Patents by Inventor Jeffrey J. Guy

Jeffrey J. Guy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240364695
    Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.
    Type: Application
    Filed: May 28, 2024
    Publication date: October 31, 2024
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jacob Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
  • Patent number: 12088597
    Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained in
    Type: Grant
    Filed: March 31, 2023
    Date of Patent: September 10, 2024
    Assignee: Sevco Security, Inc.
    Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
  • Patent number: 12034735
    Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.
    Type: Grant
    Filed: September 22, 2023
    Date of Patent: July 9, 2024
    Assignee: Sevco Security, Inc.
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jacob Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
  • Publication number: 20240187455
    Abstract: A method includes: generating a manifest of assets during the target time interval; labeling each asset in the manifest of assets with a set of attributes exhibited by the asset during the target time interval; defining a first attribute category exhibiting a first combination of attributes; assigning a first action to the first attribute category; identifying a subset of assets in the manifest of assets matching the first attribute category, each asset in the subset of assets exhibiting a set of attributes including the first combination of attributes; and executing the first action on the first subset of assets.
    Type: Application
    Filed: December 15, 2023
    Publication date: June 6, 2024
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Aaron Griffin, Michael Alfonse, Jacob Hackett, Nick Murdock, Jim LoRusso, Jason McFarland, Luis Diego Cabezas
  • Patent number: 11882157
    Abstract: A method includes: generating a manifest of assets during the target time interval; labeling each asset in the manifest of assets with a set of attributes exhibited by the asset during the target time interval; defining a first attribute category exhibiting a first combination of attributes; assigning a first action to the first attribute category; identifying a subset of assets in the manifest of assets matching the first attribute category, each asset in the subset of assets exhibiting a set of attributes including the first combination of attributes; and executing the first action on the first subset of assets.
    Type: Grant
    Filed: January 25, 2023
    Date of Patent: January 23, 2024
    Assignee: Sevco Security, Inc.
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolemeo, Aaron Griffin, Michael Alfonse, Jacob Hackett, Nick Murdock, Jim LoRusso, Jason McFarland, Luis Diego Cabezas
  • Publication number: 20240015164
    Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of users affiliated with a computer network; partitioning the objects into object groups, each object group representing a particular user; for each object group, aggregating objects in the object group into a user container, in a set of user containers, representing a user during the first time interval; generating a manifest of users affiliated with the computer network during the first time interval based on the set of user containers; and, in response to selection of a first user in the manifest of users at an operator portal: generating a visualization representing a set of attributes exhibited by the first user during the first time interval.
    Type: Application
    Filed: September 22, 2023
    Publication date: January 11, 2024
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jake Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
  • Publication number: 20240015165
    Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.
    Type: Application
    Filed: September 22, 2023
    Publication date: January 11, 2024
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jake Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
  • Publication number: 20230328108
    Abstract: A method includes identifying a first group of objects generated by security tools during a first time interval and containing cotemporal, analogous characteristics identifying a first endpoint device connected to a computer network; based on the first group of objects, confirming detection of the first endpoint device by a first security tool and a second security tool during the first time interval; identifying a second group of objects generated by security tools during a second time interval and containing cotemporal, analogous characteristics identifying the first endpoint device; based on the second group of objects, confirming detection of the first endpoint device by the second security tool during the second time interval; and responsive to absence of detection of the first endpoint device by the first security tool during the second time interval, generating a source remove event specifying removal of the first security tool from the first endpoint device.
    Type: Application
    Filed: April 12, 2023
    Publication date: October 12, 2023
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Luis Diego Cabezas
  • Publication number: 20230308452
    Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained in
    Type: Application
    Filed: March 31, 2023
    Publication date: September 28, 2023
    Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
  • Publication number: 20230247057
    Abstract: A method includes: generating a manifest of assets during the target time interval; labeling each asset in the manifest of assets with a set of attributes exhibited by the asset during the target time interval; defining a first attribute category exhibiting a first combination of attributes; assigning a first action to the first attribute category; identifying a subset of assets in the manifest of assets matching the first attribute category, each asset in the subset of assets exhibiting a set of attributes including the first combination of attributes; and executing the first action on the first subset of assets.
