Patents by Inventor Peter P. Geremia
Peter P. Geremia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11956338Abstract: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.Type: GrantFiled: May 19, 2023Date of Patent: April 9, 2024Assignee: Centripetal Networks, LLCInventors: David K. Ahn, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry
-
Publication number: 20240007437Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.Type: ApplicationFiled: September 15, 2023Publication date: January 4, 2024Inventors: Sean Moore, Peter P. Geremia
-
Publication number: 20230421590Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.Type: ApplicationFiled: September 8, 2023Publication date: December 28, 2023Inventors: David K. Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
-
Patent number: 11824875Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.Type: GrantFiled: December 19, 2022Date of Patent: November 21, 2023Assignee: Centripetal Networks, LLCInventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
-
Patent number: 11799832Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.Type: GrantFiled: February 13, 2023Date of Patent: October 24, 2023Assignee: Centripetal Networks, LLCInventors: Sean Moore, Peter P. Geremia
-
Patent number: 11792220Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.Type: GrantFiled: May 23, 2023Date of Patent: October 17, 2023Assignee: Centripetal Networks, LLCInventors: David K Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
-
Publication number: 20230300162Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.Type: ApplicationFiled: May 23, 2023Publication date: September 21, 2023Inventors: David K. Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
-
Publication number: 20230291817Abstract: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.Type: ApplicationFiled: May 19, 2023Publication date: September 14, 2023Inventors: David K. Ahn, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry
-
Patent number: 11700273Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.Type: GrantFiled: April 16, 2021Date of Patent: July 11, 2023Assignee: Centripetal Networks, LLCInventors: David K. Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
-
Publication number: 20230199007Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.Type: ApplicationFiled: December 19, 2022Publication date: June 22, 2023Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
-
Publication number: 20230198948Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.Type: ApplicationFiled: February 13, 2023Publication date: June 22, 2023Inventors: Sean Moore, Peter P. Geremia
-
Patent number: 11683401Abstract: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.Type: GrantFiled: February 17, 2021Date of Patent: June 20, 2023Assignee: Centripetal Networks, LLCInventors: David K. Ahn, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry
-
Patent number: 11582191Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.Type: GrantFiled: February 10, 2022Date of Patent: February 14, 2023Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Peter P. Geremia
-
Patent number: 11552970Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.Type: GrantFiled: July 15, 2022Date of Patent: January 10, 2023Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
-
Patent number: 11516241Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.Type: GrantFiled: April 5, 2022Date of Patent: November 29, 2022Assignee: Centripetal Networks, Inc.Inventors: David K. Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
-
Publication number: 20220360598Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.Type: ApplicationFiled: July 15, 2022Publication date: November 10, 2022Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
-
Patent number: 11496500Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.Type: GrantFiled: April 5, 2022Date of Patent: November 8, 2022Assignee: Centripetal Networks, Inc.Inventors: David K. Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
-
Patent number: 11477237Abstract: Methods and systems for protecting a secured network are presented. For example, one or more packet security gateways may be associated with a security policy management server. At each packet security gateway, a dynamic security policy may be received from the security policy management server, packets associated with a network protected by the packet security gateway may be received, and at least one of multiple packet transformation functions specified by the dynamic security policy may be performed on the packets.Type: GrantFiled: October 12, 2018Date of Patent: October 18, 2022Assignee: Centripetal Networks, Inc.Inventors: Steven Rogers, Sean Moore, David K. Ahn, Peter P. Geremia
-
Publication number: 20220303245Abstract: Enterprise users' mobile devices typically access the Internet without being protected by the enterprise's network security policy, which exposes the enterprise network to Internet-mediated attack by malicious actors. This is because the conventional approach to protecting the mobile devices and associated enterprise network is to tunnel all of the devices' Internet communications to the enterprise network, which is very inefficient since typically only a very small percentage of Internet communications originating from an enterprise's mobile devices are communicating with Internet hosts that are associated with threats. In the present disclosure, the mobile device efficiently identifies which communications are associated with Internet threats, and tunnels only such identified traffic to the enterprise network, where actions may be taken to protect the enterprise network.Type: ApplicationFiled: June 10, 2022Publication date: September 22, 2022Inventors: Sean Moore, Peter P. Geremia
-
Patent number: 11444963Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.Type: GrantFiled: March 15, 2022Date of Patent: September 13, 2022Assignee: Centripetal Networks, Inc.Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia