Patents by Inventor Sai Zeng
Sai Zeng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11972255Abstract: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences.Type: GrantFiled: June 25, 2021Date of Patent: April 30, 2024Assignee: International Business Machines CorporationInventors: Muhammed Fatih Bulut, Abdulhamid Adebowale Adebayo, Sai Zeng, Rinku Kanwar
-
Patent number: 11954524Abstract: A method for scheduling services in a computing environment includes receiving a service scheduling request corresponding to the computing environment and identifying a resource pool and a set of compliance requirements corresponding to the computing environment. The method continues by identifying target resources within the resource pool, wherein target resources are resources which meet the set of compliance requirements, and subsequently identifying a set of available target resources, wherein available target resources are target resources with scheduling availability. The method further includes analyzing the set of available target resources to determine a risk score for each available target resource and selecting one or more of the set of available target resources according to the determined risk scores. The method continues by scheduling a service corresponding to the service scheduling request on the selected one or more available target resources.Type: GrantFiled: May 26, 2021Date of Patent: April 9, 2024Assignee: International Business Machines CorporationInventors: Braulio Gabriel Dumba, Jun Duan, Nerla Jean-Louis, Muhammed Fatih Bulut, Sai Zeng
-
Patent number: 11924239Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.Type: GrantFiled: October 23, 2020Date of Patent: March 5, 2024Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Lilian Mathias Ngweta, Steven Ocepek, Constantin Mircea Adam, Sai Zeng, Muhammed Fatih Bulut, Milton H. Hernandez
-
Patent number: 11748560Abstract: Aspects of the present disclosure relate to converting between structured and tabular data formats. Data can be received in a tabular format. An array can be built for each of a plurality of objects within the data in the tabular format, each object corresponding to at least one identified header of the identified headers. A data row can be parsed using at least one of the built arrays and data within the data row can be added to the structured format in a specific location based characteristics indicated in the at least one array. Data can also be converted from the structured format into the tabular format using the built arrays.Type: GrantFiled: August 14, 2020Date of Patent: September 5, 2023Assignee: Kyndryl, Inc.Inventors: Qi Ming Teng, Christopher Peter Baker, Sai Zeng, Jun Duan
-
Patent number: 11659006Abstract: An assessment component that facilitates assessment and enforcement of policies within a computer environment can comprise a compliance component that determines whether a policy, that defines one or more requirements associated with usage of one or more enterprise components of an enterprise computing system, is in compliance with a plurality of standardized policies that govern operation of the one or more enterprise components of the enterprise computing system. The assessment component can also comprise a policy optimization component that determines one or more changes to the policy that achieve the compliance with the plurality of standardized polices based on a determination that the policy complies with a first standardized policy of the plurality of standardized policies and fails to comply with a second standardized policy of the plurality of standardized policies.Type: GrantFiled: December 23, 2020Date of Patent: May 23, 2023Assignee: Kyndryl, Inc.Inventors: Milton H. Hernandez, Anup Kalia, Brian Peterson, Vugranam C. Sreedhar, Sai Zeng
-
Patent number: 11625272Abstract: A computer-implemented method for managing one or more operations of a workload includes selecting a resource type for workload management on a platform. One or more operations of the selected resource to be managed are identified. A reconciliation time for execution of each of the identified operations is determined. A reconciliation period between two consecutive reconciliations is determined for each of the identified operations. A minimum number of processes for workload management of a given set of the operations on resources is calculated, and the determined minimum number of processes is deployed to manage the workload.Type: GrantFiled: August 15, 2020Date of Patent: April 11, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Braulio Gabriel Dumba, Ubaid Ullah Hafeez, Abdulhamid Adebayo, Jun Duan, Alexei Karve, Sai Zeng
-
