Patents by Inventor Matthew Kraning
Matthew Kraning has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11949657Abstract: Introduced here are Internet monitoring platforms configured to define, monitor, and assess the boundary of a private network associated with a client. By monitoring the entire Internet, a private network, and relationships between these networks, an Internet monitoring platform can discover changes in the boundary of the private network that is defined by those assets on the private network capable of interfacing with a public network, such as the Internet. The Internet monitoring platform may, in response to discovering the boundary of the private network has experienced a change, identify an appropriate remediation action by mapping the change to a technological issue, a relevant business relationship, etc. For example.Type: GrantFiled: August 2, 2021Date of Patent: April 2, 2024Assignee: Palo Alto Networks, Inc.Inventors: Lisa Catherine Wallace, Matthew Kraning, Gregory Toto
-
Patent number: 11777807Abstract: A set of identifying elements of a first network is determined from a set of data. For each identifying element of the set of identifying elements, a first frequency at which the identifying element is associated with a first set of systems connected to the first network is determined, and a second frequency at which the identifying element is associated with a second set of systems of other networks accessible via the Internet is determined. It is determined if each identifying element is associated with the first set of systems at a greater frequency than with the second set of systems based, at least in part, on the first frequency and the second frequency. If an identifying element is associated with the first set of systems at a greater frequency than with the second set of systems, the identifying element is indicated as a fingerprint of the first network.Type: GrantFiled: June 3, 2021Date of Patent: October 3, 2023Assignee: Palo Alto Networks, Inc.Inventors: Timothy Junio, Matthew Kraning
-
Patent number: 11588857Abstract: Systems and methods for network asset lifecycle management are described. Network assets may include ephemeral Internet-accessible assets such as IP addresses, domain names, digital certificates, and cloud infrastructure accounts. A set of addresses associated with a computer network such as the Internet are scanned. Response data is received from one or more network systems connected to the computer network and processed to identify one or more network assets associated with an entity such as an enterprise organization. Asset data indicative of the identified network assets are then stored to build a record of the network assets associated with the entity.Type: GrantFiled: September 29, 2020Date of Patent: February 21, 2023Assignee: Palo Alto Networks, Inc.Inventors: Matthew Kraning, Gregory Toto, Gregory Heon, Haley Sayres, Peter Sorrentino
-
Patent number: 11526564Abstract: A system for an event driven query includes an input interface and a processor. The input interface is configured to receive an indication from an external system. The processor is configured to determine a scanning query based at least in part on the indication; and perform the scanning query.Type: GrantFiled: September 15, 2020Date of Patent: December 13, 2022Assignee: Palo Alto Networks, Inc.Inventors: Matthew Kraning, Timothy Junio
-
Patent number: 11374957Abstract: Introduced here are security management platforms configured to estimate the risk posed by a public communication activity that involves an internal Internet Protocol (IP) address that resides on an internal network. Initially, a security management platform can examine network data to detect a public communication activity involving an internal IP address and an external IP address. Thereafter, the security management platform can probe the external IP address by transmitting a query designed to elicit a response, and then evaluate a risk posed by the public communication activity by analyzing response(s) received from the external IP address, if any, responsive to the query. For example, the security management platform may be able to determine whether a service determined to be vulnerable to unauthorized access is running on the external IP address.Type: GrantFiled: October 22, 2018Date of Patent: June 28, 2022Assignee: Palo Alto Networks, Inc.Inventors: Matthew Kraning, Gregory Heon, Pamela Toman
-
Publication number: 20210367925Abstract: Introduced here are Internet monitoring platforms configured to define, monitor, and assess the boundary of a private network associated with a client. By monitoring the entire Internet, a private network, and relationships between these networks, an Internet monitoring platform can discover changes in the boundary of the private network that is defined by those assets on the private network capable of interfacing with a public network, such as the Internet. The Internet monitoring platform may, in response to discovering the boundary of the private network has experienced a change, identify an appropriate remediation action by mapping the change to a technological issue, a relevant business relationship, etc. For example.Type: ApplicationFiled: August 2, 2021Publication date: November 25, 2021Inventors: Lisa Catherine Wallace, Matthew Kraning, Gregory Toto
-
