Patents by Inventor Jess Parnell
Jess Parnell has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11574047Abstract: A cyber threat intelligence (CTI) gateway device may receive rules for filtering TCP/IP packet communications events that are configured to cause the CTI gateway device to identify communications corresponding to indicators, signatures, and behavioral patterns of network threats. The CTI gateway device may receive packets that compose endpoint-to-endpoint communication events and, for each event, may determine that the event corresponds to criteria specified by a filtering rule. The criteria may correspond to one or more of the network threat indicators, signatures, and behavioral patterns. The CTI gateway may create a log of the threat event and forward the threat event log to a task queue managed by a cyberanalysis workflow application. Human cyberanalysts use the cyberanalysis workflow application to service the task queue by removing the task at the front of the queue, investigating the threat event, and deciding whether the event is a reportable finding that should be reported to the proper authorities.Type: GrantFiled: September 26, 2019Date of Patent: February 7, 2023Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Jonathan R. Rogers, Jess Parnell, Zachary Ehnerd
-
Patent number: 11539664Abstract: A packet-filtering network appliance such as a threat intelligence gateway (TIG) protects TCP/IP networks from Internet threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their associated flows are sent to cyberanalysis applications located at security operations centers (SOCs) and operated by cyberanalysts. Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, which generates a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses.Type: GrantFiled: June 13, 2022Date of Patent: December 27, 2022Assignee: Centripetal Networks, Inc.Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess Parnell, Jonathan R. Rogers
-
Publication number: 20220321531Abstract: A packet-filtering network appliance such as a threat intelligence gateway (TIG) protects TCP/IP networks from Internet threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their associated flows are sent to cyberanalysis applications located at security operations centers (SOCs) and operated by cyberanalysts. Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, which generates a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses.Type: ApplicationFiled: June 13, 2022Publication date: October 6, 2022Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess Parnell, Jonathan R. Rogers
-
Publication number: 20220210125Abstract: Methods and systems are disclosed for integrating cyber threat intelligence (CTI), threat metadata, and threat intelligence gateways with analysis systems to form efficient and effective system for active, proactive, and reactive network protection. A network gateway may be composed of multiple stages. A first stage may include a threat intelligence gateway (TIG). A second stage may include one or more cyber analysis systems that ingest TIG-filtered communications and associated threat metadata signals. A third stage may include network protection logic that determines which protective actions. The gateway may be provisioned and configured with rules that specify the network protection policies to be enforced. The gateway may ingest all communications flowing between the protected network and the unprotected network.Type: ApplicationFiled: March 14, 2022Publication date: June 30, 2022Inventors: Sean Moore, Jess Parnell, Jonathan R. Rogers
-
Patent number: 11362996Abstract: A packet-filtering network appliance protects networks from threats by enforcing policies on in-transit packets crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their flows are sent to cyberanalysis applications located at security operations centers (SOCs). Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, generating a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses. The present disclosure describes incident logging that efficiently incorporates logs of many flows that comprise the incident, potentially reducing resource consumption while improving the informational/cyberanalytical value for cyberanalysis when compared to the component flow logs. Incident logging vs. flow logging can be automatically and adaptively switched on or off.Type: GrantFiled: July 20, 2021Date of Patent: June 14, 2022Assignee: Centripetal Networks, Inc.Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess Parnell, Jonathan R. Rogers
-
Publication number: 20220131835Abstract: A packet-filtering network appliance protects networks from threats by enforcing policies on in-transit packets crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their flows are sent to cyberanalysis applications located at security operations centers (SOCs). Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, generating a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses. The present disclosure describes incident logging that efficiently incorporates logs of many flows that comprise the incident, potentially reducing resource consumption while improving the informational/cyberanalytical value for cyberanalysis when compared to the component flow logs. Incident logging vs. flow logging can be automatically and adaptively switched on or off.Type: ApplicationFiled: July 20, 2021Publication date: April 28, 2022Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess Parnell, Jonathan R. Rogers
-
Patent number: 11290424Abstract: Methods and systems are disclosed for integrating cyber threat intelligence (CTI), threat metadata, and threat intelligence gateways with analysis systems to form efficient and effective system for active, proactive, and reactive network protection. A network gateway may be composed of multiple stages. A first stage may include a threat intelligence gateway (TIG). A second stage may include one or more cyber analysis systems that ingest TIG-filtered communications and associated threat metadata signals. A third stage may include network protection logic that determines which protective actions. The gateway may be provisioned and configured with rules that specify the network protection policies to be enforced. The gateway may ingest all communications flowing between the protected network and the unprotected network.Type: GrantFiled: May 8, 2019Date of Patent: March 29, 2022Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Jess Parnell, Jonathan R. Rogers