Patent number: 11620381Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.Type: GrantFiled: December 28, 2020Date of Patent: April 4, 2023Assignee: Kyndryl, Inc.Inventors: Muhammed Fatih Bulut, Jinho Hwang, Vugranam C. Sreedhar, Sai Zeng
-
Publication number: 20230085001Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.Type: ApplicationFiled: November 18, 2022Publication date: March 16, 2023Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai ZENG, Guan Qun Zhang, Bhavna Agrawal
-
Patent number: 11574215Abstract: A machine learning assessment system is provided. The system identifies multiple datasets and multiple machine learning (ML) modeling algorithms based on the client profile. The system assesses a cost of data collection for each dataset of the multiple datasets. The system assesses a performance metric for each ML modeling algorithm of the multiple modeling algorithms. The system recommends a dataset from the multiple datasets and an ML modeling algorithm from the multiple ML modeling algorithm based on the assessed costs of data collection for the multiple datasets and the assessed performance metrics for the multiple ML modeling algorithms.Type: GrantFiled: April 26, 2020Date of Patent: February 7, 2023Assignee: KYNDRYL, INC.Inventors: Sai Zeng, Braulio Gabriel Dumba, Jun Duan, Matthew Staffelbach, Emrah Zarifoglu, Umar Mohamed Iyoob, Manish Mahesh Modh
-
Publication number: 20220413847Abstract: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences.Type: ApplicationFiled: June 25, 2021Publication date: December 29, 2022Inventors: Muhammed Fatih Bulut, Abdulhamid Adebowale Adebayo, Sai ZENG, RINKU KANWAR
-
Patent number: 11537433Abstract: A system, computer program product, and method to deriving a cost model and dynamic adjustment of the derived model responsive to dynamic modification of one or more of the resources in a hybrid shared resource environment. Resources and corresponding configuration information are collected while monitoring runtime utilization of resource performance. As changes to the resources are discovered, the changes are subject to an assessment. A hybrid cost model is derived and configured to account for the one or more resources. The derived hybrid cost model is leveraged to conduct a multi-dimensional resource evaluation of the assessed changed configuration information. Responsive to the multi-dimensional evaluation, a generated resource utilization optimization of the one or more resources is selectively implemented.Type: GrantFiled: January 29, 2021Date of Patent: December 27, 2022Assignee: Kyndryl, Inc.Inventors: Sai Zeng, Braulio Gabriel Dumba, Matthew Staffelbach, Liang Liu, Emrah Zarifoglu, Umar Mohamed Iyoob, Manish Mahesh Modh
-
Patent number: 11533296Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.Type: GrantFiled: September 1, 2017Date of Patent: December 20, 2022Assignee: KYNDRYL, INC.Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
-
Publication number: 20220383093Abstract: A computer system, program code, and a method are provided to leverage an AI model with respect to a target specification for a target standard. The AI model is configured to identify at least one candidate control associated with a corresponding standard. A map is subject to traversal to identify the candidate control in the map. Source and destination controls of the map are leveraged to identify at least one mapped control associated with the target standard. The AI model is selectively subject to training with the mapped control and the target standard.Type: ApplicationFiled: May 26, 2021Publication date: December 1, 2022Applicant: International Business Machines CorporationInventors: Abdulhamid Adebowale Adebayo, Muhammed Fatih Bulut, Sai Zeng, Milton H. Hernandez
-
Publication number: 20220382583Abstract: A method for scheduling services in a computing environment includes receiving a service scheduling request corresponding to the computing environment and identifying a resource pool and a set of compliance requirements corresponding to the computing environment. The method continues by identifying target resources within the resource pool, wherein target resources are resources which meet the set of compliance requirements, and subsequently identifying a set of available target resources, wherein available target resources are target resources with scheduling availability. The method further includes analyzing the set of available target resources to determine a risk score for each available target resource and selecting one or more of the set of available target resources according to the determined risk scores. The method continues by scheduling a service corresponding to the service scheduling request on the selected one or more available target resources.Type: ApplicationFiled: May 26, 2021Publication date: December 1, 2022Inventors: BRAULIO GABRIEL DUMBA, Jun Duan, Nerla Jean-Louis, Muhammed Fatih Bulut, Sai ZENG
