Patents by Inventor Norman Sadeh-Koniecpol

Norman Sadeh-Koniecpol has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190173819
    Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actutable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.
    Type: Application
    Filed: February 4, 2019
    Publication date: June 6, 2019
    Inventors: Kurt Wescoe, Trevor T. Hawthorn, Alan Himler, Patrick H. Veverka, John T. Campbell, Dustin D. Brungart, Norman Sadeh-Koniecpol
  • Patent number: 10243904
    Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actutable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.
    Type: Grant
    Filed: May 26, 2017
    Date of Patent: March 26, 2019
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Kurt Wescoe, Trevor T. Hawthorn, Alan Himler, Patrick H. Veverka, John T. Campbell, Dustin D. Brungart, Norman Sadeh-Koniecpol
  • Patent number: 10063584
    Abstract: A system manages computer security risks associated with message file attachments. When a user of an electronic device with a messaging client attempts to open an attachment to a message that is in the client's inbox, the system will analyze the message to determine whether the message is a legitimate message or a potentially malicious message without the need to actually process or analyze the attachment itself. If the system determines that the received message is a legitimate message, the system will permit the attachment to actuate on the client computing device. If the system determines that the received message is not or may not be a legitimate message, the system will continue preventing the attachment from actuating on the client computing device.
    Type: Grant
    Filed: January 24, 2018
    Date of Patent: August 28, 2018
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Kurt Wescoe, John T. Campbell, Joseph A. Ferrara, Trevor T. Hawthorn, Alan Himler, Norman Sadeh-Koniecpol
  • Patent number: 10027701
    Abstract: A client electronic device of an electronic message analysis system receives a user activation action indicating that a user has reported a message received at the client device a potentially malicious. The client device then determines whether to forward the message to a remote service for analysis by assessing whether the received message originated from a trusted sender. If and only if the client device determines that the received message originated from a trusted sender, it will permit the client device to take other action on the received message and not report the received message to a remote service for further analysis. If the client device does not determine that the received message originated from a trusted sender, it will report the received message to a remote service for further analysis.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: July 17, 2018
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Alan Himler, John T. Campbell, Joseph A. Ferrara, Trevor T. Hawthorn, Norman Sadeh-Koniecpol, Kurt Wescoe
  • Patent number: 9912687
    Abstract: A system manages computer security risks associated with message file attachments. When a user of an electronic device with a messaging client attempts to open an attachment to a message that is in the client's inbox, the system will analyze the message to determine whether the message is a legitimate message or a potentially malicious message without the need to actually process or analyze the attachment itself. If the system determines that the received message is a legitimate message, the system will permit the attachment to actuate on the client computing device. If the system determines that the received message is not or may not be a legitimate message, the system will continue preventing the attachment from actuating on the client computing device.
    Type: Grant
    Filed: August 17, 2016
    Date of Patent: March 6, 2018
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Kurt Wescoe, John T. Campbell, Joseph A. Ferrara, Trevor T. Hawthorn, Alan Himler, Norman Sadeh-Koniecpol
  • Patent number: 9870715
    Abstract: A system assesses the susceptibility of an electronic device user to a cybersecurity threat by sensing a user action with respect to the electronic device. The system maps the sensed data to a training needs model to determine whether the sensed data corresponds to a pattern associated with a threat scenario in the training needs model. When the system determines that the sensed data corresponds to a pattern associated with a threat scenario in the training needs model, identify a cybersecurity threat scenario for which the user is at risk, and use the training needs model to estimate susceptibility of the user to the cybersecurity threat scenario.
    Type: Grant
    Filed: January 30, 2017
    Date of Patent: January 16, 2018
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Patent number: 9846887
    Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.
