Patents by Inventor Nicholas Liebmann
Nicholas Liebmann has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10171475Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.Type: GrantFiled: June 12, 2017Date of Patent: January 1, 2019Assignee: McAfee, LLCInventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
-
Patent number: 10033697Abstract: Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.Type: GrantFiled: June 27, 2016Date of Patent: July 24, 2018Assignee: McAfee, LLCInventors: Nicholas Liebmann, Raoul Tiddy, Michael Bishop
-
Patent number: 9929991Abstract: A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.Type: GrantFiled: September 16, 2016Date of Patent: March 27, 2018Assignee: McAfee, LLCInventors: Nicholas Liebmann, Martin Stecher, Paul Gartside, Michael G. Bishop, Simon Hunt
-
Publication number: 20180007061Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.Type: ApplicationFiled: June 12, 2017Publication date: January 4, 2018Applicant: McAfee, Inc.Inventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
-
Patent number: 9705889Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.Type: GrantFiled: May 20, 2015Date of Patent: July 11, 2017Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
-
Patent number: 9560020Abstract: At least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is encrypted. Second email address data is changed corresponding to the second email account to cause replies to the first email intended for the second email account to be sent to an intermediate device prior to being routed to the second email account. Replies to the first email are then sent to the intermediate device and sent over one or more encrypted channels. Replies to the first email including the changed email address data are decoded to identify the second email address data associated with the second email account. A reply to the first email is then sent to the second email account based on the identified second email address data.Type: GrantFiled: January 6, 2015Date of Patent: January 31, 2017Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Graeme McKerrell, Peter Neal
-
Publication number: 20170005961Abstract: A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.Type: ApplicationFiled: September 16, 2016Publication date: January 5, 2017Inventors: Nicholas Liebmann, Martin Stecher, Paul Gartside, Mike Bishop, Simon Hunt
-
Publication number: 20160308834Abstract: Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.Type: ApplicationFiled: June 27, 2016Publication date: October 20, 2016Inventors: Nicholas Liebmann, Raoul Tiddy, Michael Bishop
-
Patent number: 9467410Abstract: A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.Type: GrantFiled: December 20, 2012Date of Patent: October 11, 2016Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Martin Stecher, Paul Gartside, Mike Bishop, Simon Hunt
-
Patent number: 9385991Abstract: Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.Type: GrantFiled: May 13, 2014Date of Patent: July 5, 2016Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Raoul Tiddy, Michael Bishop
-
Publication number: 20150304339Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.Type: ApplicationFiled: May 20, 2015Publication date: October 22, 2015Applicant: McAfee, Inc.Inventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
-
Publication number: 20150256519Abstract: At least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is encrypted. Second email address data is changed corresponding to the second email account to cause replies to the first email intended for the second email account to be sent to an intermediate device prior to being routed to the second email account. Replies to the first email are then sent to the intermediate device and sent over one or more encrypted channels. Replies to the first email including the changed email address data are decoded to identify the second email address data associated with the second email account. A reply to the first email is then sent to the second email account based on the identified second email address data.Type: ApplicationFiled: January 6, 2015Publication date: September 10, 2015Inventors: Nicholas Liebmann, Graeme McKerrell, Peter Neal
-
Patent number: 9049235Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.Type: GrantFiled: November 21, 2012Date of Patent: June 2, 2015Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
-
Patent number: 8930689Abstract: At least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is encrypted. Second email address data is changed corresponding to the second email account to cause replies to the first email intended for the second email account to be sent to an intermediate device prior to being routed to the second email account. Replies to the first email are then sent to the intermediate device and sent over one or more encrypted channels. Replies to the first email including the changed email address data are decoded to identify the second email address data associated with the second email account. A reply to the first email is then sent to the second email account based on the identified second email address data.Type: GrantFiled: September 28, 2011Date of Patent: January 6, 2015Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Graeme McKerrell, Peter Neal
-
Publication number: 20140245424Abstract: Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.Type: ApplicationFiled: May 13, 2014Publication date: August 28, 2014Inventors: Nicholas Liebmann, Raoul Tiddy, Michael Bishop
-
Publication number: 20140181216Abstract: A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.Type: ApplicationFiled: December 20, 2012Publication date: June 26, 2014Applicant: McAfee, Inc.Inventors: Nicholas Liebmann, Martin Stecher, Paul Gartside, Mike Bishop, Simon Hunt
-
Patent number: 8726385Abstract: Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.Type: GrantFiled: October 5, 2011Date of Patent: May 13, 2014Assignee: McAfee, Inc.Inventors: Nicholas Liebmann, Raoul Tiddy, Mike Bishop
-
Publication number: 20140020047Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.Type: ApplicationFiled: November 21, 2012Publication date: January 16, 2014Inventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
-
Publication number: 20130091584Abstract: Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.Type: ApplicationFiled: October 5, 2011Publication date: April 11, 2013Applicant: McAfee, Inc.Inventors: Nicholas Liebmann, Raoul Tiddy, Mike Bishop
-
Publication number: 20130080775Abstract: At least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is encrypted. Second email address data is changed corresponding to the second email account to cause replies to the first email intended for the second email account to be sent to an intermediate device prior to being routed to the second email account. Replies to the first email are then sent to the intermediate device and sent over one or more encrypted channels. Replies to the first email including the changed email address data are decoded to identify the second email address data associated with the second email account. A reply to the first email is then sent to the second email account based on the identified second email address data.Type: ApplicationFiled: September 28, 2011Publication date: March 28, 2013Inventors: Nicholas Liebmann, Graeme McKerrell, Peter Neal