Patents by Inventor Piyush Pramod Joshi
Piyush Pramod Joshi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20250048099Abstract: There is disclosed computer-implemented system and method of providing a wireless access point (WAP), including dividing the WAP into at least two virtual networks, wherein a first virtual network is for devices that authenticate using a first authentication protocol and a second virtual network is for devices that authenticate using a second authentication protocol, wherein the second authentication protocol is more secure than the first authentication protocol; and onboarding devices to the WAP, and assigning the devices to the at least two virtual networks according to the authentication protocols they use to authenticate to the WAP.Type: ApplicationFiled: March 1, 2024Publication date: February 6, 2025Inventors: Tirumaleswar Reddy Konda, Piyush Pramod Joshi, Devika Mishra, Shashank Jain
-
Patent number: 12088608Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to analyze telemetry data of a network device for malicious activity. An example apparatus includes an interface to obtain first telemetry data, a rules generator to, using the first telemetry data, generate a global block list using a machine learning model, the machine learning model generated based on a device specific block list and a device specific allow list, and a model manager to transmit the global block list to a gateway, the gateway to facilitate on-path classification of second telemetry data.Type: GrantFiled: December 3, 2020Date of Patent: September 10, 2024Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Abhishek Tripathi, Piyush Pramod Joshi
-
Publication number: 20240205221Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: ApplicationFiled: January 22, 2024Publication date: June 20, 2024Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Publication number: 20240205028Abstract: There is disclosed a system and method of providing services on a home gateway, including providing a set of security scans for traffic to and from a plurality of devices on a home network; cryptographically verifying that a secured device from the plurality of devices provides for itself internal security services; and based on the cryptographic verification, skipping at least one security scan of the set of security scans for traffic of the secured device.Type: ApplicationFiled: February 26, 2024Publication date: June 20, 2024Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Publication number: 20240137383Abstract: There is disclosed herein a computer-implemented system and method of providing wellness detect and response (WDR) security services for an enterprise, including computing, for the enterprise, a quantitative user-centric security posture, wherein computing the quantitative user-centric security posture comprises calculating, for a user, a quantitative user risk profile according to a combination of user role, user privileges, user behavior, and digital assets assigned to a user and owned by the enterprise.Type: ApplicationFiled: December 15, 2023Publication date: April 25, 2024Applicant: McAfee, LLCInventors: Dattatraya Kulkarni, Raghavendra Satyanarayana Hebbalalu, Srikanth Nalluri, Urmil Mahendra Parikh, Shashank Jain, Himanshu Srivastava, Piyush Pramod Joshi, Partha Sarathi Barik, Purushothaman Balamurugan, Saravana Kumar Ramalingam, Devanshi Saxena, Martin Pivetta, Sujay Subrahmanya, Shahmeet Singh, Ryan Burrows, Samrat Chitta
-
Publication number: 20240114048Abstract: A computer-implemented method provides security services to an enterprise. The method computes, for a plurality of enterprise users, a plurality of user health scores based on respective protection statuses for a plurality of enterprise assets owned by respective users; computes, for the enterprise, an overall enterprise security status score based on the plurality of user health scores; graphically displays to an enterprise administrator the overall enterprise security status score; and presents to the enterprise administrator a plurality of action recommendations to improve the overall enterprise security status score.Type: ApplicationFiled: December 23, 2022Publication date: April 4, 2024Applicant: McAfee, LLCInventors: Dattatraya Kulkarni, Srikanth Nalluri, Himanshu Srivastava, Shashank Jain, Urmil Mahendra Parikh, Raghavendra Satyanarayana Hebbalalu, Piyush Pramod Joshi, Partha Sarathi Barik, Purushothaman Balamurugan, Saravana Kumar Ramalingam, Devanshi Saxena, Martin Pivetta, Sujay Subrahmanya, Shahmeet Singh, Ryan Burrows
-
Patent number: 11930359Abstract: There is disclosed in an example, a gateway apparatus, including a hardware platform having a processor and a memory; a wireless network interface; and instructions encoded within the memory to instruct the processor to: provide a first virtual access point (VAP) secured by an IEEE 802.1x extensible authentication protocol (EAP) enterprise security method; provide a second VAP secured by a WiFi protected access pre-shared key (WPA-PSK) method; onboard a device, comprising determining whether the device supports the EAP method, and enrolling the device with the EAP method if the device supports the EAP method; and if the device does not support the EAP method, enrolling the device with the WPA-PSK method.Type: GrantFiled: August 17, 2021Date of Patent: March 12, 2024Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Piyush Pramod Joshi, Devika Mishra, Shashank Jain
-
Patent number: 11917080Abstract: There is disclosed in one example a network gateway device, including: a hardware platform including a processor and a memory; a network interface, including network interface hardware; and instructions encoded within the memory to instruct the processor to: receive from an endpoint device, via the network interface, a signed security posture data structure, the signed security posture data structure including information about a security posture of the endpoint device; cryptographically verify the signed security posture data structure; and according to the signed security posture data structure, assign a network security policy to the endpoint device.Type: GrantFiled: March 31, 2021Date of Patent: February 27, 2024Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Patent number: 11881938Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: GrantFiled: August 24, 2022Date of Patent: January 23, 2024Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Patent number: 11824645Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an incoming packet via the network interface; extract from the incoming packet a source port and a source internet protocol (IP) address; correlate the source port and source IP to a device identifier (ID); receive a network policy for the device ID; and apply the network policy to the incoming packet.Type: GrantFiled: July 20, 2020Date of Patent: November 21, 2023Assignee: McAfee, LLCInventors: Harsha Ramamurthy Joshi, Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Patent number: 11736601Abstract: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify, on an electronic device, a phone number of an incoming caller device; request, via an out-of-band control channel, a digital certificate for the phone number from the incoming caller device; receive, via the out-of-band control channel, the digital certificate for the phone number from the incoming caller device; determine whether the digital certificate for the phone number is authentic; and indicate, on the electronic device, based on a determination that the digital certificate for the phone number is authentic or not authentic, whether the phone number is authentic or not authentic.Type: GrantFiled: October 21, 2022Date of Patent: August 22, 2023Assignee: McAfee, LLCInventors: Harsha Ramamurthy Joshi, Shashank Jain, Piyush Pramod Joshi
