Patents by Inventor Mark Kuhr
Mark Kuhr has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11171981Abstract: A method comprising inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulnerability of the particular network under test.Type: GrantFiled: October 25, 2019Date of Patent: November 9, 2021Assignee: SYNACK, INC.Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 10915636Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: GrantFiled: September 27, 2017Date of Patent: February 9, 2021Assignee: Synack, Inc.Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 10791137Abstract: A method of assessing and addressing computer security risk is disclosed.Type: GrantFiled: March 14, 2018Date of Patent: September 29, 2020Assignee: SYNACK, INC.Inventors: Kirti Chawla, Mark Kuhr
-
Publication number: 20200145450Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: ApplicationFiled: October 25, 2019Publication date: May 7, 2020Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 10628764Abstract: In one aspect, the disclosure provides: using a control computer logically positioned between one or more researcher computers and one or more systems under test, obtaining a task that identifies a potential security vulnerability of the one or more systems under test; determining a task type of the task associated with particular skills for investigating the potential security vulnerability; identifying a plurality of researcher computers who each have the particular skills; determining a task expiration of the task; determining a respective availability of the plurality of researcher computers; assigning the task to one or more researcher computers of the plurality of researcher computers determined to be available to complete the task; determining and providing an incentive to the one or more researcher computers in response to successfully validating the reports of the potential security vulnerability of the one or more systems under test.Type: GrantFiled: September 15, 2015Date of Patent: April 21, 2020Assignee: Synack, Inc.Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 10606825Abstract: A method and apparatus for extracting and displaying a feature data set is provided.Type: GrantFiled: February 28, 2017Date of Patent: March 31, 2020Assignee: SYNACK, INC.Inventors: Mikhail Sosonkin, Kirti Chawla, Mark Kuhr
-
Patent number: 10521593Abstract: In one aspect, the disclosure provides: A method comprising: assessing a plurality of researchers as a precondition for receiving an invitation to be a researcher of a distributed plurality of researchers, resulting in the distributed plurality of researchers wherein each researcher is associated with one or more tags in records that identify the researcher for one or more attributes; inviting a subset of the distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more computers that are owned or operated by a third party, the subset of the distributed plurality of researchers selected based on the one or more tags in records that identify the researcher and a description of the computer vulnerabilities of the one or more computers; using a computer that is communicatively coupled to a particular researcher among the subset of the distributed plurality of researchers and a network under test among thType: GrantFiled: June 16, 2017Date of Patent: December 31, 2019Assignee: SYNACK, INC.Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 10462174Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: GrantFiled: January 17, 2018Date of Patent: October 29, 2019Assignee: Synack, Inc.Inventors: Jay Kaplan, Mark Kuhr
-
Publication number: 20190289029Abstract: A method of assessing and addressing computer security risk is disclosed.Type: ApplicationFiled: March 14, 2018Publication date: September 19, 2019Inventors: KIRTI CHAWLA, MARK KUHR
-
Patent number: 10140455Abstract: A vulnerability report evaluation system comprises a preprocessor that takes as its input a data record representing a vulnerability report and outputs a search record. The vulnerability report evaluation system further comprises a search engine and a searchable corpus comprising records of vulnerabilities, wherein the search engine is configured to use the outputted search record to search the corpus. The vulnerability report evaluation system can flag search result hits resulting from the searched search record as an indication that the submitted vulnerability report is a duplicate of an earlier vulnerability report or as a flag to trigger manual review, while providing efficient processing of vulnerability report data records.Type: GrantFiled: April 19, 2016Date of Patent: November 27, 2018Assignee: Synack, Inc.Inventors: Kirti Chawla, Mikhail Sosonkin, Liam Norris, Mark Kuhr
-
Patent number: 10121009Abstract: A testing system for testing computer system security includes control logic interposed between tester computers and a computer system under test. Tester computers are used by testers to test for security vulnerabilities of the computer system under test. A test results database contains records of tester interactions with the computer system under test and responses of the computer system under test to the tester interactions. A test mark database, coupled to the control logic, contains records related to granular elements of the computer system under test that are amenable to being tested for security vulnerabilities. Records of the test mark database indicate whether a corresponding granular element has been tested for security vulnerabilities. A coverage application, coupled to the test mark database, inputs data from the test mark database and outputs data indicating which granular elements of the computer system under test are to be tested.Type: GrantFiled: September 25, 2015Date of Patent: November 6, 2018Assignee: Synack, Inc.Inventors: Mark Kuhr, Jay Kaplan
-
