Patents by Inventor Jeffrey J. Guy
Jeffrey J. Guy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240364695Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.Type: ApplicationFiled: May 28, 2024Publication date: October 31, 2024Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jacob Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
-
Patent number: 12088597Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained inType: GrantFiled: March 31, 2023Date of Patent: September 10, 2024Assignee: Sevco Security, Inc.Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
-
Patent number: 12034735Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.Type: GrantFiled: September 22, 2023Date of Patent: July 9, 2024Assignee: Sevco Security, Inc.Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jacob Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
-
Publication number: 20240187455Abstract: A method includes: generating a manifest of assets during the target time interval; labeling each asset in the manifest of assets with a set of attributes exhibited by the asset during the target time interval; defining a first attribute category exhibiting a first combination of attributes; assigning a first action to the first attribute category; identifying a subset of assets in the manifest of assets matching the first attribute category, each asset in the subset of assets exhibiting a set of attributes including the first combination of attributes; and executing the first action on the first subset of assets.Type: ApplicationFiled: December 15, 2023Publication date: June 6, 2024Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Aaron Griffin, Michael Alfonse, Jacob Hackett, Nick Murdock, Jim LoRusso, Jason McFarland, Luis Diego Cabezas
-
Patent number: 11882157Abstract: A method includes: generating a manifest of assets during the target time interval; labeling each asset in the manifest of assets with a set of attributes exhibited by the asset during the target time interval; defining a first attribute category exhibiting a first combination of attributes; assigning a first action to the first attribute category; identifying a subset of assets in the manifest of assets matching the first attribute category, each asset in the subset of assets exhibiting a set of attributes including the first combination of attributes; and executing the first action on the first subset of assets.Type: GrantFiled: January 25, 2023Date of Patent: January 23, 2024Assignee: Sevco Security, Inc.Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolemeo, Aaron Griffin, Michael Alfonse, Jacob Hackett, Nick Murdock, Jim LoRusso, Jason McFarland, Luis Diego Cabezas
-
Publication number: 20240015164Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of users affiliated with a computer network; partitioning the objects into object groups, each object group representing a particular user; for each object group, aggregating objects in the object group into a user container, in a set of user containers, representing a user during the first time interval; generating a manifest of users affiliated with the computer network during the first time interval based on the set of user containers; and, in response to selection of a first user in the manifest of users at an operator portal: generating a visualization representing a set of attributes exhibited by the first user during the first time interval.Type: ApplicationFiled: September 22, 2023Publication date: January 11, 2024Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jake Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
-
Publication number: 20240015165Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.Type: ApplicationFiled: September 22, 2023Publication date: January 11, 2024Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jake Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
-
Publication number: 20230328108Abstract: A method includes identifying a first group of objects generated by security tools during a first time interval and containing cotemporal, analogous characteristics identifying a first endpoint device connected to a computer network; based on the first group of objects, confirming detection of the first endpoint device by a first security tool and a second security tool during the first time interval; identifying a second group of objects generated by security tools during a second time interval and containing cotemporal, analogous characteristics identifying the first endpoint device; based on the second group of objects, confirming detection of the first endpoint device by the second security tool during the second time interval; and responsive to absence of detection of the first endpoint device by the first security tool during the second time interval, generating a source remove event specifying removal of the first security tool from the first endpoint device.Type: ApplicationFiled: April 12, 2023Publication date: October 12, 2023Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Luis Diego Cabezas
-
Publication number: 20230308452Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained inType: ApplicationFiled: March 31, 2023Publication date: September 28, 2023Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
-
Publication number: 20230247057Abstract: A method includes: generating a manifest of assets during the target time interval; labeling each asset in the manifest of assets with a set of attributes exhibited by the asset during the target time interval; defining a first attribute category exhibiting a first combination of attributes; assigning a first action to the first attribute category; identifying a subset of assets in the manifest of assets matching the first attribute category, each asset in the subset of assets exhibiting a set of attributes including the first combination of attributes; and executing the first action on the first subset of assets.Type: ApplicationFiled: January 25, 2023Publication date: August 3, 2023Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolemeo, Aaron Griffin, Michael Alfonse, Jake Hackett, Nick Murdock, Jim LoRusso, Jason McFarland, Luis Diego Cabezas
-
