Patents by Inventor Stephen C. Carlucci
Stephen C. Carlucci has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10460104Abstract: A security system and method secures and responds to security threats in a computer having a CPU, a Kernel/OS, and software applications. A data collector intercepts a selection of first tier calls between the CPU and Kernel/OS and/or second tier calls between the Kernel/Operating System and the applications, and stores information pertaining thereof. An Analytic Engine maps the stored first and second tier call information to a rulebase containing patterns of security threats, to generate a threat analysis, and then responds to the threat analysis. The Analytic Engine enlarges or contracts the selection of first and second tier calls to increase or decrease specificity of the threat analysis. A Management Module generates user interfaces accessible remotely by a user device, to update the rulebase and configure the collector, the Kernel module, and the Analytic Engine.Type: GrantFiled: September 14, 2018Date of Patent: October 29, 2019Assignee: Alert Logic, Inc.Inventors: Ryan J. Berg, John J. Danahy, Kirk R. Swidowski, Stephen C. Carlucci, Christopher Baron
-
Patent number: 10198280Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured.Type: GrantFiled: March 14, 2016Date of Patent: February 5, 2019Assignee: Barkly Protects, Inc.Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Publication number: 20190026462Abstract: A security system and method secures and responds to security threats in a computer having a CPU, a Kernel/OS, and software applications. A data collector intercepts a selection of first tier calls between the CPU and Kernel/OS and/or second tier calls between the Kernel/Operating System and the applications, and stores information pertaining thereof. An Analytic Engine maps the stored first and second tier call information to a rulebase containing patterns of security threats, to generate a threat analysis, and then responds to the threat analysis. The Analytic Engine enlarges or contracts the selection of first and second tier calls to increase or decrease specificity of the threat analysis. A Management Module generates user interfaces accessible remotely by a user device, to update the rulebase and configure the collector, the Kernel module, and the Analytic Engine.Type: ApplicationFiled: September 14, 2018Publication date: January 24, 2019Applicant: Barkly Protects, Inc.Inventors: Ryan J. Berg, John J. Danahy, Kirk R. Swidowski, Stephen C. Carlucci, Christopher Baron
-
Patent number: 10078752Abstract: A security system and method secures and responds to security threats in a computer having a CPU, a Kernel/OS, and software applications. A low-level data collector intercepts a selection of first tier calls between the CPU and Kernel/OS, and stores associated first tier call IDs. A Kernel module intercepts a selection of second tier calls between applications and the Kernel/OS, and stores associated second tier call IDs. An Analytic Engine maps the stored first and second tier call IDs to a rulebase containing patterns of security threats, to generate a threat analysis, and then responds to the threat analysis. The Analytic Engine enlarges or contracts the selection of first and second tier calls to increase or decrease specificity of the threat analysis. A Management Module generates user interfaces accessible remotely by a user device, to update the rulebase and configure the low-level collector, the Kernel module, and the Analytic Engine.Type: GrantFiled: December 23, 2017Date of Patent: September 18, 2018Assignee: BARKLY PROTECTS, INC.Inventors: Ryan J. Berg, John J. Danahy, Kirk R. Swidowski, Stephen C. Carlucci, Christopher Baron
-
Publication number: 20180189484Abstract: A security system and method secures and responds to security threats in a computer having a CPU, a Kernel/OS, and software applications. A low-level data collector intercepts a selection of first tier calls between the CPU and Kernel/OS, and stores associated first tier call IDs. A Kernel module intercepts a selection of second tier calls between applications and the Kernel/OS, and stores associated second tier call IDs. An Analytic Engine maps the stored first and second tier call IDs to a rulebase containing patterns of security threats, to generate a threat analysis, and then responds to the threat analysis. The Analytic Engine enlarges or contracts the selection of first and second tier calls to increase or decrease specificity of the threat analysis. A Management Module generates user interfaces accessible remotely by a user device, to update the rulebase and configure the low-level collector, the Kernel module, and the Analytic Engine.Type: ApplicationFiled: December 23, 2017Publication date: July 5, 2018Applicant: Barkly Protects, Inc.Inventors: John J. Danahy, Ryan J. Berg, Kirk R. Swidowski, Stephen C. Carlucci, Christopher Baron
-
Patent number: 9977895Abstract: A security system and method secures and responds to security threats in a computer having a CPU, a Kernel/OS, and software applications. A low-level data collector intercepts a selection of first tier calls between the CPU and Kernel/OS, and stores associated first tier call IDs. A Kernel module intercepts a selection of second tier calls between applications and the Kernel/OS, and stores associated second tier call IDs. An Analytic Engine maps the stored first and second tier call IDs to a rulebase containing patterns of security threats, to generate a threat analysis, and then responds to the threat analysis. The Analytic Engine enlarges or contracts the selection of first and second tier calls to increase or decrease specificity of the threat analysis. A Management Module generates user interfaces accessible remotely by a user device, to update the rulebase and configure the low-level collector, the Kernel module, and the Analytic Engine.Type: GrantFiled: March 27, 2015Date of Patent: May 22, 2018Assignee: Barkly Protects, Inc.Inventors: John J. Danahy, Ryan J. Berg, Kirk R. Swidowski, Stephen C. Carlucci
-
Patent number: 9733976Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured. Sysret monitoring means intercepts calls to a sysret instruction, executes sysret monitoring operations, and subsequently returns execution to an application running on the computer.Type: GrantFiled: October 3, 2016Date of Patent: August 15, 2017Assignee: Barkly Protects, Inc.Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Publication number: 20170168865Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured.Type: ApplicationFiled: March 14, 2016Publication date: June 15, 2017Applicant: Barkly Protects, Inc.Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Publication number: 20170109189Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured. Sysret monitoring means intercepts calls to a sysret instruction, executes sysret monitoring operations, and subsequently returns execution to an application running on the computer.Type: ApplicationFiled: October 3, 2016Publication date: April 20, 2017Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Patent number: 9589132Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured.Type: GrantFiled: April 11, 2016Date of Patent: March 7, 2017Assignee: Barkly Protects, Inc.Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Publication number: 20160224786Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured.Type: ApplicationFiled: April 11, 2016Publication date: August 4, 2016Applicant: Barkly Protects, Inc.Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Publication number: 20150281267Abstract: A security system and method secures and responds to security threats in a computer having a CPU, a Kernel/OS, and software applications. A low-level data collector intercepts a selection of first tier calls between the CPU and Kernel/OS, and stores associated first tier call IDs. A Kernel module intercepts a selection of second tier calls between applications and the Kernel/OS, and stores associated second tier call IDs. An Analytic Engine maps the stored first and second tier call IDs to a rulebase containing patterns of security threats, to generate a threat analysis, and then responds to the threat analysis. The Analytic Engine enlarges or contracts the selection of first and second tier calls to increase or decrease specificity of the threat analysis. A Management Module generates user interfaces accessible remotely by a user device, to update the rulebase and configure the low-level collector, the Kernel module, and the Analytic Engine.Type: ApplicationFiled: March 27, 2015Publication date: October 1, 2015Applicant: CYLENT SYSTEMS, INC.Inventors: John J. Danahy, Ryan J. Berg, Kirk R. Swidowski, Stephen C. Carlucci