Vulnerability Assessment Patents (Class 726/25)
  • Patent number: 12088605
    Abstract: Methods and systems comprising a first portion of a model that includes a model component that is trained to perform sentiment analysis based on training data for a plurality of users (e.g., what language, phrases, and/or responses the population at large uses). The first portion of the model also includes a model component that is trained to identify user intent based on the sentiment analysis that is specific to user groups. For example, the system first determines the likely context and/or meaning of communications of the user. The system then determines a likely intent of the user based on the likely context and/or meaning of communications (e.g., based on a correlation of the meaning of communications of the user and the intents of users corresponding to a user group of the user).
    Type: Grant
    Filed: July 8, 2022
    Date of Patent: September 10, 2024
    Assignee: Capital One Services, LLC
    Inventors: Farshid Marbouti, Gurpreet Singh Sandhu, Sarvani Kare, Nahid Farhady Ghalaty, Daniel Liu, Patrick Sofo, Lee Adcock
  • Patent number: 12088616
    Abstract: A method, system, or apparatus for mitigating computer and network security deficiencies is provided in which, the method, system, or apparatus scans computer system components for finding a vulnerability, generates a Vulnerability Priority Scoring System (VPSS) score for the vulnerability based on the vulnerability, develops a vulnerability mitigation policy based on a system state comprising the VPSS score, wherein the vulnerability mitigation policy provides a best action for mitigating the vulnerability selected among one or more trained possible actions by a deep neural network, and performs the vulnerability mitigation policy based on the best action. Other aspects, embodiments, and features are also claimed and described.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: September 10, 2024
    Assignee: UNIVERSITY OF SOUTH FLORIDA
    Inventor: Ankit Shah
  • Patent number: 12088603
    Abstract: Arrangements for comprehensive threat mitigation are provided. In some aspects, an indication of threat or potential threat may be received from an external entity. In some examples, the threat may include a cybersecurity threat. In response to receiving the indication of threat, identifying data associated with the external entity may be extracted from the indication and used to retrieve pre-stored customizations associated with the desired mitigating actions of the external entity. The one or more mitigating actions may be identified and instructions to execute the one or more mitigating actions may be generated and transmitted to one or more computing devices for execution.
    Type: Grant
    Filed: May 9, 2022
    Date of Patent: September 10, 2024
    Assignee: Bank of America Corporation
    Inventors: Benjamin F. Tweel, Neal Aaron Slensker, James Siekman, Shannon Sabina Rolinger, John Raymond Omernik, Rebecca Lynn Pietro
  • Patent number: 12086265
    Abstract: Methods, apparatus, and processor-readable storage media for automatically performing varied security scans on distributed files using machine learning techniques are provided herein. An example computer-implemented method includes obtaining at least one input file from one of multiple source channels; identifying a data security scan operation, from a set of multiple data security scan operations, for the at least one input file by processing historical data attributed to the at least one input file using machine learning techniques; executing the identified data security scan operation on the at least one input file; generating a hash of the at least one input file and information pertaining to results of the executed data security scan operation; caching the generated hash in at least one cache; and performing automated actions based on the caching of the generated hash in the at least one cache.
    Type: Grant
    Filed: January 19, 2022
    Date of Patent: September 10, 2024
    Assignee: Dell Products L.P.
    Inventors: Bijan Kumar Mohanty, Vinotth Ramalingam, Subramanya Padubidri, Hung T. Dinh
  • Patent number: 12079712
    Abstract: A solid-state image capturing system (1) includes a solid-state image capturing device (100) and an information processing device (200). The solid-state image capturing device (100) includes a first DNN processing unit (130) that executes, on image data, a part of a DNN algorithm by a first DNN to generate a first result. The information processing device (200) includes a second DNN processing unit (230) that executes, on the first result acquired from the solid-state image capturing device, remaining of the DNN algorithm by a second DNN to generate a second result.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: September 3, 2024
    Assignee: SONY SEMICONDUCTOR SOLUTIONS CORPORATION
    Inventors: Seigo Hanada, Suguru Kobayashi
  • Patent number: 12079336
    Abstract: A system for securing electronic devices includes a processor, non-transitory machine readable storage medium communicatively coupled to the processor, security applications, and a security controller. The security controller includes computer-executable instructions on the medium that are readable by the processor. The security application is configured to determine a suspicious file from a client using the security applications, identify whether the suspicious file has been encountered by other clients using the security applications, calculate a time range for which the suspicious file has been present on the clients, determine resources accessed by the suspicious file during the time range, and create a visualization of the suspicious file, a relationship between the suspicious file and the clients, the time range, and the resources accessed by the suspicious file during the time range.
