Patents by Inventor Roy Rapoport
Roy Rapoport has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11683234Abstract: One embodiment of the invention disclosed herein provides techniques for detecting and remediating an outlier server in a distributed computer system. A control server retrieves a group of time-series data sets associated with a first time period, where each time-series data set represents a performance metric for a different server in a group of servers. The control server generates a cluster that includes two or more of the time-series data sets, where the performance metric for each server that is associated with one of the time-series data sets in the cluster is within a threshold distance from the performance metric for the servers that are associated with the other time-series data sets in the cluster. The control server determines that a particular time-series data set corresponds to a server included in the group of servers and is not included in the cluster, and marks the server as an outlier server.Type: GrantFiled: February 11, 2016Date of Patent: June 20, 2023Assignee: NETFLIX, INC.Inventors: Roy Rapoport, Christopher Sanden, Cody Rioux, Gregory Burrell
-
Patent number: 11212208Abstract: Techniques for adaptive metric collection, metric storage, and alert thresholds are described. In an approach, a metric collector computer processes metrics as a collection of key/value pairs. The key/value pairs represent the dimensionality of the metrics and allows for semantic queries on the metrics based on keys. In an approach, a storage controller computer maintains a storage system with multiple storage tiers ranked by speed of access. The storage computer stores policy data that specifies the rules by which metric records are stored across the multiple storage tiers. Periodically, the storage computer moves database records to higher or lower tiers based on the policy data. In an approach, a metric collector in response to receiving a new metric, generates a predicted metric value based on previously recorded metric values and measures the deviation from the new metric value to determine whether an alert is appropriate.Type: GrantFiled: December 2, 2019Date of Patent: December 28, 2021Assignee: NETFLIX, INC.Inventors: Roy Rapoport, Brent Pitman, Brian Harrington, Daniel Muino
-
Patent number: 10691814Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: GrantFiled: April 23, 2018Date of Patent: June 23, 2020Assignee: NETFLIX, INC.Inventors: Ariel Tseitlin, Roy Rapoport, Jason Chan
-
Publication number: 20200106690Abstract: Techniques for adaptive metric collection, metric storage, and alert thresholds are described. In an approach, a metric collector computer processes metrics as a collection of key/value pairs. The key/value pairs represent the dimensionality of the metrics and allows for semantic queries on the metrics based on keys. In an approach, a storage controller computer maintains a storage system with multiple storage tiers ranked by speed of access. The storage computer stores policy data that specifies the rules by which metric records are stored across the multiple storage tiers. Periodically, the storage computer moves database records to higher or lower tiers based on the policy data. In an approach, a metric collector in response to receiving a new metric, generates a predicted metric value based on previously recorded metric values and measures the deviation from the new metric value to determine whether an alert is appropriate.Type: ApplicationFiled: December 2, 2019Publication date: April 2, 2020Inventors: Roy Rapoport, Brent Pitman, Brian Harrington, Daniel Muino
-
Patent number: 10498628Abstract: Techniques for adaptive metric collection, metric storage, and alert thresholds are described. In an approach, a metric collector computer processes metrics as a collection of key/value pairs. The key/value pairs represent the dimensionality of the metrics and allows for semantic queries on the metrics based on keys. In an approach, a storage controller computer maintains a storage system with multiple storage tiers ranked by speed of access. The storage computer stores policy data that specifies the rules by which metric records are stored across the multiple storage tiers. Periodically, the storage computer moves database records to higher or lower tiers based on the policy data. In an approach, a metric collector in response to receiving a new metric, generates a predicted metric value based on previously recorded metric values and measures the deviation from the new metric value to determine whether an alert is appropriate.Type: GrantFiled: February 6, 2017Date of Patent: December 3, 2019Assignee: NETFLIX, INC.Inventors: Roy Rapoport, Brent Pitman, Brian Harrington, Daniel Muino
-
Patent number: 10318399Abstract: Techniques for evaluating a second version of software. Embodiments selectively route incoming requests to software instances within a plurality of baseline instances and a plurality of canary instances, where the baseline instances run a first software version and the canary instances run the second software version. The software instances are monitored to collect performance data for a plurality of performance metrics. Embodiments calculate aggregate baseline performance metrics, where each of the aggregate baseline performance metrics is calculated based on the collected performance data for the plurality of baseline instances. For each of the performance metrics and canary instances, embodiments calculate a relative performance value that measures the collected performance data for the respective canary instance and for the respective performance metric, relative to the corresponding aggregate baseline performance metric.Type: GrantFiled: March 12, 2013Date of Patent: June 11, 2019Assignee: NETFLIX, INC.Inventors: Philip Simon Tuffs, Roy Rapoport, Ariel Tseitlin
-
Publication number: 20180307849Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: ApplicationFiled: April 23, 2018Publication date: October 25, 2018Inventors: Ariel TSEITLIN, Roy RAPOPORT, Jason CHAN
-
Patent number: 9953173Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: GrantFiled: May 4, 2015Date of Patent: April 24, 2018Assignee: NETFLIX, INC.Inventors: Ariel Tseitlin, Roy Rapoport, Jason Chan
-