    Type: Application
    Filed: January 25, 2023
    Publication date: August 3, 2023
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolemeo, Aaron Griffin, Michael Alfonse, Jake Hackett, Nick Murdock, Jim LoRusso, Jason McFarland, Luis Diego Cabezas
  • Patent number: 11659008
    Abstract: A method includes identifying a first group of objects generated by security tools during a first time interval and containing cotemporal, analogous characteristics identifying a first endpoint device connected to a computer network; based on the first group of objects, confirming detection of the first endpoint device by a first security tool and a second security tool during the first time interval; identifying a second group of objects generated by security tools during a second time interval and containing cotemporal, analogous characteristics identifying the first endpoint device; based on the second group of objects, confirming detection of the first endpoint device by the second security tool during the second time interval; and responsive to absence of detection of the first endpoint device by the first security tool during the second time interval, generating a source remove event specifying removal of the first security tool from the first endpoint device.
    Type: Grant
    Filed: July 8, 2022
    Date of Patent: May 23, 2023
    Assignee: Sevco Security, Inc.
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Luis Diego Cabezas
  • Patent number: 11647027
    Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained in
    Type: Grant
    Filed: April 13, 2022
    Date of Patent: May 9, 2023
    Assignee: Sevco Security, Inc.
    Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
  • Publication number: 20230007047
    Abstract: A method includes identifying a first group of objects generated by security tools during a first time interval and containing cotemporal, analogous characteristics identifying a first endpoint device connected to a computer network; based on the first group of objects, confirming detection of the first endpoint device by a first security tool and a second security tool during the first time interval; identifying a second group of objects generated by security tools during a second time interval and containing cotemporal, analogous characteristics identifying the first endpoint device; based on the second group of objects, confirming detection of the first endpoint device by the second security tool during the second time interval; and responsive to absence of detection of the first endpoint device by the first security tool during the second time interval, generating a source remove event specifying removal of the first security tool from the first endpoint device.
    Type: Application
    Filed: July 8, 2022
    Publication date: January 5, 2023
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Luis Diego Cabezas
  • Publication number: 20220329604
    Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained in
    Type: Application
    Filed: April 13, 2022
    Publication date: October 13, 2022
    Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
  • Patent number: 10855715
    Abstract: One variation of a method for predicting security risks of assets on a computer network includes: over a first period of time, detecting an asset connected to the computer network and a first set of behaviors exhibited by the asset; associating the asset with a first set of assets based on similarity of the first set of behaviors to behaviors characteristic of the first set of assets; over a second period of time succeeding the first period of time, detecting the asset connected to the computer network and a second set of behaviors exhibited by the asset; detecting deviation of the asset from the first set of assets based on differences between the second set of behaviors and behaviors characteristic of the first set of assets; and generating a security alert for the asset in response to deviation of the asset from the first set of assets.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: December 1, 2020
    Assignee: SUMO LOGIC, INC.
    Inventors: Gregory Charles Martin, Jeffrey J. Guy, Grant Babb
  • Patent number: 10235519
    Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.
    Type: Grant
    Filed: October 27, 2015
    Date of Patent: March 19, 2019
    Assignee: Carbon Black, Inc.
    Inventors: Jeffrey J. Guy, Mark Gilbert
  • Publication number: 20180139227
    Abstract: One variation of a method for predicting security risks of assets on a computer network includes: over a first period of time, detecting an asset connected to the computer network and a first set of behaviors exhibited by the asset; associating the asset with a first set of assets based on similarity of the first set of behaviors to behaviors characteristic of the first set of assets; over a second period of time succeeding the first period of time, detecting the asset connected to the computer network and a second set of behaviors exhibited by the asset; detecting deviation of the asset from the first set of assets based on differences between the second set of behaviors and behaviors characteristic of the first set of assets; and generating a security alert for the asset in response to deviation of the asset from the first set of assets.
    Type: Application
    Filed: October 31, 2017
    Publication date: May 17, 2018
    Inventors: Gregory Charles Martin, Jeffrey J. Guy, Grant Babb
  • Publication number: 20160224787
    Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.
    Type: Application
    Filed: October 27, 2015
    Publication date: August 4, 2016
    Inventors: Jeffrey J. Guy, Mark Gilbert
  • Patent number: 9197663
    Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: November 24, 2015
    Assignee: Bit9, Inc.
    Inventors: Mark Gilbert, Jeffrey J. Guy