Patents by Inventor Paul-Andrew Joseph Miseiko
Paul-Andrew Joseph Miseiko has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11863577Abstract: Disclosed herein are methods, systems, and processes for generating, configuring, and implementing a data collection and analytics (DCA) pipeline to optimize the identification of anomalous or vulnerable computing assets and/or anomalous or vulnerable computing asset behavior in cybersecurity computing environments. Raw data from an agent executing on a computing asset is received. A baseline profile or a gold image associated with the computing asset is also received. A difference or delta between the raw data and the baseline profile or the gold image is identified, and an output providing context relating to the difference is generated. The difference relates to a keyed property that is common between the raw data and the base profile or the gold image, and the difference is further filtered to reduce noise in the output.Type: GrantFiled: February 24, 2020Date of Patent: January 2, 2024Assignee: Rapid7, Inc.Inventor: Paul-Andrew Joseph Miseiko
-
Patent number: 11809336Abstract: Systems and methods are disclosed to implement an endpoint command invocation system (“ECIS”). In some embodiments, ECIS can quickly dispatch a command to a large number of endpoint components, where the endpoint components are online. ECIS can receive an invocation of a command, which can include the command recipients. In some embodiments, ECIS determines that some of the command recipients are online, while some of the command recipients are offline. ECIS determines connections to the online command recipients based on a connection map, which is updated whenever an endpoint component opens a connection to ask for a command. ECIS can deliver the command to the online command recipients using the connections. ECIS can also deliver the command to dispatch queues corresponding to the offline command recipients, where the dispatch queues store the command as a pending command that can be delivered to their respective command recipients whenever they come online.Type: GrantFiled: March 8, 2023Date of Patent: November 7, 2023Assignee: Rapid7, Inc.Inventors: Xi Yang, Paul-Andrew Joseph Miseiko, Ryan Tonini, Bingbin Li
-
Publication number: 20230236990Abstract: Systems and methods are disclosed to implement an endpoint command invocation system (“ECIS”). In some embodiments, ECIS can quickly dispatch a command to a large number of endpoint components, where the endpoint components are online. ECIS can receive an invocation of a command, which can include the command recipients. In some embodiments, ECIS determines that some of the command recipients are online, while some of the command recipients are offline. ECIS determines connections to the online command recipients based on a connection map, which is updated whenever an endpoint component opens a connection to ask for a command. ECIS can deliver the command to the online command recipients using the connections. ECIS can also deliver the command to dispatch queues corresponding to the offline command recipients, where the dispatch queues store the command as a pending command that can be delivered to their respective command recipients whenever they come online.Type: ApplicationFiled: March 8, 2023Publication date: July 27, 2023Applicant: Rapid7, Inc.Inventors: Xi Yang, Paul-Andrew Joseph Miseiko, Ryan Tonini, Bingbin Li
-
Publication number: 20230236991Abstract: Systems and methods are disclosed to implement an endpoint command invocation system (“ECIS”). In some embodiments, ECIS can quickly dispatch a command to a large number of endpoint components, where the endpoint components are online. ECIS can receive an invocation of a command, which can include the command recipients. In some embodiments, ECIS determines that some of the command recipients are online, while some of the command recipients are offline. ECIS determines connections to the online command recipients based on a connection map, which is updated whenever an endpoint component opens a connection to ask for a command. ECIS can deliver the command to the online command recipients using the connections. ECIS can also deliver the command to dispatch queues corresponding to the offline command recipients, where the dispatch queues store the command as a pending command that can be delivered to their respective command recipients whenever they come online.Type: ApplicationFiled: March 8, 2023Publication date: July 27, 2023Applicant: Rapid7, Inc.Inventors: Xi Yang, Paul-Andrew Joseph Miseiko, Ryan Tonini, Bingbin Li
-
Publication number: 20230176856Abstract: Systems and methods are disclosed to implement a delta data collection technique for collecting machine characteristics data from client machines. In embodiments, the collected data is used by a machine assessment service to maintain a virtual representation of the client machine for assessments. To initialize the collection process, the client uploads an initial copy of the data in full. Subsequently, the client determines periodic deltas between a current baseline of the data and a last reported baseline, and the deltas are uploaded as patches. The machine assessment service then applies these patches to update the virtual representation of the client machine. In embodiments, to facilitate the generation or uploading of the patches, the client may generate the baselines in a different encoding format as used by the data. For example, baselines in the new encoding format may be more easily compared and manipulated during the patch generation process.Type: ApplicationFiled: January 26, 2023Publication date: June 8, 2023Applicant: Rapid7, Inc.Inventors: Shreyas Khare, Taylor Osmun, Paul-Andrew Joseph Miseiko, Sheung Hei Joseph Yeung
-