Patent number: 11659008Abstract: A method includes identifying a first group of objects generated by security tools during a first time interval and containing cotemporal, analogous characteristics identifying a first endpoint device connected to a computer network; based on the first group of objects, confirming detection of the first endpoint device by a first security tool and a second security tool during the first time interval; identifying a second group of objects generated by security tools during a second time interval and containing cotemporal, analogous characteristics identifying the first endpoint device; based on the second group of objects, confirming detection of the first endpoint device by the second security tool during the second time interval; and responsive to absence of detection of the first endpoint device by the first security tool during the second time interval, generating a source remove event specifying removal of the first security tool from the first endpoint device.Type: GrantFiled: July 8, 2022Date of Patent: May 23, 2023Assignee: Sevco Security, Inc.Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Luis Diego Cabezas
-
Patent number: 11647027Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained inType: GrantFiled: April 13, 2022Date of Patent: May 9, 2023Assignee: Sevco Security, Inc.Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
-
Publication number: 20230007047Abstract: A method includes identifying a first group of objects generated by security tools during a first time interval and containing cotemporal, analogous characteristics identifying a first endpoint device connected to a computer network; based on the first group of objects, confirming detection of the first endpoint device by a first security tool and a second security tool during the first time interval; identifying a second group of objects generated by security tools during a second time interval and containing cotemporal, analogous characteristics identifying the first endpoint device; based on the second group of objects, confirming detection of the first endpoint device by the second security tool during the second time interval; and responsive to absence of detection of the first endpoint device by the first security tool during the second time interval, generating a source remove event specifying removal of the first security tool from the first endpoint device.Type: ApplicationFiled: July 8, 2022Publication date: January 5, 2023Inventors: Jeffrey J. Guy, Dean Mekkawy, Jeremiah Clark, Nevins Bartolomeo, Luis Diego Cabezas
-
Publication number: 20220329604Abstract: A method for monitoring endpoint devices affiliated with a computer network includes: for each security technology, accessing a set of objects generated by the security technology during a time interval and representing characteristics endpoint devices configured with the security technology, partitioning object groups representing individual endpoint devices, and aggregating characteristics represented in each object group into an endpoint device container associated with the security technology and containing identifying data and status data representing one endpoint device; identifying a first subset of endpoint devices configured with first and second security technologies based on correspondence between data contained endpoint device containers associated with the first and second security technologies; and identifying a second subset of endpoint devices configured with the first security technology and excluding the second security technology based on absence of correspondence between data contained inType: ApplicationFiled: April 13, 2022Publication date: October 13, 2022Inventors: Jeffrey J. Guy, Greg Fitzgerald, Jeremiah Clark, Dean Mekkawy, Nevins Bartolomeo, Jim LoRusso, Nick Murdock, Allen Saunders, Jacob Hackett
-
Patent number: 10855715Abstract: One variation of a method for predicting security risks of assets on a computer network includes: over a first period of time, detecting an asset connected to the computer network and a first set of behaviors exhibited by the asset; associating the asset with a first set of assets based on similarity of the first set of behaviors to behaviors characteristic of the first set of assets; over a second period of time succeeding the first period of time, detecting the asset connected to the computer network and a second set of behaviors exhibited by the asset; detecting deviation of the asset from the first set of assets based on differences between the second set of behaviors and behaviors characteristic of the first set of assets; and generating a security alert for the asset in response to deviation of the asset from the first set of assets.Type: GrantFiled: October 31, 2017Date of Patent: December 1, 2020Assignee: SUMO LOGIC, INC.Inventors: Gregory Charles Martin, Jeffrey J. Guy, Grant Babb
-
Patent number: 10235519Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.Type: GrantFiled: October 27, 2015Date of Patent: March 19, 2019Assignee: Carbon Black, Inc.Inventors: Jeffrey J. Guy, Mark Gilbert
-
Publication number: 20180139227Abstract: One variation of a method for predicting security risks of assets on a computer network includes: over a first period of time, detecting an asset connected to the computer network and a first set of behaviors exhibited by the asset; associating the asset with a first set of assets based on similarity of the first set of behaviors to behaviors characteristic of the first set of assets; over a second period of time succeeding the first period of time, detecting the asset connected to the computer network and a second set of behaviors exhibited by the asset; detecting deviation of the asset from the first set of assets based on differences between the second set of behaviors and behaviors characteristic of the first set of assets; and generating a security alert for the asset in response to deviation of the asset from the first set of assets.Type: ApplicationFiled: October 31, 2017Publication date: May 17, 2018Inventors: Gregory Charles Martin, Jeffrey J. Guy, Grant Babb
-
Publication number: 20160224787Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.Type: ApplicationFiled: October 27, 2015Publication date: August 4, 2016Inventors: Jeffrey J. Guy, Mark Gilbert
-
Patent number: 9197663Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.Type: GrantFiled: January 29, 2015Date of Patent: November 24, 2015Assignee: Bit9, Inc.Inventors: Mark Gilbert, Jeffrey J. Guy