Patents by Inventor Munawar Monzy Merza
Munawar Monzy Merza has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11876809Abstract: In a method, a plurality of events is accessed, wherein an event of the plurality of events includes a portion of raw-machine data from a data source of a plurality of data sources. For at least one event of the plurality of events, a transaction phase of a computer security transaction is correlated with the at least one event based at least in part on a data source associated with the at least one event. The transaction phase of the at least one event is correlated with a particular asset of a plurality of assets.Type: GrantFiled: September 30, 2020Date of Patent: January 16, 2024Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Patent number: 11606384Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: GrantFiled: July 28, 2021Date of Patent: March 14, 2023Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Publication number: 20210360022Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: ApplicationFiled: July 28, 2021Publication date: November 18, 2021Applicant: Splunk Inc.Inventor: Munawar Monzy Merza
-
Patent number: 11134094Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.Type: GrantFiled: January 30, 2020Date of Patent: September 28, 2021Assignee: SPLUNK INC.Inventors: Munawar Monzy Merza, John Coates, James M Hansen, Lucas Murphey, David Hazekamp, Michael Kinsley, Alexander Raitz
-
Patent number: 11108807Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: GrantFiled: January 31, 2020Date of Patent: August 31, 2021Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Publication number: 20210029144Abstract: In a method, a plurality of events is accessed, wherein an event of the plurality of events includes a portion of raw-machine data from a data source of a plurality of data sources. For at least one event of the plurality of events, a transaction phase of a computer security transaction is correlated with the at least one event based at least in part on a data source associated with the at least one event. The transaction phase of the at least one event is correlated with a particular asset of a plurality of assets.Type: ApplicationFiled: September 30, 2020Publication date: January 28, 2021Inventor: Munawar Monzy Merza
-
Publication number: 20200177624Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: ApplicationFiled: January 31, 2020Publication date: June 4, 2020Inventor: Munawar Monzy Merza
-
Publication number: 20200169579Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.Type: ApplicationFiled: January 30, 2020Publication date: May 28, 2020Inventors: Munawar Monzy Merza, John Coates, James M. Hansen, Lucas Murphey, David Hazekamp, Michael Kinsley, Alexander Raitz
-
Patent number: 10567423Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: GrantFiled: July 31, 2018Date of Patent: February 18, 2020Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Patent number: 10567412Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.Type: GrantFiled: August 9, 2018Date of Patent: February 18, 2020Assignee: SPLUNK INC.Inventors: Munawar Monzy Merza, John Coates, James M Hansen, Lucas Murphey, David Hazekamp, Michael Kinsley, Alexander Raitz
-
Publication number: 20180351983Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.Type: ApplicationFiled: August 9, 2018Publication date: December 6, 2018Inventors: Munawar Monzy Merza, John Coates, James M Hansen, Lucas Murphey, David Hazekamp, Michael Kinsely, Alexander Raitz
-
Publication number: 20180337944Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: ApplicationFiled: July 31, 2018Publication date: November 22, 2018Inventor: Munawar Monzy Merza
-
Patent number: 10091227Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.Type: GrantFiled: November 1, 2016Date of Patent: October 2, 2018Assignee: SPLUNK INC.Inventors: Munawar Monzy Merza, John Coates, James M Hansen, Lucas Murphey, David Hazekamp, Michael Kinsley, Alexander Raitz
-
Patent number: 10069857Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: GrantFiled: July 31, 2017Date of Patent: September 4, 2018Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Publication number: 20170359371Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: ApplicationFiled: July 31, 2017Publication date: December 14, 2017Inventor: Munawar Monzy Merza
-
Patent number: 9756068Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: GrantFiled: March 30, 2017Date of Patent: September 5, 2017Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Publication number: 20170223030Abstract: In a method, a plurality of events is accessed, wherein an event of the plurality of events includes a portion of raw-machine data from a data source of a plurality of data sources. For at least one event of the plurality of events, a transaction phase of a computer security transaction is correlated with the at least one event based at least in part on a data source associated with the at least one event. The transaction phase of the at least one event is correlated with a particular asset of a plurality of assets.Type: ApplicationFiled: January 29, 2016Publication date: August 3, 2017Inventor: Munawar Monzy Merza
-
Publication number: 20170208089Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: ApplicationFiled: March 30, 2017Publication date: July 20, 2017Inventor: Munawar Monzy Merza
-
Patent number: 9648037Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.Type: GrantFiled: July 31, 2016Date of Patent: May 9, 2017Assignee: Splunk Inc.Inventor: Munawar Monzy Merza
-
Publication number: 20170048265Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.Type: ApplicationFiled: November 1, 2016Publication date: February 16, 2017Inventors: Munawar Monzy Merza, John Coates, James M. Hansen, Lucas Murphey, David Hazekamp, Michael Kinsley, Alexander Raitz