Patents by Inventor Kurt Joseph Zettel, II
Kurt Joseph Zettel, II has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11762668Abstract: Persistent storage may be arranged to store sets of configuration data respectively corresponding to applications. One or more processors of a computational instance may be configured to: receive, from a data source, a set of configuration data corresponding to an application deployable on a network related to the computational instance, wherein the set of configuration data defines components, packages, and environments, wherein the packages include one or more of the components, and wherein the environments include one or more of the packages; write, to the persistent storage, a representation of the set of configuration data; look up one or more policies applicable to the set of configuration data; and validate, by a policy engine, the set of configuration data by applying the one or more policies to the set of configuration data.Type: GrantFiled: July 6, 2021Date of Patent: September 19, 2023Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, Filip Deryckere, Joshua Jayson Goldstein, Mark Jason Harun, Tal Kapon, Alessandro Buzzatti, Michael Steven Ludwig, Ravindra Bansal, Benny Van de Sompele, Swapnesh Patel
-
Patent number: 11743278Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include receiving, at a computing device located within a private network, a message sent from a server located outside of the private network, the message including an observable; invoking, within the private network, a search of data associated with the private network to obtain a search result that includes data matching the observable; aggregating, within the private network, data from the search result that matches the observable to obtain a report that includes an indication of the observable, a count of occurrences of the observable, and identification of one or more components associated with the observable; and transmitting the report to the server.Type: GrantFiled: December 15, 2021Date of Patent: August 29, 2023Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, Richard Reybok, Jr., Phillip DiCorpo, Simon N. Allen, Amit Sharma, Giora Tamir
-
Patent number: 11704405Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.Type: GrantFiled: December 1, 2021Date of Patent: July 18, 2023Assignee: ServiceNow, Inc.Inventors: Richard Reybok, Andreas Seip Haugsnes, Kurt Joseph Zettel, II, Jeffrey Rhines, Henry Geddes, Volodymyr Osypov, Scott Lewis, Sean Brady, Mark Manning
-
Patent number: 11575703Abstract: Systems and methods are disclosed for obtaining network security threat information and mitigating threats to improve computing network operations. For example, methods may include receiving a message from a central instance; from outside of a private network, invoking a search of data associated with the private network, wherein the search is based on the message and the search is performed by an agent device within the private network; receiving a search result of the search from the agent device; transmitting the search result to the central instance, wherein the central instance is configured to generate network security threat information based in part on the search result and share the network security threat information with a plurality of customer instances that are associated with a group of customers; and receiving an alert message from the central instance, wherein the alert message includes information that identifies a network security threat.Type: GrantFiled: August 29, 2019Date of Patent: February 7, 2023Assignee: ServiceNow, Inc.Inventors: Richard Reybok, Jr., Kurt Joseph Zettel, II, Phillip Dicorpo, Simon N. Allen, Amit Sharma, Giora Tamir
-
Publication number: 20230019705Abstract: Persistent storage may be arranged to store sets of configuration data respectively corresponding to applications. One or more processors of a computational instance may be configured to: receive, from a data source, a set of configuration data corresponding to an application deployable on a network related to the computational instance, wherein the set of configuration data defines components, packages, and environments, wherein the packages include one or more of the components, and wherein the environments include one or more of the packages; write, to the persistent storage, a representation of the set of configuration data; look up one or more policies applicable to the set of configuration data; and validate, by a policy engine, the set of configuration data by applying the one or more policies to the set of configuration data.Type: ApplicationFiled: July 6, 2021Publication date: January 19, 2023Inventors: Kurt Joseph Zettel, II, Filip Deryckere, Joshua Jayson Goldstein, Mark Jason Harun, Tal Kapon, Alessandro Buzzatti, Michael Steven Ludwig, Ravindra Bansal, Benny Van de Sompele, Swapnesh Patel
-
Patent number: 11539720Abstract: Systems and methods are disclosed for computer network threat assessment. For example, methods may include receiving from client networks respective threat data and storing the respective threat data in a security event database; maintaining affiliations for groups of the client networks; detecting correlation between a network threat and one of the groups; identifying an indicator associated with the network threat, and, dependent on the affiliation for the group, identifying a client network and generating a message, which conveys an alert to the client network, comprising the indicator; responsive to the message, receiving, from the client network, a report of detected correlation between the indicator and security event data maintained by the client network; and updating the security event database responsive to the report of detected correlation.Type: GrantFiled: June 15, 2020Date of Patent: December 27, 2022Assignee: ServiceNow, Inc.Inventors: Richard Reybok, Jr., Jeffrey Rhines, Kurt Joseph Zettel, II, Henry Geddes
-
