Patents by Inventor Volker Guzman
Volker Guzman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11349713Abstract: A computer-implemented method receives a program code and a signature associated with the program code from a database persistency associated with an enterprise threat detection (ETD) system. The received program code is associated with a configuration check, and the configuration check is developed at a development computing system and can collect information associated with a computing system. The received program code and the signature associated with the program code is distributed to a plurality of computing systems that are monitored by the ETD system. At least one configuration check result is received, and the configuration check result is generated by executing the program code on the computing system. The at least one configuration check result then transmitted to the database persistence, and the at least one result is displayed on a database graphical user interface (GUI) associated with the database persistency.Type: GrantFiled: October 8, 2020Date of Patent: May 31, 2022Assignee: SAP SEInventors: Eugen Pritzkau, Hartwig Seifert, Kevin Schwab, Omar-Alexander Al-Hujaj, Volker Guzman, Wei-Guo Peng, Lin Luo, Harish Mehta
-
Patent number: 11093608Abstract: A selection of data types is defined from available log data for an evaluation of events associated with an entity. One or more evaluations associated with the entity are defined and reference data is generated from the selection of data types based on the one or more defined evaluations. The one or more evaluations are grouped into a pattern. A three dimensional (3D) score diversity diagram visualization is initialized for display in a graphical user interface, where a point representing the entity in the visualization is localized in 3D space at a coordinate based on two-dimensional (2D) coordinates in a 2D coordinate system of a centroid of the calculated area of a polygon placed to into the 2D coordinate system and defined by the values of each evaluation associated with the entity.Type: GrantFiled: February 3, 2020Date of Patent: August 17, 2021Assignee: SAP SEInventors: Jona Hassforther, Jens Baumgart, Thorsten Menke, Volker Guzman, Florian Kraemer, Anne Jacobi, Thanh-Phong Lam, Omar-Alexander Al-Hujaj, Kathrin Nos
-
Publication number: 20210028986Abstract: A computer-implemented method receives a program code and a signature associated with the program code from a database persistency associated with an enterprise threat detection (ETD) system. The received program code is associated with a configuration check, and the configuration check is developed at a development computing system and can collect information associated with a computing system. The received program code and the signature associated with the program code is distributed to a plurality of computing systems that are monitored by the ETD system. At least one configuration check result is received, and the configuration check result is generated by executing the program code on the computing system. The at least one configuration check result then transmitted to the database persistence, and the at least one result is displayed on a database graphical user interface (GUI) associated with the database persistency.Type: ApplicationFiled: October 8, 2020Publication date: January 28, 2021Inventors: Eugen Pritzkau, Hartwig Seifert, Kevin Schwab, Omar-Alexander Al-Hujaj, Volker Guzman, Wei-Guo Peng, Lin Luo, Harish Mehta
-
Patent number: 10841161Abstract: A computer-implemented method receives a program code and a signature associated with the program code from a database persistency associated with an enterprise threat detection (ETD) system. The received program code is associated with a configuration check, and the configuration check is developed at a development computing system and can collect information associated with a computing system. The received program code and the signature associated with the program code is distributed to a plurality of computing systems that are monitored by the ETD system. At least one configuration check result is received, and the configuration check result is generated by executing the program code on the computing system. The at least one configuration check result then transmitted to the database persistence, and the at least one result is displayed on a database graphical user interface (GUI) associated with the database persistency.Type: GrantFiled: August 2, 2018Date of Patent: November 17, 2020Assignee: SAP SEInventors: Eugen Pritzkau, Hartwig Seifert, Kevin Schwab, Omar-Alexander Al-Hujaj, Volker Guzman, Wei-Guo Peng, Lin Luo, Harish Mehta
-
Patent number: 10826926Abstract: A first Event is identified from a normalized log persistency layer, where the first Event is associated with an attack on a computing system. A plurality of Events are fetched from the normalized log persistency layer, where each fetched Event correlates with its neighboring fetched Event by at least one correlation attribute, and each of the fetched Event and the first Event are presented on a graphical user interface as a chain of events. A workspace is generated, where the workspace comprises a series of attack paths, where each attack path corresponds to one Event in the chain of events. An ETD pattern is created based on the attack paths in the workspace.Type: GrantFiled: July 17, 2018Date of Patent: November 3, 2020Assignee: SAP SEInventors: Eugen Pritzkau, Wei-Guo Peng, Omar-Alexander Al-Hujaj, Lin Luo, Volker Guzman, Kevin Schwab
-