Publication number: 20210367965Abstract: A distributed system of scanning nodes is provided job portions to collectively scan network systems numbering in the tens of thousands and beyond million across the Internet. A scanning controller creates the job portions to fulfill a scanning request. The scanning controller creates the job portions based on availability of scanning nodes and a size of the scanning request (i.e., number of network addresses indicated by the request). The scanning controller creates each job portion with scanning instructions for an available scanning node to execute on a selected set of the network addresses indicated in the request, with each job portion having a different set of addresses to scan and being independently executable.Type: ApplicationFiled: August 3, 2021Publication date: November 25, 2021Inventors: Matthew Kraning, Matthew Anderson, Peter Dickinson, Corey Fredericks, John Holliman, Andrew Seidel
-
Patent number: 11170011Abstract: A system for an event driven query includes an input interface and a processor. The input interface is configured to receive an indication from a client system. The processor is configured to determine a scanning query based at least in part on the indication; and perform the scanning query.Type: GrantFiled: March 20, 2017Date of Patent: November 9, 2021Assignee: Palo Alto Networks, Inc.Inventors: Matthew Kraning, Timothy Junio
-
Publication number: 20210288993Abstract: Introduced here are security management platforms configured to identify, assess, and monitor organizational vulnerability to security threats. By monitoring netflow data regarding the traffic traversing the Internet, a security management platform can identify security threats that would otherwise go undetected. Such action can be performed instead of, or in addition to, monitoring netflow data regarding the traffic traversing a local network (also referred to as an “internal network”) associated with an organization under examination. Thus, rather than monitor the traffic leaving public-facing Internet Protocol (IP) addresses residing on the local network, the security management platform can instead monitor traffic traversing the Internet and then filter the traffic to identify flows originating from the local network, flows destined for the local network, or any combination thereof.Type: ApplicationFiled: March 29, 2021Publication date: September 16, 2021Inventors: Matthew Kraning, Gregory Heon, Pamela Toman
-
Publication number: 20210288884Abstract: A system for determining fingerprints includes an interface to receive an indication to determine fingerprints using a set of client data, and a processor to determine a set of indicators based at least in part on the client data and for one or more indicators of the set of indicators, determine whether the indicator comprises a fingerprint based at least in part on a frequency analysis, and in the event it is determined that the indicator comprises a fingerprint, store the fingerprint in a fingerprint database associated with the client.Type: ApplicationFiled: June 3, 2021Publication date: September 16, 2021Inventors: Timothy Junio, Matthew Kraning
-
Patent number: 11102231Abstract: A system for scanning a network includes an interface and a processor. The interface is configured to receive an indication to scan a set of network addresses. The processor is configured to determine a set of available scanning nodes and determine a job plan for scanning the set of network addresses using the set of available scanning nodes. The job plan includes one or more job portions. The processor is configured to, for a job portion of the one or more job portions, select a scanning node of the set of available scanning nodes and provide the job portion to the scanning node.Type: GrantFiled: March 22, 2017Date of Patent: August 24, 2021Assignee: Palo Alto Network, Inc.Inventors: Matthew Kraning, Matthew Anderson, Peter Dickinson, Corey Fredericks, John Holliman, Andrew Seidel
-
Patent number: 11102174Abstract: Introduced here are Internet monitoring platforms configured to define, monitor, and assess the boundary of a private network associated with a client. By monitoring the entire Internet, a private network, and relationships between these networks, an Internet monitoring platform can discover changes in the boundary of the private network that is defined by those assets on the private network capable of interfacing with a public network, such as the Internet. The Internet monitoring platform may, in response to discovering the boundary of the private network has experienced a change, identify an appropriate remediation action by mapping the change to a technological issue, a relevant business relationship, etc. For example.Type: GrantFiled: December 21, 2018Date of Patent: August 24, 2021Assignee: Palo Alto Networks, Inc.Inventors: Lisa Catherine Wallace, Matthew Kraning, Gregory Toto
-
Patent number: 11050629Abstract: A system for determining fingerprints includes an interface to receive an indication to determine fingerprints using a set of client data, and a processor to determine a set of indicators based at least in part on the client data and for one or more indicators of the set of indicators, determine whether the indicator comprises a fingerprint based at least in part on a frequency analysis, and in the event it is determined that the indicator comprises a fingerprint, store the fingerprint in a fingerprint database associated with the client.Type: GrantFiled: November 3, 2016Date of Patent: June 29, 2021Assignee: Palo Alto Networks, Inc.Inventors: Timothy Junio, Matthew Kraning
