Patents by Inventor Samuel John Oswald
Samuel John Oswald has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230114295Abstract: A method at an analytics module on a computing device, the analytics module being at a tier within a hierarchy of analytics modules and data sources, the method including receiving a first data set from a data source or a lower tier analytics module; analyzing the first data set to create a second data set; providing the second data set to at least one higher tier analytics module, the second data set being derived from the first data set; and providing at least one of an inference and an interdiction to the lower tier analytics moduleType: ApplicationFiled: December 15, 2022Publication date: April 13, 2023Inventors: Biswaroop Mukherjee, Samuel John Oswald
-
Patent number: 11556820Abstract: A method at an analytics module on a computing device, the analytics module being at a tier within a hierarchy of analytics modules and data sources, the method including receiving a first data set from a data source or a lower tier analytics module; analyzing the first data set to create a second data set; providing the second data set to at least one higher tier analytics module, the second data set being derived from the first data set; and providing at least one of an inference and an interdiction to the lower tier analytics module.Type: GrantFiled: January 3, 2020Date of Patent: January 17, 2023Assignee: BlackBerry LimitedInventors: Biswaroop Mukherjee, Samuel John Oswald
-
Patent number: 11528282Abstract: Each of a plurality of endpoint computer systems monitors data relating to a plurality of events occurring within an operating environment of the corresponding endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer systems Thereafter, for each endpoint computer system, artifacts used in connection with the events are stored in a vault maintained on such endpoint computer system. A query is later received by at least a subset of the plurality of endpoint computer systems from a server. Such endpoint computer systems, in response, identify and retrieve artifacts within the corresponding vaults response to the query. Results responsive to the query including or characterizing the identified artifacts is then provided by the endpoint computer systems receiving the query to the server.Type: GrantFiled: September 23, 2020Date of Patent: December 13, 2022Assignee: Cylance Inc.Inventors: Homer Valentine Strong, Ryan Permeh, Samuel John Oswald
-
Patent number: 11494490Abstract: A plurality of events associated with each of a plurality of computing nodes that form part of a network topology are monitored. The network topology includes antivirus tools to detect malicious software prior to it accessing one of the computing nodes. Thereafter, it is determined that, using at least one machine learning model, at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools. Data is then provided that characterizes the determination. Related apparatus, systems, techniques and articles are also described.Type: GrantFiled: May 22, 2020Date of Patent: November 8, 2022Assignee: Cylance Inc.Inventors: Rahul Chander Kashyap, Vadim Dmitriyevich Kotov, Samuel John Oswald, Homer Valentine Strong
-
Patent number: 11204996Abstract: An endpoint computer system can harvest data relating to a plurality of events occurring within an operating environment of the endpoint computer system and can add the harvested data to a local data store maintained on the endpoint computer system. In some examples, the local data store can be an audit log and/or can include one or more tamper resistant features. Systems, methods, and computer program products are described.Type: GrantFiled: May 29, 2019Date of Patent: December 21, 2021Assignee: Cylance Inc.Inventors: Ryan Permeh, Matthew Wolff, Samuel John Oswald, Xuan Zhao, Mark Culley, Steve Polson
-
Patent number: 11204997Abstract: An endpoint computer system can harvest data relating to a plurality of events occurring within an operating environment of the endpoint computer system and can add the harvested data to a local data store maintained on the endpoint computer system. A query response can be generated, for example by identifying and retrieving responsive data from the local data store. The responsive data are related to an artifact on the endpoint computer system and/or to an event of the plurality of events. In some examples, the local data store can be an audit log and/or can include one or more tamper resistant features. Systems, methods, and computer program products are described.Type: GrantFiled: May 30, 2019Date of Patent: December 21, 2021Assignee: Cylance, Inc.Inventors: Ryan Permeh, Matthew Wolff, Samuel John Oswald, Xuan Zhao, Mark Culley, Steven Polson
-
