Patents by Inventor Sai Zeng

Sai Zeng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12014174
    Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
    Type: Grant
    Filed: November 18, 2022
    Date of Patent: June 18, 2024
    Assignee: Kyndral, Inc.
    Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
  • Patent number: 11972255
    Abstract: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences.
    Type: Grant
    Filed: June 25, 2021
    Date of Patent: April 30, 2024
    Assignee: International Business Machines Corporation
    Inventors: Muhammed Fatih Bulut, Abdulhamid Adebowale Adebayo, Sai Zeng, Rinku Kanwar
  • Patent number: 11954524
    Abstract: A method for scheduling services in a computing environment includes receiving a service scheduling request corresponding to the computing environment and identifying a resource pool and a set of compliance requirements corresponding to the computing environment. The method continues by identifying target resources within the resource pool, wherein target resources are resources which meet the set of compliance requirements, and subsequently identifying a set of available target resources, wherein available target resources are target resources with scheduling availability. The method further includes analyzing the set of available target resources to determine a risk score for each available target resource and selecting one or more of the set of available target resources according to the determined risk scores. The method continues by scheduling a service corresponding to the service scheduling request on the selected one or more available target resources.
    Type: Grant
    Filed: May 26, 2021
    Date of Patent: April 9, 2024
    Assignee: International Business Machines Corporation
    Inventors: Braulio Gabriel Dumba, Jun Duan, Nerla Jean-Louis, Muhammed Fatih Bulut, Sai Zeng
  • Patent number: 11924239
    Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.
    Type: Grant
    Filed: October 23, 2020
    Date of Patent: March 5, 2024
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Lilian Mathias Ngweta, Steven Ocepek, Constantin Mircea Adam, Sai Zeng, Muhammed Fatih Bulut, Milton H. Hernandez
  • Patent number: 11748560
    Abstract: Aspects of the present disclosure relate to converting between structured and tabular data formats. Data can be received in a tabular format. An array can be built for each of a plurality of objects within the data in the tabular format, each object corresponding to at least one identified header of the identified headers. A data row can be parsed using at least one of the built arrays and data within the data row can be added to the structured format in a specific location based characteristics indicated in the at least one array. Data can also be converted from the structured format into the tabular format using the built arrays.
    Type: Grant
    Filed: August 14, 2020
    Date of Patent: September 5, 2023
    Assignee: Kyndryl, Inc.
    Inventors: Qi Ming Teng, Christopher Peter Baker, Sai Zeng, Jun Duan
  • Patent number: 11659006
    Abstract: An assessment component that facilitates assessment and enforcement of policies within a computer environment can comprise a compliance component that determines whether a policy, that defines one or more requirements associated with usage of one or more enterprise components of an enterprise computing system, is in compliance with a plurality of standardized policies that govern operation of the one or more enterprise components of the enterprise computing system. The assessment component can also comprise a policy optimization component that determines one or more changes to the policy that achieve the compliance with the plurality of standardized polices based on a determination that the policy complies with a first standardized policy of the plurality of standardized policies and fails to comply with a second standardized policy of the plurality of standardized policies.
    Type: Grant
    Filed: December 23, 2020
    Date of Patent: May 23, 2023
    Assignee: Kyndryl, Inc.
    Inventors: Milton H. Hernandez, Anup Kalia, Brian Peterson, Vugranam C. Sreedhar, Sai Zeng
  • Patent number: 11625272
    Abstract: A computer-implemented method for managing one or more operations of a workload includes selecting a resource type for workload management on a platform. One or more operations of the selected resource to be managed are identified. A reconciliation time for execution of each of the identified operations is determined. A reconciliation period between two consecutive reconciliations is determined for each of the identified operations. A minimum number of processes for workload management of a given set of the operations on resources is calculated, and the determined minimum number of processes is deployed to manage the workload.
    Type: Grant
    Filed: August 15, 2020
    Date of Patent: April 11, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Braulio Gabriel Dumba, Ubaid Ullah Hafeez, Abdulhamid Adebayo, Jun Duan, Alexei Karve, Sai Zeng
  • Patent number: 11620381
    Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.
    Type: Grant
    Filed: December 28, 2020
    Date of Patent: April 4, 2023
    Assignee: Kyndryl, Inc.
    Inventors: Muhammed Fatih Bulut, Jinho Hwang, Vugranam C. Sreedhar, Sai Zeng
  • Publication number: 20230085001
    Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
    Type: Application
    Filed: November 18, 2022
    Publication date: March 16, 2023
    Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai ZENG, Guan Qun Zhang, Bhavna Agrawal
  • Patent number: 11574215
    Abstract: A machine learning assessment system is provided. The system identifies multiple datasets and multiple machine learning (ML) modeling algorithms based on the client profile. The system assesses a cost of data collection for each dataset of the multiple datasets. The system assesses a performance metric for each ML modeling algorithm of the multiple modeling algorithms. The system recommends a dataset from the multiple datasets and an ML modeling algorithm from the multiple ML modeling algorithm based on the assessed costs of data collection for the multiple datasets and the assessed performance metrics for the multiple ML modeling algorithms.
    Type: Grant
    Filed: April 26, 2020
    Date of Patent: February 7, 2023
    Assignee: KYNDRYL, INC.
    Inventors: Sai Zeng, Braulio Gabriel Dumba, Jun Duan, Matthew Staffelbach, Emrah Zarifoglu, Umar Mohamed Iyoob, Manish Mahesh Modh
  • Publication number: 20220413847
    Abstract: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences.
