Patents by Inventor Michael Roytman
Michael Roytman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11888887Abstract: Systems and methods for computing times to remediate for asset vulnerabilities are described herein. In an embodiment, a server computer receives first vulnerability data for a plurality of entities identifying asset vulnerabilities and timing data corresponding to the vulnerability data indicating an amount of time between identification of an asset vulnerability and a result of the asset vulnerability. The server computer identifies a strict subset of the first vulnerability data that belongs to a particular category of a first plurality of categories. The server computer receives second vulnerability data for a particular entity identifying asset vulnerabilities. The server computer identifies a strict subset of the second vulnerability data the belongs to the particular category. Based, at least in part, on the strict subset of the first vulnerability data, the server computer computes a time to remediate the asset vulnerabilities in the strict subset of the second vulnerability data.Type: GrantFiled: April 27, 2021Date of Patent: January 30, 2024Inventors: Michael Roytman, Edward T. Bellis, Jason Rolleston
-
Patent number: 11861016Abstract: Generation of a first prediction model is caused based on first training data, where the first prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack. For each training instance in the first training data, the first prediction model is used to generate a score. Each training instance is added to second training data if the score is greater than a threshold value. The second training data is a subset of the first training data. Generation of a second prediction model is caused based on the second training data, where the second prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack.Type: GrantFiled: April 6, 2021Date of Patent: January 2, 2024Inventors: Michael Roytman, Jay Jacobs
-
Publication number: 20230316192Abstract: In one embodiment, a method includes determining an attack tactic risk score for one or more attack tactics based on a dataset of actual loss events and determining an incident risk score for an incident based on the one or more attack tactic risk scores. The method also includes determining a priority value for an asset. The asset is associated with the incident. The method further includes generating an asset risk score for the asset based on the priority value of the asset and the incident risk score.Type: ApplicationFiled: July 7, 2022Publication date: October 5, 2023Inventors: Michael Roytman, Edward Thayer Bellis, IV
-
Publication number: 20230315844Abstract: In one embodiment, a method includes receiving a historical text document that is associated with a breach event. The method also includes searching for an attack tactic within the historical text document using a machine learning algorithm. The method further includes generating a probability that the attack tactic exists within the historical text document, comparing the probability to a predetermined probability threshold, and categorizing the historical text document based on the probability.Type: ApplicationFiled: July 15, 2022Publication date: October 5, 2023Inventors: Michael Roytman, Edward Thayer Bellis, IV
-
Publication number: 20220207152Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: ApplicationFiled: March 14, 2022Publication date: June 30, 2022Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Publication number: 20220156385Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: ApplicationFiled: February 4, 2022Publication date: May 19, 2022Inventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Patent number: 11275844Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: GrantFiled: August 31, 2020Date of Patent: March 15, 2022Assignee: KENNA SECURITY LLCInventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Patent number: 11250137Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: GrantFiled: December 9, 2019Date of Patent: February 15, 2022Assignee: KENNA SECURITY LLCInventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Publication number: 20210336984Abstract: Systems and methods for computing times to remediate for asset vulnerabilities are described herein. In an embodiment, a server computer receives first vulnerability data for a plurality of entities identifying asset vulnerabilities and timing data corresponding to the vulnerability data indicating an amount of time between identification of an asset vulnerability and a result of the asset vulnerability. The server computer identifies a strict subset of the first vulnerability data that belongs to a particular category of a first plurality of categories. The server computer receives second vulnerability data for a particular entity identifying asset vulnerabilities. The server computer identifies a strict subset of the second vulnerability data the belongs to the particular category. Based, at least in part, on the strict subset of the first vulnerability data, the server computer computes a time to remediate the asset vulnerabilities in the strict subset of the second vulnerability data.Type: ApplicationFiled: April 27, 2021Publication date: October 28, 2021Inventors: Michael Roytman, Edward T. Bellis, Jason Rolleston
-
Publication number: 20210248243Abstract: Generation of a first prediction model is caused based on first training data, wherein the first prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack. For each training instance in the first training data, the first prediction model is used to generate a scored. Each training instance is added to second training data if the score is greater than a threshold value. The second training data is a subset of the first training data. Generation of a second prediction model is caused based on the second training data, wherein the second prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack.Type: ApplicationFiled: April 6, 2021Publication date: August 12, 2021Inventors: Michael Roytman, Jay Jacobs
-