Publication number: 20210209494Abstract: A method at an analytics module on a computing device, the analytics module being at a tier within a hierarchy of analytics modules and data sources, the method including receiving a first data set from a data source or a lower tier analytics module; analyzing the first data set to create a second data set; providing the second data set to at least one higher tier analytics module, the second data set being derived from the first data set; and providing at least one of an inference and an interdiction to the lower tier analytics moduleType: ApplicationFiled: January 3, 2020Publication date: July 8, 2021Inventors: Biswaroop Mukherjee, Samuel John Oswald
-
Patent number: 10944761Abstract: An endpoint computer system monitors data relating to a plurality of events occurring within an operating environment of the endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer system. The endpoint computer system can store artifacts used in connection with the plurality of events in a vault maintained on such endpoint computer system. The endpoint computer system, in response to a trigger, identifies and retrieves metadata characterizing artifacts associated with the trigger from the vault. Such identified and retrieved metadata is then provided by the endpoint computer system to a remote server.Type: GrantFiled: April 24, 2018Date of Patent: March 9, 2021Assignee: Cylance Inc.Inventors: Homer Valentine Strong, Ryan Permeh, Samuel John Oswald
-
Publication number: 20210006568Abstract: Each of a plurality of endpoint computer systems monitors data relating to a plurality of events occurring within an operating environment of the corresponding endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer systems Thereafter, for each endpoint computer system, artifacts used in connection with the events are stored in a vault maintained on such endpoint computer system. A query is later received by at least a subset of the plurality of endpoint computer systems from a server. Such endpoint computer systems, in response, identify and retrieve artifacts within the corresponding vaults response to the query. Results responsive to the query including or characterizing the identified artifacts is then provided by the endpoint computer systems receiving the query to the server.Type: ApplicationFiled: September 23, 2020Publication date: January 7, 2021Inventors: Homer Valentine Strong, Ryan Permeh, Samuel John Oswald
-
Patent number: 10819714Abstract: Each of a plurality of endpoint computer systems monitors data relating to a plurality of events occurring within an operating environment of the corresponding endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer systems Thereafter, for each endpoint computer system, artifacts used in connection with the events are stored in a vault maintained on such endpoint computer system. A query is later received by at least a subset of the plurality of endpoint computer systems from a server. Such endpoint computer systems, in response, identify and retrieve artifacts within the corresponding vaults response to the query. Results responsive to the query including or characterizing the identified artifacts is then provided by the endpoint computer systems receiving the query to the server.Type: GrantFiled: April 24, 2018Date of Patent: October 27, 2020Assignee: Cylance Inc.Inventors: Homer Valentine Strong, Ryan Permeh, Samuel John Oswald
-
Publication number: 20200285741Abstract: A plurality of events associated with each of a plurality of computing nodes that form part of a network topology are monitored. The network topology includes antivirus tools to detect malicious software prior to it accessing one of the computing nodes. Thereafter, it is determined that, using at least one machine learning model, at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools. Data is then provided that characterizes the determination. Related apparatus, systems, techniques and articles are also described.Type: ApplicationFiled: May 22, 2020Publication date: September 10, 2020Inventors: Rahul Chander Kashyap, Vadim Dmitriyevich Kotov, Samuel John Oswald, Homer Valentine Strong
-
Patent number: 10699012Abstract: A plurality of events associated with each of a plurality of computing nodes that form part of a network topology are monitored. The network topology includes antivirus tools to detect malicious software prior to it accessing one of the computing nodes. Thereafter, it is determined that, using at least one machine learning model, at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools. Data is then provided that characterizes the determination. Related apparatus, systems, techniques and articles are also described.Type: GrantFiled: January 4, 2018Date of Patent: June 30, 2020Assignee: Cylance Inc.Inventors: Rahul Chander Kashyap, Vadim Dmitriyevich Kotov, Samuel John Oswald, Homer Valentine Strong
-
Publication number: 20190303570Abstract: An endpoint computer system can harvest data relating to a plurality of events occurring within an operating environment of the endpoint computer system and can add the harvested data to a local data store maintained on the endpoint computer system. A query response can be generated, for example by identifying and retrieving responsive data from the local data store. The responsive data are related to an artifact on the endpoint computer system and/or to an event of the plurality of events. In some examples, the local data store can be an audit log and/or can include one or more tamper resistant features. Systems, methods, and computer program products are described.Type: ApplicationFiled: May 30, 2019Publication date: October 3, 2019Inventors: Ryan Permeh, Matthew Wolff, Samuel John Oswald, Xuan Zhao, Mark Culley, Steven Polson