Patent number: 10764306Abstract: A Content Service executing in a cloud-computing-based Cloud Platform receives enterprise threat detection (ETD) Content transmitted from an ETD Content Development System (CDS) as a publication of the ETD Content from the ETD CDS. The received ETD Content is stored into a Content Management System (CMS). A determination is made of a registered Client ETD System for which the ETD Content is relevant. The ETD Content is published to the registered Client ETD System.Type: GrantFiled: December 19, 2016Date of Patent: September 1, 2020Assignee: SAP SEInventors: Thanh-Phong Lam, Jens Baumgart, Florian Kraemer, Volker Guzman, Anne Jacobi, Kathrin Nos, Jona Hassforther, Omar-Alexander Al-Hujaj, Stefan Rossmanith, Thorsten Menke
-
Publication number: 20200175159Abstract: A selection of data types is defined from available log data for an evaluation of events associated with an entity. One or more evaluations associated with the entity are defined and reference data is generated from the selection of data types based on the one or more defined evaluations. The one or more evaluations are grouped into a pattern. A three dimensional (3D) score diversity diagram visualization is initialized for display in a graphical user interface, where a point representing the entity in the visualization is localized in 3D space at a coordinate based on two-dimensional (2D) coordinates in a 2D coordinate system of a centroid of the calculated area of a polygon placed to into the 2D coordinate system and defined by the values of each evaluation associated with the entity.Type: ApplicationFiled: February 3, 2020Publication date: June 4, 2020Inventors: Jona Hassforther, Jens Baumgart, Thorsten Menke, Volker Guzman, Florian Kraemer, Anne Jacobi, Thanh-Phong Lam, Omar-Alexander Al-Hujaj, Kathrin Nos
-
Publication number: 20200044924Abstract: A computer-implemented method receives a program code and a signature associated with the program code from a database persistency associated with an enterprise threat detection (ETD) system. The received program code is associated with a configuration check, and the configuration check is developed at a development computing system and can collect information associated with a computing system. The received program code and the signature associated with the program code is distributed to a plurality of computing systems that are monitored by the ETD system. At least one configuration check result is received, and the configuration check result is generated by executing the program code on the computing system. The at least one configuration check result then transmitted to the database persistence, and the at least one result is displayed on a database graphical user interface (GUI) associated with the database persistency.Type: ApplicationFiled: August 2, 2018Publication date: February 6, 2020Inventors: Eugen Pritzkau, Hartwig Seifert, Kevin Schwab, Omar-Alexander Al-Hujaj, Volker Guzman, Wei-Guo Peng, Lin Luo, Harish Mehta
-
Patent number: 10552605Abstract: A selection of data types is defined from available log data for an evaluation of events associated with an entity. One or more evaluations associated with the entity are defined and reference data is generated from the selection of data types based on the one or more defined evaluations. The one or more evaluations are grouped into a pattern. A three dimensional (3D) score diversity diagram visualization is initialized for display in a graphical user interface, where a point representing the entity in the visualization is localized in 3D space at a coordinate based on two-dimensional (2D) coordinates in a 2D coordinate system of a centroid of the calculated area of a polygon placed to into the 2D coordinate system and defined by the values of each evaluation associated with the entity.Type: GrantFiled: December 16, 2016Date of Patent: February 4, 2020Assignee: SAP SEInventors: Jona Hassforther, Jens Baumgart, Thorsten Menke, Volker Guzman, Florian Kraemer, Anne Jacobi, Thanh-Phong Lam, Omar-Alexander Al-Hujaj, Kathrin Nos
-
Publication number: 20200028861Abstract: A first Event is identified from a normalized log persistency layer, where the first Event is associated with an attack on a computing system. A plurality of Events are fetched from the normalized log persistency layer, where each fetched Event correlates with its neighboring fetched Event by at least one correlation attribute, and each of the fetched Event and the first Event are presented on a graphical user interface as a chain of events. A workspace is generated, where the workspace comprises a series of attack paths, where each attack path corresponds to one Event in the chain of events. An ETD pattern is created based on the attack paths in the workspace.Type: ApplicationFiled: July 17, 2018Publication date: January 23, 2020Inventors: Eugen Pritzkau, Wei-Guo Peng, Omar-Alexander Al-Hujaj, Lin Luo, Volker Guzman, Kevin Schwab
-
Patent number: 10534907Abstract: A log processing job executing on a log producing computing system is initiated for processing log data associated with the log producing computing system. Log entries are determined to be available for processing. At least one instance of a Log Extractor Factory, Reader, and Transformation component are instantiated for reading and transforming the log data. Read log data is transformed into a common semantic format as transformed log data and transmitted in real-time to a Streaming Component for storage in an Enterprise Threat Detection (ETD) System. A recovery point is stored with a recovery timestamp indicating a next log entry in the log data to process.Type: GrantFiled: December 15, 2016Date of Patent: January 14, 2020Assignee: SAP SEInventors: Thanh-Phong Lam, Jens Baumgart, Florian Kraemer, Volker Guzman, Anne Jacobi, Kathrin Nos, Jona Hassforther, Omar-Alexander Al-Hujaj, Stefan Rossmanith, Thorsten Menke
-