Publication number: 20220382881Abstract: A system may include persistent storage containing representations of configuration items discovered in a managed network, where the configuration items include computing devices and software applications installed on the computing devices. One or more processors may be configured to: (i) obtain results of a vulnerability analysis performed on a software application, where the results indicate that the software application exhibits a vulnerability, (i) determine a count of computing devices on which the software application is installed, (iii) calculate a security threat score for the vulnerability, where the security threat score is based on a severity factor of the vulnerability and the count of computing devices, (iv) provide, to a first entity, a first indication of the software application and the vulnerability, and (v) provide, to a second entity, a second indication of the software application, the vulnerability, and the security threat score.Type: ApplicationFiled: August 10, 2022Publication date: December 1, 2022Inventors: Kurt Joseph Zettel, II, David Victor Barkovic, Richard Kenneth Reybok
-
Patent number: 11423155Abstract: A system may include persistent storage containing representations of configuration items discovered in a managed network, where the configuration items include computing devices and software applications installed on the computing devices. One or more processors may be configured to: (i) obtain results of a vulnerability analysis performed on a software application, where the results indicate that the software application exhibits a vulnerability, (i) determine a count of computing devices on which the software application is installed, (iii) calculate a security threat score for the vulnerability, where the security threat score is based on a severity factor of the vulnerability and the count of computing devices, (iv) provide, to a first entity, a first indication of the software application and the vulnerability, and (v) provide, to a second entity, a second indication of the software application, the vulnerability, and the security threat score.Type: GrantFiled: August 28, 2019Date of Patent: August 23, 2022Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, David Victor Barkovic, Richard Kenneth Reybok
-
Publication number: 20220109686Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include receiving, at a computing device located within a private network, a message sent from a server located outside of the private network, the message including an observable; invoking, within the private network, a search of data associated with the private network to obtain a search result that includes data matching the observable; aggregating, within the private network, data from the search result that matches the observable to obtain a report that includes an indication of the observable, a count of occurrences of the observable, and identification of one or more components associated with the observable; and transmitting the report to the server.Type: ApplicationFiled: December 15, 2021Publication date: April 7, 2022Inventors: Kurt Joseph Zettel, II, Richard Reybok, JR., Phillip DiCorpo, Simon N. Allen, Amit Sharma, Giora Tamir
-
Patent number: 11223640Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include receiving, at a computing device located within a private network, a message sent from a server located outside of the private network, the message including an observable; invoking, within the private network, a search of data associated with the private network to obtain a search result that includes data matching the observable; aggregating, within the private network, data from the search result that matches the observable to obtain a report that includes an indication of the observable, a count of occurrences of the observable, and identification of one or more components associated with the observable; and transmitting the report to the server.Type: GrantFiled: May 21, 2019Date of Patent: January 11, 2022Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, Richard Reybok, Jr., Phillip DiCorpo, Simon N. Allen, Amit Sharma, Giora Tamir
-
Patent number: 11222111Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.Type: GrantFiled: March 23, 2020Date of Patent: January 11, 2022Assignee: ServiceNow, Inc.Inventors: Richard Reybok, Andreas Seip Haugsnes, Kurt Joseph Zettel, II, Jeffrey Rhines, Henry Geddes, Volodymyr Osypov, Scott Lewis, Sean Brady, Mark Manning
-
Patent number: 11093617Abstract: Systems and methods for automatically grouping vulnerabilities into vulnerability groups are provided. Vulnerabilities are received in the vulnerability response system and are automatically grouped into one or more vulnerability groups based upon grouping fields defined in a vulnerability group rule.Type: GrantFiled: November 16, 2017Date of Patent: August 17, 2021Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, Lisa Henderson, Phillip DiCorpo, Volodymyr Osypov, Karan Shah, Xuchang Chen, Jerome Liu
-
Publication number: 20210064758Abstract: A system may include persistent storage containing representations of configuration items discovered in a managed network, where the configuration items include computing devices and software applications installed on the computing devices. One or more processors may be configured to: (i) obtain results of a vulnerability analysis performed on a software application, where the results indicate that the software application exhibits a vulnerability, (i) determine a count of computing devices on which the software application is installed, (iii) calculate a security threat score for the vulnerability, where the security threat score is based on a severity factor of the vulnerability and the count of computing devices, (iv) provide, to a first entity, a first indication of the software application and the vulnerability, and (v) provide, to a second entity, a second indication of the software application, the vulnerability, and the security threat score.Type: ApplicationFiled: August 28, 2019Publication date: March 4, 2021Inventors: Kurt Joseph Zettel, II, David Victor Barkovic, Richard Kenneth Reybok
-