-
Publication number: 20190294789Abstract: An endpoint computer system can harvest data relating to a plurality of events occurring within an operating environment of the endpoint computer system and can add the harvested data to a local data store maintained on the endpoint computer system. In some examples, the local data store can be an audit log and/or can include one or more tamper resistant features. Systems, methods, and computer program products are described.Type: ApplicationFiled: May 29, 2019Publication date: September 26, 2019Inventors: Ryan Permeh, Matthew Wolff, Samuel John Oswald, Xuan Zhao, Mark Culley, Steve Polson
-
Patent number: 10354067Abstract: An endpoint computer system can harvest data relating to a plurality of events occurring within an operating environment of the endpoint computer system and can add the harvested data to a local data store maintained on the endpoint computer system. In some examples, the local data store can be an audit log and/or can include one or more tamper resistant features. Systems, methods, and computer program products are described.Type: GrantFiled: November 18, 2016Date of Patent: July 16, 2019Assignee: Cylance Inc.Inventors: Ryan Permeh, Matthew Wolff, Samuel John Oswald, Xuan Zhao, Mark Culley, Steve Polson
-
Patent number: 10354066Abstract: An endpoint computer system can harvest data relating to a plurality of events occurring within an operating environment of the endpoint computer system and can add the harvested data to a local data store maintained on the endpoint computer system. A query response can be generated, for example by identifying and retrieving responsive data from the local data store. The responsive data are related to an artifact on the endpoint computer system and/or to an event of the plurality of events. In some examples, the local data store can be an audit log and/or can include one or more tamper resistant features. Systems, methods, and computer program products are described.Type: GrantFiled: November 17, 2016Date of Patent: July 16, 2019Assignee: Cylance Inc.Inventors: Ryan Permeh, Matthew Wolff, Samuel John Oswald, Xuan Zhao, Mark Culley, Steve Polson
-
Publication number: 20180316691Abstract: An endpoint computer system monitors data relating to a plurality of events occurring within an operating environment of the endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer system. The endpoint computer system can store artifacts used in connection with the plurality of events in a vault maintained on such endpoint computer system. The endpoint computer system, in response to a trigger, identifies and retrieves metadata characterizing artifacts associated with the trigger from the vault. Such identified and retrieved metadata is then provided by the endpoint computer system to a remote server.Type: ApplicationFiled: April 24, 2018Publication date: November 1, 2018Inventors: Homer Valentine Strong, Ryan Permeh, Samuel John Oswald
-
Publication number: 20180316708Abstract: Each of a plurality of endpoint computer systems monitors data relating to a plurality of events occurring within an operating environment of the corresponding endpoint computer system. The monitoring can include receiving and/or inferring the data using one or more sensors executing on the endpoint computer systems Thereafter, for each endpoint computer system, artifacts used in connection with the events are stored in a vault maintained on such endpoint computer system. A query is later received by at least a subset of the plurality of endpoint computer systems from a server. Such endpoint computer systems, in response, identify and retrieve artifacts within the corresponding vaults response to the query. Results responsive to the query including or characterizing the identified artifacts is then provided by the endpoint computer systems receiving the query to the server.Type: ApplicationFiled: April 24, 2018Publication date: November 1, 2018Inventors: Homer Valentine Strong, Ryan Permeh, Samuel John Oswald
-
Publication number: 20180196942Abstract: A plurality of events associated with each of a plurality of computing nodes that form part of a network topology are monitored. The network topology includes antivirus tools to detect malicious software prior to it accessing one of the computing nodes. Thereafter, it is determined that, using at least one machine learning model, at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools. Data is then provided that characterizes the determination. Related apparatus, systems, techniques and articles are also described.Type: ApplicationFiled: January 4, 2018Publication date: July 12, 2018Inventors: Rahul Chander Kashyap, Vadim Dmitriyevich Kotov, Samuel John Oswald, Homer Valentine Strong