Machine learning may be used to improve predicitive capabilities. Some embodiments allow for identification of an entity from circumstantial or inferential information based on the machine learning and comparative analyses.
    Type: Grant
    Filed: December 6, 2016
    Date of Patent: March 12, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Brian Wu, Ming Yang, Paul Yang, Fernando Tancioco, Jr.
  • Patent number: 10218736
    Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.
    Type: Grant
    Filed: March 13, 2017
    Date of Patent: February 26, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
  • Publication number: 20190035027
    Abstract: Various embodiments disclosed include, for each entity in a portfolio, receiving entity data indicative of attributes of an entity, determining the received entity data for at least some entities is missing a portion of the entity data required to perform a cyber risk analysis; and synthesizing the missing portion. The method may further include comparing the received entity data and synthesized missing portion for each of the entities to each other; locating clusters of similar entity data shared between two or more of the entities; and calculating a cyber risk score representing how different the entities are to one another based on the entity data that are not shared between entities. Some embodiments include comparing entities that are missing some entity data to entities which have complete entity data, and generating a synthesized portfolio by selecting entities having complete entity data to replace the entities that are missing entity data.
    Type: Application
    Filed: July 26, 2017
    Publication date: January 31, 2019
    Inventors: George Y. Ng, Yoshifumi Yamamoto, Brian Wu, Siddharth R. Ramakrishnan
  • Publication number: 20180359275
    Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.
    Type: Application
    Filed: May 4, 2018
    Publication date: December 13, 2018
    Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco
  • Publication number: 20180359281
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments involve using continual or periodic data collecting to improve inferential analysis, as well as obtaining circumstantial or inferential information from social networks. Machine learning may be used to improve predicitive capabilities. Some embodiments allow for identification of an entity from circumstantial or inferential information based on the machine learning and comparative analyses.
    Type: Application
    Filed: May 4, 2018
    Publication date: December 13, 2018
    Inventors: George Y. Ng, Brian Wu, Ming Yang, Paul Yang, Fernando Tancioco
  • Publication number: 20180359276
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments include generating a disaster scenario that includes elements of a disaster event, modeling the disaster scenario against a profile of the computer network and the entity, determining theoretical damage based on the modeling, and updating a cyber security policy or a network change to mitigate the theoretical damage.
    Type: Application
    Filed: May 4, 2018
    Publication date: December 13, 2018
    Inventors: George Y. Ng, Frank Beier, Olivier Giulieri, Yoshifumi Yamamoto, Zheng Cheung
  • Patent number: 10050990
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments include generating a disaster scenario that includes elements of a disaster event, modeling the disaster scenario against a profile of the computer network and the entity, determining theoretical damage based on the modeling, and updating a cyber security policy or a network change to mitigate the theoretical damage.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: August 14, 2018
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Frank Beier, Olivier Giulieri, Yoshifumi Yamamoto, Zheng Cheung
  • Patent number: 10050989
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in one or more computer networks for an entity. Various embodiments include establishing a plurality of proxy connections with entity resources, evaluating performance of the proxy connections, and scoring the proxy connections based on performance. Various embodiments may further include automatically determining, based on the proxy score, a change or setting regarding the proxy connections. Various embodiments may also include automatically recommending, based on the assessed risk, computer network changes for the one or more computer networks to reduce the assessed risk. Some embodiments may include providing recommended computer network and/or policy changes to reduce the assessed risk, determining the entity has enacted some recommended network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.
    Type: Grant
    Filed: December 8, 2016
    Date of Patent: August 14, 2018
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Don Ma, Yuen Tsing Ooi, Feiyin Zhang, Fernando Tancioco, Jr.
  • Patent number: 10003609
    Abstract: Various embodiments of the present technology include methods of assessing risk of a cyber security failure in one or more computer networks for an entity. Various embodiments include establishing a plurality of proxy connections with entity resources, evaluating performance of the proxy connections, and scoring the proxy connections based on performance. Various embodiments may further include automatically determining, based on the proxy score, a change or setting regarding the proxy connections. Various embodiments may also include automatically recommending, based on the assessed risk, computer network changes for the one or more computer networks to reduce the assessed risk. Some embodiments may include providing recommended computer network and/or policy changes to reduce the assessed risk, determining the entity has enacted some recommended network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.
    Type: Grant
    Filed: December 8, 2016
    Date of Patent: June 19, 2018
    Assignee: Guidewire Software, Inc.
    Inventors: George Y. Ng, Don Ma, Yuen Tsing Ooi, Feiyin Zhang, Fernando Tancioco, Jr.
  • Patent number: 9699209
    Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyzes. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, assessing cyber security vulnerabilities of the one or more cyber assets, calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: July 4, 2017
    Assignee: Cyence Inc.
    Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, Jr.
  • Publication number: 20170187745
    Abstract: Embodiments of the present technology relate to cyber attack vulnerability analyses. In one embodiment, a method includes determining an external infrastructure of an entity, the external infrastructure including one or more cyber assets utilized by the entity, collecting infrastructure information regarding the one or more cyber assets, performing passive cyber security vulnerability testing on the one or more cyber assets using the collected infrastructure information, and assessing cyber security vulnerabilities of the one or more cyber assets. The method may further include calculating an association score for the one or more cyber assets based on the assessed cyber security vulnerabilities, and automatically recommending, based on the association score, computer network changes to reduce the cyber security vulnerabilities.
    Type: Application
    Filed: March 13, 2017
    Publication date: June 29, 2017
    Inventors: George Y. Ng, Feiyin Zhang, Fernando Tancioco, JR.