Patents by Inventor Matthew Carver
Matthew Carver has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180041538Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for analyzing threat intelligence information. One of the methods includes receiving by a threat information server, threat intelligence information from one or more intelligence feeds and generating one or more identified security threats, identifying a compromise by a management process orchestration server and retrieving information from the threat information server and identifying one or more actions to be performed, determining by an indicator analytics processor, a composite credibility based on the actions, and determining one or more components for profiling and determining indicators of compromise for each component, and communicating the indicators of compromise to the management process orchestration server.Type: ApplicationFiled: October 12, 2017Publication date: February 8, 2018Inventors: Louis William DiValentin, Matthew Carver, Michael L. Lefebvre
-
Patent number: 9886582Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining threat data contextualization.Type: GrantFiled: August 31, 2015Date of Patent: February 6, 2018Assignee: Accenture Global Sevices LimitedInventors: Elvis Hovor, David William Rozmiarek, Robin Lynn Burkett, Matthew Carver, Mohamed H. El-Sharkawi
-
Publication number: 20180013777Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for identifying network security risks. One of the methods includes receiving organizational hierarchy data and receiving access privilege data for a network, generating an adjacency matrix that represents connections between individuals within the organizational hierarchy and various groups, and that represents connections between the individuals and various access privileges, selecting an analytic technique for analyzing the adjacency matrix, determining, for each individual, an individual score that represents a security risk associated with the individual's network account, and in response to determining that the individual score meets a threshold, applying security controls.Type: ApplicationFiled: July 8, 2016Publication date: January 11, 2018Inventors: Louis William DiValentin, Matthew Carver
-
Patent number: 9807120Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing a response to one or more security incidents in a computing network. One of the methods includes identifying a security incident based on detecting one or more indicators of compromise associated with the security incident, comparing the security incident with a predefined ontology that maps the security incident to one or more courses of action, selecting a response strategy that includes one or more of the courses of action, and implementing the response strategy as an automated response.Type: GrantFiled: June 29, 2016Date of Patent: October 31, 2017Assignee: Accenture Global Services LimitedInventors: Matthew Carver, Louis William DiValentin, Michael L. Lefebvre, Elvis Hovor, David William Rozmiarek
-
Publication number: 20170310697Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: ApplicationFiled: July 12, 2017Publication date: October 26, 2017Inventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Patent number: 9794279Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for analyzing threat intelligence information. One of the methods includes receiving by a threat information server, threat intelligence information from one or more intelligence feeds and generating one or more identified security threats, identifying a compromise by a management process orchestration server and retrieving information from the threat information server and identifying one or more actions to be performed, determining by an indicator analytics processor, a composite credibility based on the actions, and determining one or more components for profiling and determining indicators of compromise for each component, and communicating the indicators of compromise to the management process orchestration server.Type: GrantFiled: August 29, 2014Date of Patent: October 17, 2017Assignee: Accenture Global Services LimitedInventors: Louis William DiValentin, Matthew Carver, Michael L. Lefebvre
-
Patent number: 9729568Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: GrantFiled: August 12, 2016Date of Patent: August 8, 2017Assignee: Accenture Global Services LimitedInventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Publication number: 20170061132Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining threat data contextualization.Type: ApplicationFiled: August 31, 2015Publication date: March 2, 2017Inventors: Elvis Hovor, David William Rozmiarek, Robin Lynn Burkett, Matthew Carver, Mohamed H. El-Sharkawi
-
Publication number: 20170048266Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining a network path between computer assets. One of the methods includes receiving an asset topology that includes an identifier for each computer-related asset that may be an entry point for an attack simulation, receiving threat data that identifies vulnerabilities of computer-related assets, determining a first computer-related asset that may be an entry point for an attack simulation, identifying one or more first vulnerabilities of the first computer-related asset, determining a path from the first computer-related asset to a second computer-related asset, determining one or more second vulnerabilities of the second computer-related asset, determining a probability that the second computer-related asset will be compromised by an adversary, and determining a change to the asset topology to reduce the probability that the second computer-related asset will be compromised by an adversary.Type: ApplicationFiled: August 31, 2015Publication date: February 16, 2017Inventors: Elvis Hovor, Shaan Mulchandani, Matthew Carver
-
Publication number: 20160352768Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: ApplicationFiled: August 12, 2016Publication date: December 1, 2016Inventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Patent number: 9503467Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: GrantFiled: May 22, 2014Date of Patent: November 22, 2016Assignee: Accenture Global Services LimitedInventors: Michael J. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Publication number: 20160308910Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing a response to one or more security incidents in a computing network. One of the methods includes identifying a security incident based on detecting one or more indicators of compromise associated with the security incident, comparing the security incident with a predefined ontology that maps the security incident to one or more courses of action, selecting a response strategy that includes one or more of the courses of action, and implementing the response strategy as an automated response.Type: ApplicationFiled: June 29, 2016Publication date: October 20, 2016Inventors: Matthew Carver, Louis William DiValentin, Michael L. Lefebvre, Elvis Hovor, David William Rozmiarek