Publication number: 20170149644Abstract: Techniques for adaptive metric collection, metric storage, and alert thresholds are described. In an approach, a metric collector computer processes metrics as a collection of key/value pairs. The key/value pairs represent the dimensionality of the metrics and allows for semantic queries on the metrics based on keys. In an approach, a storage controller computer maintains a storage system with multiple storage tiers ranked by speed of access. The storage computer stores policy data that specifies the rules by which metric records are stored across the multiple storage tiers. Periodically, the storage computer moves database records to higher or lower tiers based on the policy data. In an approach, a metric collector in response to receiving a new metric, generates a predicted metric value based on previously recorded metric values and measures the deviation from the new metric value to determine whether an alert is appropriate.Type: ApplicationFiled: February 6, 2017Publication date: May 25, 2017Inventors: Roy Rapoport, Brent Pitman, Brian Harrington, Daniel Muino
-
Patent number: 9582395Abstract: Techniques are described for identifying a root cause of a pattern of performance data in a system including a plurality of services. Embodiments provide dependency information for each of the plurality of services, where at least one of the plurality of services is dependent upon a first one of the plurality of services. Each of the plurality of services is monitored to collect performance data for the respective service. Embodiments further analyze the performance data to identify a cluster of services that each follow a pattern of performance data. The first one of the services in the cluster of services is determined to be a root cause of the pattern of performance data, based on the determined dependency information for each of the plurality of services.Type: GrantFiled: March 14, 2013Date of Patent: February 28, 2017Assignee: NETFLIX, INC.Inventors: Philip Simon Tuffs, Roy Rapoport, Ariel Tseitlin
-
Patent number: 9584395Abstract: Techniques for adaptive metric collection, metric storage, and alert thresholds are described. In an approach, a metric collector computer processes metrics as a collection of key/value pairs. The key/value pairs represent the dimensionality of the metrics and allows for semantic queries on the metrics based on keys. In an approach, a storage controller computer maintains a storage system with multiple storage tiers ranked by speed of access. The storage computer stores policy data that specifies the rules by which metric records are stored across the multiple storage tiers. Periodically, the storage computer moves database records to higher or lower tiers based on the policy data. In an approach, a metric collector in response to receiving a new metric, generates a predicted metric value based on previously recorded metric values and measures the deviation from the new metric value to determine whether an alert is appropriate.Type: GrantFiled: November 13, 2013Date of Patent: February 28, 2017Assignee: Netflix, Inc.Inventors: Roy Rapoport, Brent Pitman, Brian Harrington, Daniel Muino
-
Publication number: 20170019308Abstract: One embodiment of the invention disclosed herein provides techniques for detecting and remediating an outlier server in a distributed computer system. A control server retrieves a group of time-series data sets associated with a first time period, where each time-series data set represents a performance metric for a different server in a group of servers. The control server generates a cluster that includes two or more of the time-series data sets, where the performance metric for each server that is associated with one of the time-series data sets in the cluster is within a threshold distance from the performance metric for the servers that are associated with the other time-series data sets in the cluster. The control server determines that a particular time-series data set corresponds to a server included in the group of servers and is not included in the cluster, and marks the server as an outlier server.Type: ApplicationFiled: February 11, 2016Publication date: January 19, 2017Inventors: Roy RAPOPORT, Christopher SANDEN, Cody RIOUX, Gregory BURRELL
-
Publication number: 20150235035Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: ApplicationFiled: May 4, 2015Publication date: August 20, 2015Inventors: Ariel TSEITLIN, Roy RAPOPORT, Jason CHAN
-
Patent number: 9027141Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: GrantFiled: April 12, 2012Date of Patent: May 5, 2015Assignee: Netflix, Inc.Inventors: Ariel Tseitlin, Roy Rapoport, Jason Chan
-
Publication number: 20140282422Abstract: Techniques for evaluating a second version of software. Embodiments selectively route incoming requests to software instances within a plurality of baseline instances and a plurality of canary instances, where the baseline instances run a first software version and the canary instances run the second software version. The software instances are monitored to collect performance data for a plurality of performance metrics. Embodiments calculate aggregate baseline performance metrics, where each of the aggregate baseline performance metrics is calculated based on the collected performance data for the plurality of baseline instances. For each of the performance metrics and canary instances, embodiments calculate a relative performance value that measures the collected performance data for the respective canary instance and for the respective performance metric, relative to the corresponding aggregate baseline performance metric.Type: ApplicationFiled: March 12, 2013Publication date: September 18, 2014Applicant: NETFLIX, INC.Inventors: Philip Simon Tuffs, Roy Rapoport, Ariel Tseitlin
-
Publication number: 20140281739Abstract: Techniques are described for identifying a root cause of a pattern of performance data in a system including a plurality of services. Embodiments provide dependency information for each of the plurality of services, where at least one of the plurality of services is dependent upon a first one of the plurality of services. Each of the plurality of services is monitored to collect performance data for the respective service. Embodiments further analyze the performance data to identify a cluster of services that each follow a pattern of performance data. The first one of the services in the cluster of services is determined to be a root cause of the pattern of performance data, based on the determined dependency information for each of the plurality of services.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: NETFLIX, INC.Inventors: Philip Simon Tuffs, Roy Rapoport, Ariel Tseitlin
-
Publication number: 20130276089Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: ApplicationFiled: April 12, 2012Publication date: October 17, 2013Inventors: Ariel Tseitlin, Roy Rapoport, Jason Chan