-
Publication number: 20220382876Abstract: A vulnerability management method includes analyzing a system environment to uncover one or more vulnerabilities. The method includes subsequently identifying one or more system weaknesses corresponding to the one or more uncovered vulnerabilities and analyzing a set of historical data to identify similar past vulnerabilities. The method further includes analyzing available information to extract one or more impacts of the identified similar past vulnerabilities and determining one or more impacts to the present system environment that would correspond to the extracted one or more impacts of the identified similar past vulnerabilities. The method additionally includes recommending one or more actions to remediate the uncovered vulnerabilities.Type: ApplicationFiled: May 25, 2021Publication date: December 1, 2022Inventors: Sai ZENG, Jinho HWANG, Virginia Mayo Policarpio, Lisa M. Chambers, Constantin Mircea Adam, Muhammed Fatih Bulut
-
Patent number: 11502995Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.Type: GrantFiled: December 14, 2017Date of Patent: November 15, 2022Assignee: KYNDRYL, INC.Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
-
Publication number: 20220244994Abstract: A system, computer program product, and method to deriving a cost model and dynamic adjustment of the derived model responsive to dynamic modification of one or more of the resources in a hybrid shared resource environment. Resources and corresponding configuration information are collected while monitoring runtime utilization of resource performance. As changes to the resources are discovered, the changes are subject to an assessment. A hybrid cost model is derived and configured to account for the one or more resources. The derived hybrid cost model is leveraged to conduct a multi-dimensional resource evaluation of the assessed changed configuration information. Responsive to the multi-dimensional evaluation, a generated resource utilization optimization of the one or more resources is selectively implemented.Type: ApplicationFiled: January 29, 2021Publication date: August 4, 2022Applicant: Kyndryl, Inc.Inventors: Sai Zeng, Braulio Gabriel Dumba, Matthew Staffelbach, Liang Liu, Emrah Zarifoglu, Umar Mohamed Iyoob, Manish Mahesh Modh
-
Publication number: 20220131887Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.Type: ApplicationFiled: October 23, 2020Publication date: April 28, 2022Inventors: Lilian Mathias Ngweta, Steven Ocepek, Constantin Mircea Adam, Sai Zeng, Muhammed Fatih Bulut, Milton H. Hernandez
-
Publication number: 20220129560Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided. In various embodiments, a system can comprise a baseline component that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control. In various aspects, the system can further comprise an adjustment component that can adjust the baseline health-check risk score based on a weakness factor of the stipulated control. In some cases, the weakness factor can be based on a magnitude by which a state of the computing asset deviates from the stipulated control. In various embodiments, the adjustment component can further adjust the baseline health-check risk score based on an environmental factor of the computing asset. In various cases, the environmental factor can be based on security mechanisms or security protocols associated with the computing asset.Type: ApplicationFiled: October 23, 2020Publication date: April 28, 2022Inventors: Muhammed Fatih Bulut, Milton H. Hernandez, Robert Filepp, Sai Zeng, Steven Ocepek, Srinivas Babu Tummalapenta, Daniel S. Riley
-
Publication number: 20220122038Abstract: An artificial intelligence (AI) platform to support workflow version process control. One or more workflows corresponding to one or more workflow engines are monitored. A neural network is employed to capture a relationship associated with a detected change in the monitored workflows. The neural network is leveraged to identify and assess an impact of the detected change to one or more additional workflows. Responsive to the assessment, the impacted workflow engines are optimized. The optimization includes automatically mapping and encoding changes corresponding to the impacted workflow. The one or more workflows containing the encoded changes are then executed.Type: ApplicationFiled: October 20, 2020Publication date: April 21, 2022Applicant: Kyndryl, Inc.Inventors: Jun Duan, Qi Ming Teng, Sai Zeng, Christopher Peter Baker, Alexei Karve