Patent number: 10862905Abstract: Providing are incident response techniques useful for personas with a variety of experience levels are described. The incident response techniques include a graphical user interface (GUI) for providing a variety of different views for different personas. The graphical user interface may provide a landing page for providing a queue of risk-score prioritized incidents, an incident playbook for providing default or customizable instructions for resolving a particular incident to lesser-experienced personas, an explore container for facilitating efficient navigation of data associated with a particular incident by more-experienced personas, and an activity stream container for providing an overview of activities that have been performed with regard to a particular incident to more-experienced or supervising personas. The explore container may also be integrated with tools for performing actions with the data without leaving the graphical user interface.Type: GrantFiled: February 27, 2018Date of Patent: December 8, 2020Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, Scott Alan Lewis, James Erbes, Richard Reybok, Harold Byun, Ryan Currier, Michel Abou Samah, Sachin Nayak, Patrice Tollenaere, Zhe Wang
-
Publication number: 20200356666Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.Type: ApplicationFiled: March 23, 2020Publication date: November 12, 2020Inventors: Richard Reybok, Andreas Seip Haugsnes, Kurt Joseph Zettel, II, Jeffrey Rhines, Henry Geddes, Volodymyr Osypov, Scott Lewis, Sean Brady, Mark Manning
-
Publication number: 20200314124Abstract: Systems and methods are disclosed for computer network threat assessment. For example, methods may include receiving from client networks respective threat data and storing the respective threat data in a security event database; maintaining affiliations for groups of the client networks; detecting correlation between a network threat and one of the groups; identifying an indicator associated with the network threat, and, dependent on the affiliation for the group, identifying a client network and generating a message, which conveys an alert to the client network, comprising the indicator; responsive to the message, receiving, from the client network, a report of detected correlation between the indicator and security event data maintained by the client network; and updating the security event database responsive to the report of detected correlation.Type: ApplicationFiled: June 15, 2020Publication date: October 1, 2020Inventors: Richard Reybok, JR., Jeffrey Rhines, Kurt Joseph Zettel, II, Henry Geddes
-
Patent number: 10686805Abstract: Systems and methods are disclosed for computer network threat assessment. For example, methods may include receiving from client networks respective threat data and storing the respective threat data in a security event database; maintaining affiliations for groups of the client networks; detecting correlation between a network threat and one of the groups; identifying an indicator associated with the network threat, and, dependent on the affiliation for the group, identifying a client network and generating a message, which conveys an alert to the client network, comprising the indicator; responsive to the message, receiving, from the client network, a report of detected correlation between the indicator and security event data maintained by the client network; and updating the security event database responsive to the report of detected correlation.Type: GrantFiled: December 9, 2016Date of Patent: June 16, 2020Assignee: ServiceNow, Inc.Inventors: Richard Reybok, Jr., Jeffrey Rhines, Kurt Joseph Zettel, II, Henry Geddes
-
Patent number: 10628582Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.Type: GrantFiled: October 3, 2018Date of Patent: April 21, 2020Assignee: ServiceNow, Inc.Inventors: Richard Reybok, Andreas Seip Haugsnes, Kurt Joseph Zettel, II, Jeffrey Rhines, Henry Geddes, Volodymyr Osypov, Scott Lewis, Sean Brady, Mark Manning
-
Publication number: 20190394227Abstract: Systems and methods are disclosed for obtaining network security threat information and mitigating threats to improve computing network operations. For example, methods may include receiving a message from a central instance; from outside of a private network, invoking a search of data associated with the private network, wherein the search is based on the message and the search is performed by an agent device within the private network; receiving a search result of the search from the agent device; transmitting the search result to the central instance, wherein the central instance is configured to generate network security threat information based in part on the search result and share the network security threat information with a plurality of customer instances that are associated with a group of customers; and receiving an alert message from the central instance, wherein the alert message includes information that identifies a network security threat.Type: ApplicationFiled: August 29, 2019Publication date: December 26, 2019Inventors: Richard Reybok, JR., Kurt Joseph Zettel, II, Phillip Dicorpo, Simon N. Allen, Amit Sharma, Giora Tamir
-
Publication number: 20190342316Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include receiving, at a computing device located within a private network, a message sent from a server located outside of the private network, the message including an observable; invoking, within the private network, a search of data associated with the private network to obtain a search result that includes data matching the observable; aggregating, within the private network, data from the search result that matches the observable to obtain a report that includes an indication of the observable, a count of occurrences of the observable, and identification of one or more components associated with the observable; and transmitting the report to the server.Type: ApplicationFiled: May 21, 2019Publication date: November 7, 2019Inventors: Kurt Joseph Zettel, II, Richard Reybok, JR., Phillip DiCorpo, Simon N. Allen, Amit Sharma, Giora Tamir