    Type: Grant
    Filed: August 30, 2013
    Date of Patent: December 19, 2017
    Assignee: CARNEGIE MELLON UNIVERSITY
    Inventors: Justin Cranshaw, Raz Schwartz, Jason I. Hong, Norman Sadeh-Koniecpol
  • Patent number: 9824609
    Abstract: A system assesses the susceptibility of an electronic device user to a cybersecurity threat by identifying information relating to the user of an electronic device, selecting a mock attack, and causing the mock attack to be deployed to the user so that the user receives the mock attack in the user's regular context of use of the electronic device. When a sensor detects a user action that the user has interacted with the electronic device in response to the mock attack, the system will record the sensed user action and use the sensed user action to determine the susceptibility of the user to a cybersecurity threat. In some embodiments, the lack of user action in response to a mock attack also may be used to determine the user's susceptibility to a cybersecurity threat.
    Type: Grant
    Filed: December 23, 2016
    Date of Patent: November 21, 2017
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Patent number: 9813454
    Abstract: A cybersecurity training system uses lures and training actions to help train a user of an electronic device to recognize and act appropriately in situations that could compromise electronic device security. The system includes a library of cybersecurity training actions and a library of brand items. The system retrieves a template for a cybersecurity training action from the first library, automatically modifies the retrieved template to include a brand or branded content from the second library, and causes the cybersecurity training action according to the modified template instantiated with the branded content to be sent to the user's electronic device.
    Type: Grant
    Filed: June 17, 2016
    Date of Patent: November 7, 2017
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Joseph A. Ferrara
  • Patent number: 9781149
    Abstract: An electronic message analysis system of a cybersecurity network assesses whether a received message is a mock malicious message in response to, receiving a user activation action that indicates that the user has reported the received message as a potentially malicious message. The system does this by determining whether any header field of a header section of the message starts with a predetermined key. For any header field that starts with the predetermined key, the system determines whether a value that follows the predetermined key satisfies a trusted sender rule. If the value that follows the predetermined key satisfies the trusted sender rule, the system determines that the received message originated from a trusted sender. If the value that immediately follows the predetermined key does not satisfy the trusted sender rule, the system determines that the received message did not originate from a trusted sender.
    Type: Grant
    Filed: August 17, 2016
    Date of Patent: October 3, 2017
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Alan Himler, John T. Campbell, Joseph A. Ferrara, Trevor T. Hawthorn, Norman Sadeh-Koniecpol, Kurt Wescoe
  • Patent number: 9774626
    Abstract: In a cybersecurity network, a system identifies and classifies non-malicious messages by receiving a user notification indicating that the user has reported a received message as potentially malicious message, and determining whether the received message is legitimate or potentially malicious. When the system determines that the message is a legitimate, it further analyzes the message to assign a class that may include trusted internal sender, trusted external sender, or training a simulated phishing message. It will then cause the user's device to provide the user with information corresponding to the assigned class. The system may also quarantine a received message and release the message from the quarantine only after determining that the message is legitimate and receiving a user acknowledgment.
    Type: Grant
    Filed: August 17, 2016
    Date of Patent: September 26, 2017
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Alan Himler, John T. Campbell, Joseph A. Ferrara, Trevor T. Hawthorn, Norman Sadeh-Koniecpol, Kurt Wescoe
  • Publication number: 20170244746
    Abstract: Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user's interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.
    Type: Application
    Filed: April 20, 2017
    Publication date: August 24, 2017
    Inventors: Trevor T. Hawthorn, Norman Sadeh-Koniecpol, Nathan Miller, Jeff Losapio, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Publication number: 20170140663
    Abstract: A system assesses the susceptibility of an electronic device user to a cybersecurity threat by sensing a user action with respect to the electronic device. The system maps the sensed data to a training needs model to determine whether the sensed data corresponds to a pattern associated with a threat scenario in the training needs model. When the system determines that the sensed data corresponds to a pattern associated with a threat scenario in the training needs model, identify a cybersecurity threat scenario for which the user is at risk, and use the training needs model to estimate susceptibility of the user to the cybersecurity threat scenario.