-
Publication number: 20160269434Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for analyzing threat intelligence information. One of the methods includes receiving by a threat information server, threat intelligence information from one or more intelligence feeds and generating one or more identified security threats, identifying a compromise by a management process orchestration server and retrieving information from the threat information server and identifying one or more actions to be performed, determining by an indicator analytics processor, a composite credibility based on the actions, and determining one or more components for profiling and determining indicators of compromise for each component, and communicating the indicators of compromise to the management process orchestration server.Type: ApplicationFiled: August 29, 2014Publication date: September 15, 2016Applicant: Accenture Global Services LimitedInventors: Louis William DiValentin, Matthew Carver, Michael L. Lefebvre
-
Patent number: 9386041Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing a response to one or more security incidents in a computing network. One of the methods includes identifying a security incident based on detecting one or more indicators of compromise associated with the security incident, comparing the security incident with a predefined ontology that maps the security incident to one or more courses of action, selecting a response strategy that includes one or more of the courses of action, and implementing the response strategy as an automated response.Type: GrantFiled: August 29, 2014Date of Patent: July 5, 2016Assignee: Accenture Global Services LimitedInventors: Matthew Carver, Louis William DiValentin, Michael L. Lefebvre, Elvis Hovor, David William Rozmiarek
-
Patent number: 9369481Abstract: An incident triage engine performs incident triage in a system by prioritizing responses to incidents within the system. One prioritization method may include receiving attributes of incidents and assets in the system, generating cumulative loss forecasts for the incidents, and prioritizing the responses to the incidents based on the cumulative loss forecasts for the incidents. Another prioritization method may include determining different arrangements of incidents within a response queue, calculating cumulative queue loss forecasts for the different arrangements of incidents within the response queue, and arranging the incidents in the response queue based on the arrangement of incidents that minimizes the total loss to the system over the resolution of all of the incidents present in the response queue.Type: GrantFiled: April 8, 2014Date of Patent: June 14, 2016Assignee: Accenture Global Services LimitedInventors: Joshua Z. Howes, Walid Negm, James J. Solderitsch, Ashish Jotwani, Matthew Carver
-
Publication number: 20150365438Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing a response to one or more security incidents in a computing network. One of the methods includes identifying a security incident based on detecting one or more indicators of compromise associated with the security incident, comparing the security incident with a predefined ontology that maps the security incident to one or more courses of action, selecting a response strategy that includes one or more of the courses of action, and implementing the response strategy as an automated response.Type: ApplicationFiled: August 29, 2014Publication date: December 17, 2015Applicant: ACCENTURE GLOBAL SERVICES LIMITEDInventors: Matthew Carver, Louis William DiValentin, Michael L. Lefebvre, Elvis Hovor, David William Rozmiarek
-
Publication number: 20150341379Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: ApplicationFiled: May 22, 2014Publication date: November 26, 2015Applicant: Accenture Global Services LimitedInventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Publication number: 20140223567Abstract: An incident triage engine performs incident triage in a system by prioritizing responses to incidents within the system. One prioritization method may include receiving attributes of incidents and assets in the system, generating cumulative loss forecasts for the incidents, and prioritizing the responses to the incidents based on the cumulative loss forecasts for the incidents. Another prioritization method may include determining different arrangements of incidents within a response queue, calculating cumulative queue loss forecasts for the different arrangements of incidents within the response queue, and arranging the incidents in the response queue based on the arrangement of incidents that minimizes the total loss to the system over the resolution of all of the incidents present in the response queue.Type: ApplicationFiled: April 8, 2014Publication date: August 7, 2014Applicant: Accenture Global Services LimitedInventors: Joshua Z. HOWES, Walid NEGM, James J. SOLDERITSCH, Ashish JOTWANI, Matthew CARVER
-
Patent number: 8732840Abstract: An incident triage engine performs incident triage in a system by prioritizing responses to incidents within the system. One prioritization method may include receiving attributes of incidents and assets in the system, generating cumulative loss forecasts for the incidents, and prioritizing the responses to the incidents based on the cumulative loss forecasts for the incidents. Another prioritization method may include determining different arrangements of incidents within a response queue, calculating cumulative queue loss forecasts for the different arrangements of incidents within the response queue, and arranging the incidents in the response queue based on the arrangement of incidents that minimizes the total loss to the system over the resolution of all of the incidents present in the response queue.Type: GrantFiled: October 7, 2011Date of Patent: May 20, 2014Assignee: Accenture Global Services LimitedInventors: Joshua Z. Howes, Walid Negm, James J. Solderitsch, Ashish Jotwani, Matthew Carver
-
Publication number: 20130091574Abstract: An incident triage engine performs incident triage in a system by prioritizing responses to incidents within the system. One prioritization method may include receiving attributes of incidents and assets in the system, generating cumulative loss forecasts for the incidents, and prioritizing the responses to the incidents based on the cumulative loss forecasts for the incidents. Another prioritization method may include determining different arrangements of incidents within a response queue, calculating cumulative queue loss forecasts for the different arrangements of incidents within the response queue, and arranging the incidents in the response queue based on the arrangement of incidents that minimizes the total loss to the system over the resolution of all of the incidents present in the response queue.Type: ApplicationFiled: October 7, 2011Publication date: April 11, 2013Inventors: Joshua Z. Howes, Walid Negm, James J. Solderitsch, Ashish Jotwani, Matthew Carver