-
Publication number: 20200106742Abstract: Methods and systems are disclosed for integrating cyber threat intelligence (CTI), threat metadata, and threat intelligence gateways with analysis systems to form efficient and effective system for active, proactive, and reactive network protection. A network gateway may be composed of multiple stages. A first stage may include a threat intelligence gateway (TIG). A second stage may include one or more cyber analysis systems that ingest TIG-filtered communications and associated threat metadata signals. A third stage may include network protection logic that determines which protective actions. The gateway may be provisioned and configured with rules that specify the network protection policies to be enforced. The gateway may ingest all communications flowing between the protected network and the unprotected network.Type: ApplicationFiled: May 8, 2019Publication date: April 2, 2020Inventors: Sean Moore, Jess Parnell, Jonathan R. Rogers
-
Publication number: 20200019700Abstract: A cyber threat intelligence (CTI) gateway device may receive rules for filtering TCP/IP packet communications events that are configured to cause the CTI gateway device to identify communications corresponding to indicators, signatures, and behavioral patterns of network threats. The CTI gateway device may receive packets that compose endpoint-to-endpoint communication events and, for each event, may determine that the event corresponds to criteria specified by a filtering rule. The criteria may correspond to one or more of the network threat indicators, signatures, and behavioral patterns. The CTI gateway may create a log of the threat event and forward the threat event log to a task queue managed by a cyberanalysis workflow application. Human cyberanalysts use the cyberanalysis workflow application to service the task queue by removing the task at the front of the queue, investigating the threat event, and deciding whether the event is a reportable finding that should be reported to the proper authorities.Type: ApplicationFiled: September 26, 2019Publication date: January 16, 2020Inventors: Sean Moore, Jonathan R. Rogers, Jess Parnell, Zachary Ehnerd
-
Patent number: 10503899Abstract: A cyber threat intelligence (CTI) gateway device may receive rules for filtering TCP/IP packet communications events that are configured to cause the CTI gateway device to identify communications corresponding to indicators, signatures, and behavioral patterns of network threats. The CTI gateway device may receive packets that compose endpoint-to-endpoint communication events and, for each event, may determine that the event corresponds to criteria specified by a filtering rule. The criteria may correspond to one or more of the network threat indicators, signatures, and behavioral patterns. The CTI gateway may create a log of the threat event and forward the threat event log to a task queue managed by a cyberanalysis workflow application. Human cyberanalysts use the cyberanalysis workflow application to service the task queue by removing the task at the front of the queue, investigating the threat event, and deciding whether the event is a reportable finding that should be reported to the proper authorities.Type: GrantFiled: July 9, 2018Date of Patent: December 10, 2019Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Jonathan R. Rogers, Jess Parnell, Zachary Ehnerd
-
Patent number: 10333898Abstract: Methods and systems are disclosed for integrating cyber threat intelligence (CTI), threat metadata, and threat intelligence gateways with analysis systems to form efficient and effective system for active, proactive, and reactive network protection. A network gateway may be composed of multiple stages. A first stage may include a threat intelligence gateway (TIG). A second stage may include one or more cyber analysis systems that ingest TIG-filtered communications and associated threat metadata signals. A third stage may include network protection logic that determines which protective actions. The gateway may be provisioned and configured with rules that specify the network protection policies to be enforced. The gateway may ingest all communications flowing between the protected network and the unprotected network.Type: GrantFiled: July 9, 2018Date of Patent: June 25, 2019Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Jess Parnell, Jonathan R. Rogers
-
Publication number: 20190012456Abstract: A cyber threat intelligence (CTI) gateway device may receive rules for filtering TCP/IP packet communications events that are configured to cause the CTI gateway device to identify communications corresponding to indicators, signatures, and behavioral patterns of network threats. The CTI gateway device may receive packets that compose endpoint-to-endpoint communication events and, for each event, may determine that the event corresponds to criteria specified by a filtering rule. The criteria may correspond to one or more of the network threat indicators, signatures, and behavioral patterns. The CTI gateway may create a log of the threat event and forward the threat event log to a task queue managed by a cyberanalysis workflow application. Human cyberanalysts use the cyberanalysis workflow application to service the task queue by removing the task at the front of the queue, investigating the threat event, and deciding whether the event is a reportable finding that should be reported to the proper authorities.Type: ApplicationFiled: July 9, 2018Publication date: January 10, 2019Inventors: Sean Moore, Jonathan R. Rogers, Jess Parnell, Zachary Ehnerd