    Type: Application
    Filed: January 30, 2017
    Publication date: May 18, 2017
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Publication number: 20170103674
    Abstract: A system assessing the susceptibility of an electronic device user to a cybersecurity threat by identifying information relating to the user of an electronic device, selecting a mock attack, and causing the mock attack to be deployed to the user so that the user receives the mock attack in the user's regular context of use of the electronic device. When the a sensor detects a user action that the user has interacted with the electronic device in response to the mock attack, the system will record the sensed user action and us the sensed user action to determine the susceptibility of the user to a cybersecurity threat. In some embodiments, the lack of user action in response to a mock attack also may be used to determine the user's susceptibility to a cybersecurity threat.
    Type: Application
    Filed: December 23, 2016
    Publication date: April 13, 2017
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Patent number: 9558677
    Abstract: A training system senses a user action that may expose the user to a threat, such as a cybersecurity threat. The user action may be in response to a mock attack delivered via a messaging service, a wireless communication service, a fake malware application or another device, service, system or mechanism. The system selects a training action from a collection of available training actions and causes the training action to be delivered to the user.
    Type: Grant
    Filed: March 17, 2014
    Date of Patent: January 31, 2017
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Patent number: 9547998
    Abstract: Context-aware training systems, apparatuses and systems. The context-aware training systems, apparatuses and systems are computer-implemented and include sensing a user action and, based on a training needs model, estimating a cost or benefit to exposing the user to a training action, selecting a training action from a collection of available training actions and delivering the training action to the user if the user action indicates a need for the user to be trained and the cost or benefit to exposing the user to the training action indicates user exposure to the training action is warranted.
    Type: Grant
    Filed: April 9, 2012
    Date of Patent: January 17, 2017
    Assignee: WOMBAT SECURITY TECHNOLOGIES, INC.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Publication number: 20160301716
    Abstract: A cybersecurity training system uses lures and training actions to help train a user of an electronic device to recognize and act appropriately in situations that could compromise electronic device security. The system includes a library of cybersecurity training actions and a library of brand items. The system retrieves a template for a cybersecurity training action from the first library, automatically modifies the retrieved template to include a brand or branded content from the second library, and causes the cybersecurity training action according to the modified template instantiated with the branded content to be sent to the user's electronic device.
    Type: Application
    Filed: June 17, 2016
    Publication date: October 13, 2016
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Joseph A. Ferrara
  • Patent number: 9398029
    Abstract: A cybersecurity training system uses lures and training actions to help train a user of an electronic device to recognize and act appropriately in situations that could compromise security. The system includes an administrator interface by which an administrator may customize a lure and/or a training action with branded content. When used in a lure, this enables the lure to appear to the user as if it were a legitimate, non-threatening action from the brand. If the user falls for the lure, the system may provide the user with cybersecurity training, which may automatically include content that is tailored for the selected brand.
    Type: Grant
    Filed: February 11, 2015
    Date of Patent: July 19, 2016
    Assignee: Wombat Security Technologies, Inc.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Joseph A. Ferrara
  • Patent number: 9373267
    Abstract: A context-aware training system senses a user action that may expose the user to a threat, such as a cybersecurity threat. The system selects a training action from a collection of available training actions and causes the training action to be delivered to the user or a group of users. The system includes an administrator interface that enables an administrator to select, customize and/or assign constraints to the training action that will be delivered to the user(s).
    Type: Grant
    Filed: March 17, 2014
    Date of Patent: June 21, 2016
    Assignee: Wombat Security Technologies, Inc.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong
  • Patent number: 9280911
    Abstract: A context-aware training system senses sensing a user action that may expose the user's computer to a cybersecurity threat. The system selects training action from a collection of available training actions and causes the training action to be selected to the user.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: March 8, 2016
    Assignee: Wombat Security Technologies, Inc.
    Inventors: Norman Sadeh-Koniecpol, Kurt Wescoe, Jason Brubaker, Jason Hong