Publication number: 20180309777Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: ApplicationFiled: January 17, 2018Publication date: October 25, 2018Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 9912685Abstract: Computer systems and methods in various embodiments are configured to test the security of a server computer by simulating a wide range of attacks from one or more bot-nets. In an embodiment, a computer system includes a memory; a processor coupled to the memory; a plurality of network cards coupled to the processor and the memory, the computer system being located in a home geographic region; wherein each of the plurality of network cards is configured to send one or more requests to a remote server computer through one of a plurality of geographic regions, that is different than the home geographic region; wherein, for each of the plurality of network cards, the processor is configured to store in the memory one of a plurality of geo-mappings, wherein the geo-mapping indicates the certain geographic region the network card is configured to send the one or more requests to the remote server computer through.Type: GrantFiled: October 30, 2015Date of Patent: March 6, 2018Assignee: Synack, Inc.Inventors: Jay Kaplan, Mark Kuhr, Vlad Cretu
-
Patent number: 9888026Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: GrantFiled: September 19, 2016Date of Patent: February 6, 2018Assignee: Synack, Inc.Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 9824222Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: GrantFiled: May 6, 2014Date of Patent: November 21, 2017Assignee: SYNACK, INC.Inventors: Jay Kaplan, Mark Kuhr
-
Publication number: 20170300698Abstract: A vulnerability report evaluation system comprises a preprocessor that takes as its input a data record representing a vulnerability report and outputs a search record. The vulnerability report evaluation system further comprises a search engine and a searchable corpus comprising records of vulnerabilities, wherein the search engine is configured to use the outputted search record to search the corpus. The vulnerability report evaluation system can flag search result hits resulting from the searched search record as an indication that the submitted vulnerability report is a duplicate of an earlier vulnerability report or as a flag to trigger manual review, while providing efficient processing of vulnerability report data records.Type: ApplicationFiled: April 19, 2016Publication date: October 19, 2017Inventors: Kirti Chawla, Mikhail Sosonkin, Liam Norris, Mark Kuhr
-
Publication number: 20170289174Abstract: In one aspect, the disclosure provides: A method comprising: assessing a plurality of researchers as a precondition for receiving an invitation to be a researcher of a distributed plurality of researchers, resulting in the distributed plurality of researchers wherein each researcher is associated with one or more tags in records that identify the researcher for one or more attributes; inviting a subset of the distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more computers that are owned or operated by a third party, the subset of the distributed plurality of researchers selected based on the one or more tags in records that identify the researcher and a description of the computer vulnerabilities of the one or more computers; using a computer that is communicatively coupled to a particular researcher among the subset of the distributed plurality of researchers and a network under test among thType: ApplicationFiled: June 16, 2017Publication date: October 5, 2017Inventors: Jay Kaplan, Mark Kuhr
-
Patent number: 9723489Abstract: A testing system tests applications executable on a computing platform, when the app under test executes on the computing platform, the app program code refers to a tree data structure for its user interface operations. That tree data structure is accessed without needing to interrupt the app under test or without needing software hooks into the app. The testing system obtains a specification of user interface criteria from an operator, processes the tree data structure with the specification to identify nodes of the tree data structure that match the user interface criteria, and outputs a representation of the matching nodes. The matching nodes are user interface entry points capable of being used to test the app for vulnerabilities. The specification can include edge criteria, wherein an edge criterion corresponds to a characteristic of an edge in the tree data structure between at least two nodes of the tree data structure.Type: GrantFiled: April 19, 2016Date of Patent: August 1, 2017Assignee: SYNACK, INC.Inventors: Mikhail Sosonkin, Mark Kuhr
-
Patent number: 9697362Abstract: In one aspect, the disclosure provides: A method comprising: assessing a plurality of researchers as a precondition for receiving an invitation to be a researcher of a distributed plurality of researchers, resulting in the distributed plurality of researchers wherein each researcher is associated with one or more tags in records that identify the researcher for one or more attributes; inviting a subset of the distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more computers that are owned or operated by a third party, the subset of the distributed plurality of researchers selected based on the one or more tags in records that identify the researcher and a description of the computer vulnerabilities of the one or more computers; using a computer that is communicatively coupled to a particular researcher among the subset of the distributed plurality of researchers and a network under test among thType: GrantFiled: August 8, 2016Date of Patent: July 4, 2017Assignee: Synack, Inc.Inventors: Jay Kaplan, Mark Kuhr
-
Publication number: 20170134417Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulneraType: ApplicationFiled: September 19, 2016Publication date: May 11, 2017Inventors: Jay Kaplan, Mark Kuhr