-
Publication number: 20210105304Abstract: Systems and methods for network asset lifecycle management are described. Network assets may include ephemeral Internet-accessible assets such as IP addresses, domain names, digital certificates, and cloud infrastructure accounts. A set of addresses associated with a computer network such as the Internet are scanned. Response data is received from one or more network systems connected to the computer network and processed to identify one or more network assets associated with an entity such as an enterprise organization. Asset data indicative of the identified network assets are then stored to build a record of the network assets associated with the entity.Type: ApplicationFiled: September 29, 2020Publication date: April 8, 2021Inventors: Matthew Kraning, Gregory Toto, Gregory Heon, Haley Sayres, Peter Sorrentino
-
Patent number: 10965707Abstract: Introduced here are security management platforms configured to identify, assess, and monitor organizational vulnerability to security threats. By monitoring netflow data regarding the traffic traversing the Internet, a security management platform can identify security threats that would otherwise go undetected. Such action can be performed instead of, or in addition to, monitoring netflow data regarding the traffic traversing a local network (also referred to as an “internal network”) associated with an organization under examination. Thus, rather than monitor the traffic leaving public-facing Internet Protocol (IP) addresses residing on the local network, the security management platform can instead monitor traffic traversing the Internet and then filter the traffic to identify flows originating from the local network, flows destined for the local network, or any combination thereof.Type: GrantFiled: May 18, 2018Date of Patent: March 30, 2021Assignee: EXPANSE, INC.Inventors: Matthew Kraning, Gregory Heon, Pamela Toman
-
Publication number: 20200410016Abstract: A system for an event driven query includes an input interface and a processor. The input interface is configured to receive an indication from an external system. The processor is configured to determine a scanning query based at least in part on the indication; and perform the scanning query.Type: ApplicationFiled: September 15, 2020Publication date: December 31, 2020Inventors: Matthew Kraning, Timothy Junio
-
Patent number: 10831838Abstract: A system for an event driven query includes an input interface and a processor. The input interface is configured to receive an indication from an external system. The processor is configured to determine a scanning query based at least in part on the indication; and perform the scanning query.Type: GrantFiled: March 20, 2017Date of Patent: November 10, 2020Assignee: EXPANSE, INC.Inventors: Matthew Kraning, Timothy Junio
-
Patent number: 10749857Abstract: A system for network mapping includes an interface and a processor. The interface is configured to receive an indication to scan a set of addresses using a fingerprint. The processor is configured to for an address of the set of addresses: receive a response associated with the address; determine whether the response matches the fingerprint; and store the address in a client network database in the event the response matches the fingerprint.Type: GrantFiled: September 26, 2016Date of Patent: August 18, 2020Assignee: EXPANSE, INC.Inventors: Timothy Junio, Matthew Kraning
-
Publication number: 20190199688Abstract: Introduced here are Internet monitoring platforms configured to define, monitor, and assess the boundary of a private network associated with a client. By monitoring the entire Internet, a private network, and relationships between these networks, an Internet monitoring platform can discover changes in the boundary of the private network that is defined by those assets on the private network capable of interfacing with a public network, such as the Internet. The Internet monitoring platform may, in response to discovering the boundary of the private network has experienced a change, identify an appropriate remediation action by mapping the change to a technological issue, a relevant business relationship, etc. For example.Type: ApplicationFiled: December 21, 2018Publication date: June 27, 2019Inventors: Lisa Catherine Wallace, Matthew Kraning, Gregory Toto
-
Publication number: 20190058724Abstract: Introduced here are security management platforms configured to estimate the risk posed by a public communication activity that involves an internal Internet Protocol (IP) address that resides on an internal network. Initially, a security management platform can examine network data to detect a public communication activity involving an internal IP address and an external IP address. Thereafter, the security management platform can probe the external IP address by transmitting a query designed to elicit a response, and then evaluate a risk posed by the public communication activity by analyzing response(s) received from the external IP address, if any, responsive to the query. For example, the security management platform may be able to determine whether a service determined to be vulnerable to unauthorized access is running on the external IP address.Type: ApplicationFiled: October 22, 2018Publication date: February 21, 2019Inventors: Matthew Kraning, Gregory Heon, Pamela Toman