Patent number: 10530792Abstract: The present disclosure describes methods, systems, and computer program products for performing a frequency domain analysis of activity data for a computer system. One computer-implemented method receiving time domain activity data for a computer system, wherein the time domain activity data comprise activity records associated with the computer system in a time domain; computing, by a hardware processor, frequency domain activity data based on the time domain activity data; and displaying the frequency domain activity data.Type: GrantFiled: December 15, 2016Date of Patent: January 7, 2020Assignee: SAP SEInventors: Kathrin Nos, Volker Guzman, Marvin Klose
-
Patent number: 10440040Abstract: The present disclosure describes methods, systems, and computer program products for performing a frequency domain analysis of activity data for a computer system. One computer-implemented method receiving time domain activity data for a computer system, wherein the time domain activity data comprise activity records associated with the computer system in a time domain; computing, by a hardware processor, frequency domain activity data based on the time domain activity data; and displaying the frequency domain activity data.Type: GrantFiled: December 15, 2016Date of Patent: October 8, 2019Assignee: SAP SEInventors: Kathrin Nos, Volker Guzman, Marvin Klose
-
Publication number: 20180176238Abstract: The present disclosure describes methods, systems, and computer program products for performing a frequency domain analysis of activity data for a computer system. One computer-implemented method receiving time domain activity data for a computer system, wherein the time domain activity data comprise activity records associated with the computer system in a time domain; computing, by a hardware processor, frequency domain activity data based on the time domain activity data; and displaying the frequency domain activity data.Type: ApplicationFiled: December 15, 2016Publication date: June 21, 2018Inventors: Kathrin Nos, Volker Guzman, Marvin Klose
-
Publication number: 20180173872Abstract: A log processing job executing on a log producing computing system is initiated for processing log data associated with the log producing computing system. Log entries are determined to be available for processing. At least one instance of a Log Extractor Factory, Reader, and Transformation component are instantiated for reading and transforming the log data. Read log data is transformed into a common semantic format as transformed log data and transmitted in real-time to a Streaming Component for storage in an Enterprise Threat Detection (ETD) System. A recovery point is stored with a recovery timestamp indicating a next log entry in the log data to process.Type: ApplicationFiled: December 15, 2016Publication date: June 21, 2018Inventors: Thanh-Phong Lam, Jens Baumgart, Florian Kraemer, Volker Guzman, Anne Jacobi, Kathrin Nos, Jona Hassforther, Omar-Alexander Al-Hujaj, Stefan Rossmanith, Thorsten Menke
-
Publication number: 20180173873Abstract: A selection of data types is defined from available log data for an evaluation of events associated with an entity. One or more evaluations associated with the entity are defined and reference data is generated from the selection of data types based on the one or more defined evaluations. The one or more evaluations are grouped into a pattern. A three dimensional (3D) score diversity diagram visualization is initialized for display in a graphical user interface, where a point representing the entity in the visualization is localized in 3D space at a coordinate based on two-dimensional (2D) coordinates in a 2D coordinate system of a centroid of the calculated area of a polygon placed to into the 2D coordinate system and defined by the values of each evaluation associated with the entity.Type: ApplicationFiled: December 16, 2016Publication date: June 21, 2018Inventors: Jona Hassforther, Jens Baumgart, Thorsten Menke, Volker Guzman, Florian Kraemer, Anne Jacobi, Thanh-Phong Lam, Omar-Alexander Al-Hujaj, Kathrin Nos
-
Publication number: 20180176235Abstract: A Content Service executing in a cloud-computing-based Cloud Platform receives enterprise threat detection (ETD) Content transmitted from an ETD Content Development System (CDS) as a publication of the ETD Content from the ETD CDS. The received ETD Content is stored into a Content Management System (CMS). A determination is made of a registered Client ETD System for which the ETD Content is relevant. The ETD Content is published to the registered Client ETD System.Type: ApplicationFiled: December 19, 2016Publication date: June 21, 2018Inventors: Thanh-Phong LAM, Jens Baumgart, Florian Kraemer, Volker Guzman, Anne Jacobi, Kathrin Nos, Jona Hassforther, Omar-Alexander Al-Hujaj, Stefan Rossmanith, Thorsten Menke
-
Publication number: 20130325744Abstract: According to some embodiments, an employee identifier may be received from an employee of an enterprise via an employee device. Based on the employee identifier, a subset of customers associated with the employee may be determined, and business data for each customer in the subset of customers may be received from a remote business server. For each customer in the subset of customers, a display of a virtual plant on the employee device may be automatically facilitated, wherein the display of each plant is automatically modified based at least in part on the business data received for that customer. According to some embodiments, an interactive employee input associated with a first virtual plant is received via the employee device and the display of the first virtual plant may be further modified based on the interactive employee input.Type: ApplicationFiled: May 30, 2012Publication date: December 5, 2013Inventors: Eyal Sinai, Volker Guzman, Guy Kirschbaum, Lior Schejter