    Type: Grant
    Filed: December 30, 2022
    Date of Patent: September 3, 2024
    Assignee: Musarubra US LLC
    Inventors: Derek Pearcy, Jessica Heinrich, Michael Bishop, Cristian Fiorentino, Jessica Gaskins, Martina Borkowsky
  • Patent number: 12079348
    Abstract: A risk rating method and system that predicts the risk likelihood, the risk impact, and the risk rating of certain threats and vulnerabilities from exploiting different component groups. In some embodiments, the system's predictions (also referred to herein as inferences) are generated based on data elements provided by a user about its organization's information systems. In further embodiments, the method and system utilizes data mining, historical records, and an AI Engine to provide the predictions for the risk likelihood, the risk impact, and the risk rating posed by the various threat occurrences.
    Type: Grant
    Filed: January 25, 2023
    Date of Patent: September 3, 2024
    Assignee: CLEARWATER COMPLIANCE LLC
    Inventors: Jonathan D. Stone, Tess Array Miller, Ravneet Singh, Jonathan A. Moore
  • Patent number: 12081503
    Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actuatable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.
    Type: Grant
    Filed: July 29, 2020
    Date of Patent: September 3, 2024
    Assignee: Proofpoint, Inc.
    Inventors: Kurt Wescoe, Trevor T. Hawthorn, Alan Himler, Patrick H. Veverka, John T. Campbell, Dustin D. Brungart, Norman Sadeh-Koniecpol
  • Patent number: 12081542
    Abstract: A computer readable medium having executable code that causes one or more processors to: receive at least one of a first image of the user or a first representation of a face of the user; if a first image of the user was received, then generate a generated representation of the face of the user using the first image; capture a second image of the user and generate a second representation of the face of the user using the second image; receive an authentication factor; determine validity of the authentication factor; reduce a confidence threshold based on the authentication factor; determine a likelihood of a match between the second representation and at least one of the first representation and the generated representation; and permit access by the user to a secure asset in instances where the likelihood of a match meets the confidence threshold.
    Type: Grant
    Filed: December 30, 2021
    Date of Patent: September 3, 2024
    Assignee: ASSA ABLOY AB
    Inventor: James Scott Voss
  • Patent number: 12075252
    Abstract: Various embodiments include systems and methods of implementing radio frequency (RF) capture analysis reporting. The implementing may include receiving RF data captured by RF capture component(s) positioned at location(s) within a physical environment. The captured RF data includes RF device metrics associated with RF device(s) identified by the RF capture component(s) as being located within the physical environment. One or more analysis operations may be performed with respect to the RF device(s) based at least in part on the RF device metrics. Based at least in part on a result of the analysis operation(s), a potential security vulnerability associated with a particular RF device may be identified. A report may be generated that identifies at least the potential security vulnerability associated with the particular RF device.
    Type: Grant
    Filed: November 15, 2021
    Date of Patent: August 27, 2024
    Assignee: Rapid7, Inc.
    Inventors: Deral Heiland, Matthew Kienow, Adam Bunn, Alberto Cecioni
  • Patent number: 12074893
    Abstract: Disclosed are a system, method, and computer program product for user network activity anomaly detection. The method includes generating a multilayer graph from network resource data, and generating an adjacency matrix associated with each layer of the multilayer graph to produce a plurality of adjacency matrices. The method further includes assigning a weight to each adjacency matrix to produce a plurality of weights, and generating a merged single layer graph by merging the plurality of layers based on a weighted sum of the plurality of adjacency matrices using the plurality of weights. The method further includes generating a set of anomaly scores by generating, for each node in the merged single layer graph, an anomaly score. The method further includes determining a set of anomalous users based on the set of anomaly scores, detecting fraudulent network activity based on the set of anomalous users, and executing a fraud mitigation process.