Patent number: 11625339Abstract: Systems and methods are disclosed to implement an endpoint command invocation system (“ECIS”). In some embodiments, ECIS can quickly dispatch a command to a large number of endpoint components, where the endpoint components are online. ECIS can receive an invocation of a command, which can include the command recipients. In some embodiments, ECIS determines that some of the command recipients are online, while some of the command recipients are offline. ECIS determines connections to the online command recipients based on a connection map, which is updated whenever an endpoint component opens a connection to ask for a command. ECIS can deliver the command to the online command recipients using the connections. ECIS can also deliver the command to dispatch queues corresponding to the offline command recipients, where the dispatch queues store the command as a pending command that can be delivered to their respective command recipients whenever they come online.Type: GrantFiled: January 21, 2022Date of Patent: April 11, 2023Assignee: Rapid7, Inc.Inventors: Xi Yang, Paul-Andrew Joseph Miseiko, Ryan Tonini, Bingbin Li
-
Patent number: 11593085Abstract: Systems and methods are disclosed to implement a delta data collection technique for collecting machine characteristics data from client machines. In embodiments, the collected data is used by a machine assessment service to maintain a virtual representation of the client machine for assessments. To initialize the collection process, the client uploads an initial copy of the data in full. Subsequently, the client determines periodic deltas between a current baseline of the data and a last reported baseline, and the deltas are uploaded as patches. The machine assessment service then applies these patches to update the virtual representation of the client machine. In embodiments, to facilitate the generation or uploading of the patches, the client may generate the baselines in a different encoding format as used by the data. For example, baselines in the new encoding format may be more easily compared and manipulated during the patch generation process.Type: GrantFiled: February 3, 2020Date of Patent: February 28, 2023Assignee: Rapid7, Inc.Inventors: Shreyas Khare, Taylor Osmun, Paul-Andrew Joseph Miseiko, Sheung Hei Joseph Yeung, Ross Barrett
-
Patent number: 11586431Abstract: Disclosed herein are methods, systems, and processes to perform self-dependent upgrades of Java Runtime Environments (JREs). A request to update a plugin to a new version with a new configuration that includes a location to download a new upgrader-executable is received from a platform computing device at an endpoint computing device. The plugin is uploaded to the new version. The new upgrader-executable that includes an executable with an executable table executed by the plugin is downloaded from the location. The executable is used to halt execution of a JRE application (e.g., a Collector) and download JRE files required for the upgrade. The JRE application (e.g., the Collector) is then re-started with the new configuration, which can be rolled back if the upgrade is unsuccessful.Type: GrantFiled: December 8, 2021Date of Patent: February 21, 2023Assignee: Rapid7 , Inc.Inventors: Sharon Katz, Jeffrey Myers, Paul-Andrew Joseph Miseiko, John Southern, Tyler Stiller
-
Patent number: 11546369Abstract: Systems and methods are disclosed to implement a self-learning machine assessment system that automatically tunes what data is collected from remote machines. In embodiments, agents are deployed on remote machines to collect machine characteristics data according to collection rule sets, and to report the collected data to the machine assessment system. The machine assessment system assesses the remote machines using the collected data, and automatically determines, based on what data was or was not needed during the assessment, whether an agent's collection rule set should be changed. Any determined changes are sent back to the agent, causing the agent to update its scope of collection. The auto-tuning process may continue over multiple iterations until the agent's collection scope is stabilized. In embodiments, the assessment process may be used to analyze the remote machine to determine security vulnerabilities, and recommend possible actions to take to mitigate the vulnerabilities.Type: GrantFiled: March 30, 2022Date of Patent: January 3, 2023Assignee: Rapid7, Inc.Inventors: Paul-Andrew Joseph Miseiko, Ross Barrett
-
Publication number: 20220224713Abstract: Systems and methods are disclosed to implement a self-learning machine assessment system that automatically tunes what data is collected from remote machines. In embodiments, agents are deployed on remote machines to collect machine characteristics data according to collection rule sets, and to report the collected data to the machine assessment system. The machine assessment system assesses the remote machines using the collected data, and automatically determines, based on what data was or was not needed during the assessment, whether an agent's collection rule set should be changed. Any determined changes are sent back to the agent, causing the agent to update its scope of collection. The auto-tuning process may continue over multiple iterations until the agent's collection scope is stabilized. In embodiments, the assessment process may be used to analyze the remote machine to determine security vulnerabilities, and recommend possible actions to take to mitigate the vulnerabilities.Type: ApplicationFiled: March 30, 2022Publication date: July 14, 2022Applicant: Rapid7, Inc.Inventors: Paul-Andrew Joseph Miseiko, Ross Barrett
-
Patent number: 11316885Abstract: Systems and methods are disclosed to implement a self-learning machine assessment system that automatically tunes what data is collected from remote machines. In embodiments, agents are deployed on remote machines to collect machine characteristics data according to collection rule sets, and to report the collected data to the machine assessment system. The machine assessment system assesses the remote machines using the collected data, and automatically determines, based on what data was or was not needed during the assessment, whether an agent's collection rule set should be changed. Any determined changes are sent back to the agent, causing the agent to update its scope of collection. The auto-tuning process may continue over multiple iterations until the agent's collection scope is stabilized. In embodiments, the assessment process may be used to analyze the remote machine to determine security vulnerabilities, and recommend possible actions to take to mitigate the vulnerabilities.Type: GrantFiled: October 30, 2019Date of Patent: April 26, 2022Assignee: Rapid7, Inc.Inventors: Paul-Andrew Joseph Miseiko, Ross Barrett