    Type: Application
    Filed: June 25, 2021
    Publication date: December 29, 2022
    Inventors: Muhammed Fatih Bulut, Abdulhamid Adebowale Adebayo, Sai ZENG, RINKU KANWAR
  • Patent number: 11537433
    Abstract: A system, computer program product, and method to deriving a cost model and dynamic adjustment of the derived model responsive to dynamic modification of one or more of the resources in a hybrid shared resource environment. Resources and corresponding configuration information are collected while monitoring runtime utilization of resource performance. As changes to the resources are discovered, the changes are subject to an assessment. A hybrid cost model is derived and configured to account for the one or more resources. The derived hybrid cost model is leveraged to conduct a multi-dimensional resource evaluation of the assessed changed configuration information. Responsive to the multi-dimensional evaluation, a generated resource utilization optimization of the one or more resources is selectively implemented.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: December 27, 2022
    Assignee: Kyndryl, Inc.
    Inventors: Sai Zeng, Braulio Gabriel Dumba, Matthew Staffelbach, Liang Liu, Emrah Zarifoglu, Umar Mohamed Iyoob, Manish Mahesh Modh
  • Patent number: 11533296
    Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
    Type: Grant
    Filed: September 1, 2017
    Date of Patent: December 20, 2022
    Assignee: KYNDRYL, INC.
    Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
  • Publication number: 20220383093
    Abstract: A computer system, program code, and a method are provided to leverage an AI model with respect to a target specification for a target standard. The AI model is configured to identify at least one candidate control associated with a corresponding standard. A map is subject to traversal to identify the candidate control in the map. Source and destination controls of the map are leveraged to identify at least one mapped control associated with the target standard. The AI model is selectively subject to training with the mapped control and the target standard.
    Type: Application
    Filed: May 26, 2021
    Publication date: December 1, 2022
    Applicant: International Business Machines Corporation
    Inventors: Abdulhamid Adebowale Adebayo, Muhammed Fatih Bulut, Sai Zeng, Milton H. Hernandez
  • Publication number: 20220382583
    Abstract: A method for scheduling services in a computing environment includes receiving a service scheduling request corresponding to the computing environment and identifying a resource pool and a set of compliance requirements corresponding to the computing environment. The method continues by identifying target resources within the resource pool, wherein target resources are resources which meet the set of compliance requirements, and subsequently identifying a set of available target resources, wherein available target resources are target resources with scheduling availability. The method further includes analyzing the set of available target resources to determine a risk score for each available target resource and selecting one or more of the set of available target resources according to the determined risk scores. The method continues by scheduling a service corresponding to the service scheduling request on the selected one or more available target resources.
    Type: Application
    Filed: May 26, 2021
    Publication date: December 1, 2022
    Inventors: BRAULIO GABRIEL DUMBA, Jun Duan, Nerla Jean-Louis, Muhammed Fatih Bulut, Sai ZENG
  • Publication number: 20220382876
    Abstract: A vulnerability management method includes analyzing a system environment to uncover one or more vulnerabilities. The method includes subsequently identifying one or more system weaknesses corresponding to the one or more uncovered vulnerabilities and analyzing a set of historical data to identify similar past vulnerabilities. The method further includes analyzing available information to extract one or more impacts of the identified similar past vulnerabilities and determining one or more impacts to the present system environment that would correspond to the extracted one or more impacts of the identified similar past vulnerabilities. The method additionally includes recommending one or more actions to remediate the uncovered vulnerabilities.
    Type: Application
    Filed: May 25, 2021
    Publication date: December 1, 2022
    Inventors: Sai ZENG, Jinho HWANG, Virginia Mayo Policarpio, Lisa M. Chambers, Constantin Mircea Adam, Muhammed Fatih Bulut
  • Patent number: 11502995
    Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
    Type: Grant
    Filed: December 14, 2017
    Date of Patent: November 15, 2022
    Assignee: KYNDRYL, INC.
    Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
  • Publication number: 20220244994
    Abstract: A system, computer program product, and method to deriving a cost model and dynamic adjustment of the derived model responsive to dynamic modification of one or more of the resources in a hybrid shared resource environment. Resources and corresponding configuration information are collected while monitoring runtime utilization of resource performance. As changes to the resources are discovered, the changes are subject to an assessment. A hybrid cost model is derived and configured to account for the one or more resources. The derived hybrid cost model is leveraged to conduct a multi-dimensional resource evaluation of the assessed changed configuration information. Responsive to the multi-dimensional evaluation, a generated resource utilization optimization of the one or more resources is selectively implemented.
    Type: Application
    Filed: January 29, 2021
    Publication date: August 4, 2022
    Applicant: Kyndryl, Inc.
    Inventors: Sai Zeng, Braulio Gabriel Dumba, Matthew Staffelbach, Liang Liu, Emrah Zarifoglu, Umar Mohamed Iyoob, Manish Mahesh Modh
  • Publication number: 20220131887
    Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.
    Type: Application
    Filed: October 23, 2020
    Publication date: April 28, 2022
    Inventors: Lilian Mathias Ngweta, Steven Ocepek, Constantin Mircea Adam, Sai Zeng, Muhammed Fatih Bulut, Milton H. Hernandez
  • Publication number: 20220129560
    Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided. In various embodiments, a system can comprise a baseline component that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control. In various aspects, the system can further comprise an adjustment component that can adjust the baseline health-check risk score based on a weakness factor of the stipulated control. In some cases, the weakness factor can be based on a magnitude by which a state of the computing asset deviates from the stipulated control. In various embodiments, the adjustment component can further adjust the baseline health-check risk score based on an environmental factor of the computing asset. In various cases, the environmental factor can be based on security mechanisms or security protocols associated with the computing asset.
    Type: Application
    Filed: October 23, 2020
    Publication date: April 28, 2022
    Inventors: Muhammed Fatih Bulut, Milton H. Hernandez, Robert Filepp, Sai Zeng, Steven Ocepek, Srinivas Babu Tummalapenta, Daniel S. Riley