-
Patent number: 11711399Abstract: There is disclosed in one example a gateway apparatus, including: a hardware platform including a processor and a memory; and instructions stored within the memory to instruct the processor to: provide a domain name system (DNS) server, the DNS server to provide an encrypted DNS service, and to cache resolved domain names; receive an outgoing network packet; determine a destination address of the outgoing network packet; and upon determining that the destination address was not cached, apply a security policy.Type: GrantFiled: January 25, 2021Date of Patent: July 25, 2023Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Publication number: 20230156038Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to optimize telemetry collection and processing of Transport Layer Security (TLS) parameters. An example apparatus includes at least one memory, instructions, and at least one processor to execute the instructions to generate a TLS client sub-profile based on first telemetry data associated with a client device, generate a TLS server sub-profile based on second telemetry data associated with a first server, generate a hash value based on at least one of the TLS client sub-profile or the TLS server sub-profile, compare the hash value to a plurality of hash values corresponding to known TLS profiles, and, in response to identifying the at least one of the TLS client sub-profile or the TLS server sub-profile as a unique TLS profile based on the comparisons, transmit the at least one of the first or second telemetry data to a second server.Type: ApplicationFiled: November 15, 2021Publication date: May 18, 2023Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Publication number: 20230057373Abstract: A disclosed example includes obtaining first data associated with a first device class; build a vocabulary including keys that map to values for an incremental training batch, the incremental training batch based on the first data and exemplars from memory, the exemplars associated with a set of device classes, the exemplars include first means closest to first overall means for ones of the set of the device classes that were stored to the at least one memory during a previous incremental training batch; train a model based on the keys as input features and an updated set of the device classes that includes the first device class; and select a set of samples from the first data and the exemplars, the set of the samples includes second means closest to second overall means for ones of the updated set of the device classes.Type: ApplicationFiled: August 17, 2021Publication date: February 23, 2023Inventors: Mayur Bhole, Tirumaleswar Reddy Konda, Urmil Parikh, Piyush Pramod Joshi
-
Publication number: 20230038446Abstract: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify, on an electronic device, a phone number of an incoming caller device; request, via an out-of-band control channel, a digital certificate for the phone number from the incoming caller device; receive, via the out-of-band control channel, the digital certificate for the phone number from the incoming caller device; determine whether the digital certificate for the phone number is authentic; and indicate, on the electronic device, based on a determination that the digital certificate for the phone number is authentic or not authentic, whether the phone number is authentic or not authentic.Type: ApplicationFiled: October 21, 2022Publication date: February 9, 2023Applicant: McAfee, LLCInventors: Harsha Ramamurthy Joshi, Shashank Jain, Piyush Pramod Joshi
-
Publication number: 20220407855Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: ApplicationFiled: August 24, 2022Publication date: December 22, 2022Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Patent number: 11516331Abstract: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify, on an electronic device, a phone number of an incoming caller device; request, via an out-of-band control channel, a digital certificate for the phone number from the incoming caller device; receive, via the out-of-band control channel, the digital certificate for the phone number from the incoming caller device; determine whether the digital certificate for the phone number is authentic; and indicate, on the electronic device, based on a determination that the digital certificate for the phone number is authentic or not authentic, whether the phone number is authentic or not authentic.Type: GrantFiled: November 3, 2020Date of Patent: November 29, 2022Assignee: McAfee, LLCInventors: Harsha Ramamurthy Joshi, Shashank Jain, Piyush Pramod Joshi
-
Publication number: 20220321362Abstract: There is disclosed in one example a network gateway device, including: a hardware platform including a processor and a memory; a network interface, including network interface hardware; and instructions encoded within the memory to instruct the processor to: receive from an endpoint device, via the network interface, a signed security posture data structure, the signed security posture data structure including information about a security posture of the endpoint device; cryptographically verify the signed security posture data structure; and according to the signed security posture data structure, assign a network security policy to the endpoint device.Type: ApplicationFiled: March 31, 2021Publication date: October 6, 2022Applicant: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Patent number: 11444944Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: GrantFiled: February 11, 2020Date of Patent: September 13, 2022Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Publication number: 20220269817Abstract: Methods, apparatus, systems, and articles of manufacture for orchestrating personal protection across digital assets are disclosed. An example apparatus includes at least one memory, instructions in the apparatus, and processor circuitry to execute the instructions to monitor digital assets associated with a protection threat surface to detect a protection event, determine one or more protection vectors associated with the digital assets in response to detecting the protection event, the one or more protection vectors including one or more values corresponding to an impact of the protection event on an overall protection posture associated with the protection threat surface, and determine protection remediation action for the digital assets based on the one or more protection vectors.Type: ApplicationFiled: August 27, 2021Publication date: August 25, 2022Inventors: Srikanth Nalluri, Dattatraya Kulkarni, Raghavendra Hebbalalu, Sandeep Swastik, Piyush Pramod Joshi, Samrat Chitta, Partha Sarathi Barik