Patent number: 10970400Abstract: Generation of a first prediction model is caused based on first training data, where the first prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack. For each training instance in the first training data, the first prediction model is used to generate a score. Each training instance is added to second training data if the score is greater than a threshold value. The second training data is a subset of the first training data. Generation of a second prediction model is caused based on the second training data, where the second prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack.Type: GrantFiled: August 14, 2018Date of Patent: April 6, 2021Assignee: KENNA SECURITY, INC.Inventors: Michael Roytman, Jay Jacobs
-
Publication number: 20200401704Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: ApplicationFiled: August 31, 2020Publication date: December 24, 2020Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Patent number: 10762212Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: GrantFiled: October 12, 2018Date of Patent: September 1, 2020Assignee: Kenna Security, Inc.Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer
-
Publication number: 20200163015Abstract: Presented here are system and methods for collecting information from devices, such as sensors, that are not necessarily connected to the Internet. Multiple sensors are distributed in a geographic area. The sensors power up every 10 minutes to gather data about the environment and then power down to save battery. A collecting device, i.e., a device attached to a moving object, traverses the geographic area containing the sensors, and continuously sends wake-up signals into the environment. When a sensor is within 20 feet of the collecting device, and receives the wake-up signal, the sensor uploads the gathered data to the collecting device. Subsequently, when the collecting device establishes an Internet connection, the collecting device uploads the gathered data to a central database.Type: ApplicationFiled: May 1, 2019Publication date: May 21, 2020Inventors: Stefan Anastas Nagey, Jesse Erin Berns, Michael Roytman
-
Publication number: 20200110885Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: ApplicationFiled: December 9, 2019Publication date: April 9, 2020Inventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Publication number: 20200057857Abstract: Generation of a first prediction model is caused based on first training data, where the first prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack. For each training instance in the first training data, the first prediction model is used to generate a score. Each training instance is added to second training data if the score is greater than a threshold value. The second training data is a subset of the first training data. Generation of a second prediction model is caused based on the second training data, where the second prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack.Type: ApplicationFiled: August 14, 2018Publication date: February 20, 2020Inventors: Michael Roytman, Jay Jacobs
-
Patent number: 10503908Abstract: Techniques related to vulnerability assessment based on machine inference are disclosed. A vulnerability assessment server may receive, from a client device, a set of metadata corresponding to a program stored on the client device. Further, the vulnerability assessment server may extract a program name from the set of metadata. Still further, the vulnerability assessment server may determine one or more vulnerabilities of the program based on searching for the program name in one or more storage systems that maintain sets of vulnerability data.Type: GrantFiled: April 4, 2017Date of Patent: December 10, 2019Assignee: KENNA SECURITY, INC.Inventors: Edward T. Bellis, Michael Roytman, David Bortz, Jared Davis
-
Publication number: 20190317661Abstract: The technology presented here enables low skilled administrators to design a hierarchical survey, low skilled field agents to collect answers to the hierarchical survey, and low skilled field managers to manage and monitor the progress of the field agents. The hierarchical surveys designed can be complex hierarchical surveys comprising multi-stage sampling units. The graphical user interfaces presented to the users are easy to use, and hide the complexity of the hierarchical survey. The user devices can communicate with each other to transmit the hierarchical surveys and the answers received to the hierarchical surveys using peer-to-peer networks, in environments where there is low, or no Internet connectivity.Type: ApplicationFiled: April 18, 2019Publication date: October 17, 2019Inventors: Jesse Erin BERNS, Michael Roytman, Jennifer Paige GRIFFIN
-
Publication number: 20190313334Abstract: Presented here are system and methods for collecting information from devices, such as sensors, that are not necessarily connected to the Internet. Multiple sensors are distributed in a geographic area. The sensors power up every 10 minutes to gather data about the environment and then power down to save battery. A collecting device, i.e., a device attached to a moving object, traverses the geographic area containing the sensors, and continuously sends wake-up signals into the environment. When a sensor is within 20 feet of the collecting device, and receives the wake-up signal, the sensor uploads the gathered data to the collecting device. Subsequently, when the collecting device establishes an Internet connection, the collecting device uploads the gathered data to a central database.Type: ApplicationFiled: April 16, 2019Publication date: October 10, 2019Inventors: Stefan Anastas Nagey, Jesse Erin Berns, Michael Roytman
-
Publication number: 20190163917Abstract: Generation of one or more models is caused based on selecting training data comprising a plurality of features including a prevalence feature for each vulnerability of a first plurality of vulnerabilities. The one or more models enable predicting whether an exploit will be developed for a vulnerability and/or whether the exploit will be used in an attack. The one or more models are applied to input data comprising the prevalence feature for each vulnerability of a second plurality of vulnerabilities. Based on the application of the one or more models to the input data, output data is received. The output data indicates a prediction of whether an exploit will be developed for each vulnerability of the second plurality. Additionally or alternatively, the output data indicates, for each vulnerability of the second plurality, a prediction of whether an exploit that has yet to be developed will be used in an attack.Type: ApplicationFiled: October 12, 2018Publication date: May 30, 2019Inventors: Edward T. Bellis, Michael Roytman, Jeffrey Heuer