Patents by Inventor Matthew Edward Noe
Matthew Edward Noe has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240061930Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: ApplicationFiled: October 30, 2023Publication date: February 22, 2024Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Publication number: 20230409713Abstract: Described herein is a system that detects ransomware infection in filesystems. The system detects ransomware infection by using backup data of machines. The system detects ransomware infection in two stages. In the first stage, the system analyzes a filesystem's behavior. The filesystem's behavior can be obtained by loading the backup data and crawling the filesystem to create a filesystem metadata including information about file operations during a time interval. The filesystem determines a pattern of the file operations and compares the pattern to a normal patter to analyze the filesystem's behavior. If the filesystem's behavior is abnormal, the system proceeds to the second stage to analyze the content of the files to look for signs of encryption in the filesystem. The system combines the analysis of both stages to determine whether the filesystem is infected by ransomware.Type: ApplicationFiled: August 30, 2023Publication date: December 21, 2023Inventors: Oscar Chen, Di Wu, Benjamin Reisner, Matthew Edward Noe
-
Patent number: 11846980Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: GrantFiled: November 11, 2022Date of Patent: December 19, 2023Assignee: Rubrik, Inc.Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Patent number: 11783036Abstract: Described herein is a system that detects ransomware infection in filesystems. The system detects ransomware infection by using backup data of machines. The system detects ransomware infection in two stages. In the first stage, the system analyzes a filesystem's behavior. The filesystem's behavior can be obtained by loading the backup data and crawling the filesystem to create a filesystem metadata including information about file operations during a time interval. The filesystem determines a pattern of the file operations and compares the pattern to a normal patter to analyze the filesystem's behavior. If the filesystem's behavior is abnormal, the system proceeds to the second stage to analyze the content of the files to look for signs of encryption in the filesystem. The system combines the analysis of both stages to determine whether the filesystem is infected by ransomware.Type: GrantFiled: July 8, 2021Date of Patent: October 10, 2023Assignee: Rubrik, Inc.Inventors: Oscar Chen, Di Wu, Benjamin Reisner, Matthew Edward Noe
-
Patent number: 11709932Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: GrantFiled: January 31, 2019Date of Patent: July 25, 2023Assignee: Rubrik, Inc.Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Patent number: 11599629Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: GrantFiled: January 31, 2019Date of Patent: March 7, 2023Assignee: Rubrik, Inc.Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Patent number: 11550901Abstract: A process for detecting a threat for a file system is described. Audit events in the file system may be accessed, which may include unique file operations and duplicative file operations. The audit events may be de-duplicated to remove the duplicative file operations. Time series data may be generated that includes the unique file operations but not the duplicative file operations, and the time series data may be analyzed to determine whether a subset of the unique file operations includes file-access instructions. An observed pattern of the file-access instructions may be compared to a normal pattern of file-access instructions to determine whether the observed file-access instructions are abnormal. If the observed file-access instructions are abnormal, an alert may be generated.Type: GrantFiled: January 31, 2019Date of Patent: January 10, 2023Assignee: Rubrik, Inc.Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Publication number: 20220067159Abstract: Described herein is a system that detects ransomware infection in filesystems. The system detects ransomware infection by using backup data of machines. The system detects ransomware infection in two stages. In the first stage, the system analyzes a filesystem's behavior. The filesystem's behavior can be obtained by loading the backup data and crawling the filesystem to create a filesystem metadata including information about file operations during a time interval. The filesystem determines a pattern of the file operations and compares the pattern to a normal patter to analyze the filesystem's behavior. If the filesystem's behavior is abnormal, the system proceeds to the second stage to analyze the content of the files to look for signs of encryption in the filesystem. The system combines the analysis of both stages to determine whether the filesystem is infected by ransomware.Type: ApplicationFiled: July 8, 2021Publication date: March 3, 2022Inventors: Oscar Chen, Di Wu, Benjamin Reisner, Matthew Edward Noe
-
Patent number: 11099963Abstract: Various embodiments provide for alert generation based on alert dependency. For some embodiments, the alert dependency checking facilitates alert noise reduction. Various embodiments described herein dynamically find or discover alert dependencies based on one or more alerts currently active, one or more active alerts generated in the past, or some combination of both. Various embodiments described herein provide alert monitoring that adapts based on an alert state of a machine. Various embodiments described herein generate a health score for a machine based on an alert state of the machine. Various embodiments described herein provide a tool for managing definitions of one or more alerts that can be identified as an active alert for a machine.Type: GrantFiled: January 31, 2019Date of Patent: August 24, 2021Assignee: Rubrik, Inc.Inventors: Gurjeet S. Arora, Karan Jayesh Bavishi, Daniel Talamas Cano, John Louie, Chetas Joshi, Matthew Edward Noe
-
Patent number: 11010487Abstract: A data management and storage (DMS) cluster of peer DMS nodes manages resources of a multi-tenant environment. The DMS cluster provides an authorization framework that provides user access which is scoped to the resources within a tenant organization and the privileges of the user within the organization. To authorize an action on a resource by a user, the DMS cluster determines determine user authorizations associated with the user defining privileges of the user on the resources of the multi-tenant environment, and organization authorizations associated defining resources of the multi-tenant environment that belong to the organization. The DMS cluster authorizes the action when the user authorizations and organizations authorized indicate that the action on the resource is authorized.Type: GrantFiled: June 26, 2019Date of Patent: May 18, 2021Assignee: Rubrik, Inc.Inventors: Matthew Edward Noe, Seungyeop Han, Arohi Kumar
-
Patent number: 10979281Abstract: Various embodiments provide for alert generation based on alert dependency. For some embodiments, the alert dependency checking facilitates alert noise reduction. Various embodiments described herein dynamically find or discover alert dependencies based on one or more alerts currently active, one or more active alerts generated in the past, or some combination of both. Various embodiments described herein provide alert monitoring that adapts based on an alert state of a machine. Various embodiments described herein generate a health score for a machine based on an alert state of the machine. Various embodiments described herein provide a tool for managing definitions of one or more alerts that can be identified as an active alert for a machine.Type: GrantFiled: January 31, 2019Date of Patent: April 13, 2021Assignee: Rubrik, Inc.Inventors: Gurjeet S. Arora, Karan Jayesh Bavishi, Daniel Talamas Cano, John Louie, Chetas Joshi, Matthew Edward Noe
-
Patent number: 10887158Abstract: Various embodiments provide for alert generation based on alert dependency. For some embodiments, the alert dependency checking facilitates alert noise reduction. Various embodiments described herein dynamically find or discover alert dependencies based on one or more alerts currently active, one or more active alerts generated in the past, or some combination of both. Various embodiments described herein provide alert monitoring that adapts based on an alert state of a machine. Various embodiments described herein generate a health score for a machine based on an alert state of the machine. Various embodiments described herein provide a tool for managing definitions of one or more alerts that can be identified as an active alert for a machine.Type: GrantFiled: January 31, 2019Date of Patent: January 5, 2021Assignee: Rubrik, Inc.Inventors: Gurjeet S. Arora, Karan Jayesh Bavishi, Daniel Talamas Cano, John Louie, Chetas Joshi, Matthew Edward Noe
-
Patent number: 10803193Abstract: A data management and storage (DMS) duster of peer DMS nodes manages resources of a multi-tenant environment. The DMS cluster provides an authorization framework that provides user access which is scoped to the resources within a tenant organization and the privileges of the user within the organization. To authorize an action on a resource by a user, the DMS cluster determines determine user authorizations associated with the user defining privileges of the user on the resources of the multi-tenant environment, and organization authorizations associated defining resources of the multi-tenant environment that belong to the organization. The DMS cluster authorizes the action when the user authorizations and organizations authorized indicate that the action on the resource is authorized.Type: GrantFiled: April 24, 2019Date of Patent: October 13, 2020Assignee: Rubrik, Inc.Inventors: Matthew Edward Noe, Seungyeop Han, Arohi Kumar
-
Publication number: 20200250305Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Publication number: 20200250062Abstract: Various embodiments provide for alert generation based on alert dependency. For some embodiments, the alert dependency checking facilitates alert noise reduction. Various embodiments described herein dynamically find or discover alert dependencies based on one or more alerts currently active, one or more active alerts generated in the past, or some combination of both. Various embodiments described herein provide alert monitoring that adapts based on an alert state of a machine. Various embodiments described herein generate a health score for a machine based on an alert state of the machine. Various embodiments described herein provide a tool for managing definitions of one or more alerts that can be identified as an active alert for a machine.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Gurjeet S. Arora, Karan Jayesh Bavishi, Daniel Talamas Cano, John Louie, Chetas Joshi, Matthew Edward Noe
-
Publication number: 20200252261Abstract: Various embodiments provide for alert generation based on alert dependency. For some embodiments, the alert dependency checking facilitates alert noise reduction. Various embodiments described herein dynamically find or discover alert dependencies based on one or more alerts currently active, one or more active alerts generated in the past, or some combination of both. Various embodiments described herein provide alert monitoring that adapts based on an alert state of a machine. Various embodiments described herein generate a health score for a machine based on an alert state of the machine. Various embodiments described herein provide a tool for managing definitions of one or more alerts that can be identified as an active alert for a machine.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Gurjeet S. Arora, Karan Jayesh Bavishi, Daniel Talamas Cano, John Louie, Chetas Joshi, Matthew Edward Noe
-
Publication number: 20200252264Abstract: Various embodiments provide for alert generation based on alert dependency. For some embodiments, the alert dependency checking facilitates alert noise reduction. Various embodiments described herein dynamically find or discover alert dependencies based on one or more alerts currently active, one or more active alerts generated in the past, or some combination of both. Various embodiments described herein provide alert monitoring that adapts based on an alert state of a machine. Various embodiments described herein generate a health score for a machine based on an alert state of the machine. Various embodiments described herein provide a tool for managing definitions of one or more alerts that can be identified as an active alert for a machine.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Gurjeet S. Arora, Karan Jayesh Bavishi, Daniel Talamas Cano, John Louie, Chetas Joshi, Matthew Edward Noe
-
Publication number: 20200250307Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Publication number: 20200250306Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Shanthi Kiran Pendyala, Di Wu, Matthew Edward Noe
-
Publication number: 20190384928Abstract: A data management and storage (DMS) duster of peer DMS nodes manages resources of a multi-tenant environment. The DMS cluster provides an authorization framework that provides user access which is scoped to the resources within a tenant organization and the privileges of the user within the organization. To authorize an action on a resource by a user, the DMS cluster determines determine user authorizations associated with the user defining privileges of the user on the resources of the multi-tenant environment, and organization authorizations associated defining resources of the multi-tenant environment that belong to the organization. The DMS cluster authorizes the action when the user authorizations and organizations authorized indicate that the action on the resource is authorized.Type: ApplicationFiled: April 24, 2019Publication date: December 19, 2019Inventors: Matthew Edward Noe, Seungyeop Han, Arohi Kumar