    Type: Grant
    Filed: May 26, 2023
    Date of Patent: August 27, 2024
    Assignee: Visa International Service Association
    Inventors: Bo Dong, Yuhang Wu, Yu-San Lin, Michael Yeh, Hao Yang
  • Patent number: 12074902
    Abstract: A method for performing cyber-security analysis includes generating a semantic graph in which each object is represented as a node, and each event associated with an object is represented as an edge. A cyber-threat related alert, with an associated alert type, is received from a source. A first object from the plurality of objects is modified based on the alert. A plurality of threat scores, each associated with an object, are calculated, substantially concurrently, based on the alert type. Subsequently, a plurality of modified threat scores are determined for each object, based on: (1) the threat score for that object, (2) a connectivity of that object to each of the remaining objects within the semantic graph; and (3) the threat score for each remaining object from the plurality of objects. A subgraph of the semantic graph is identified based on normalized versions of the modified threat scores.
    Type: Grant
    Filed: June 20, 2023
    Date of Patent: August 27, 2024
    Assignee: GOOGLE LLC
    Inventors: Scott Eric Coull, Jeffrey Thomas Johns
  • Patent number: 12067128
    Abstract: Methods, computer-readable media, software, systems and apparatuses may retrieve, via a computing device and over a network, information related to one or more characteristics of a particular application or service deployed in a computing environment. The particular application or service may be associated with a class of applications or services based on the information. A type of personal data collected may be determined for each application or service in the associated class. For the particular application or service, a risk metric indicative of a type of personal data collected by the particular application or service in relation to the type of personal data collected by other applications or services in the associated class may be determined. An additional application or service with a lower risk than the particular application or service may be recommended.
    Type: Grant
    Filed: December 19, 2022
    Date of Patent: August 20, 2024
    Assignee: ALLSTATE INSURANCE COMPANY
    Inventor: Joshua Hurwitz
  • Patent number: 12069091
    Abstract: There is disclosed in one example a computing apparatus, including: a processor and a memory; a network interface; and instructions encoded within the memory to instruct the processor to: receive a uniform resource locator (URL) for analysis, the URL to access a web page via a remote server; via the network interface, retrieve from the remote server a copy of the web page; render the web page in a headless browser to provide a computer-accessible visual output; perform visual analysis of the visual output via a digital eye; compare the visual analysis to a plurality of known phishing target websites; and if the comparison identifies the web page as visually similar to a known phishing target website, detect the web page as a phishing web page.
    Type: Grant
    Filed: August 5, 2022
    Date of Patent: August 20, 2024
    Assignee: McAfee, LLC
    Inventor: Shashi KIran N
  • Patent number: 12069074
    Abstract: An automated framework provides security monitoring and analysis in a network by autonomously detecting actual and potential threats to the network. In response to detection of a threat, the framework instantiates a Situation to provide directed monitoring of the threat. The Situation invokes specific skills based on the state of the Situation to monitor network traffic for activity specific to the threat that instantiated the Situation. As data is collected, additional skills may be invoked based on the additional data to collect new data, and previously invoked skills may be terminated depending on the additional data to avoid collecting information that is no-longer relevant.
    Type: Grant
    Filed: June 9, 2021
    Date of Patent: August 20, 2024
    Assignee: ARISTA NETWORKS, INC.
    Inventors: Keith Amidon, David Pearson, Jeff Polakow, Matthew Park, Gary Golomb
  • Patent number: 12061709
    Abstract: A computing device, such as a server, has a sealed housing and runs one or more data extraction agents. In some embodiments, the computing device includes one or more processors and memory located inside the sealed housing, the memory stores instructions that when executed by the one or more processors causes the one or more processors to: authenticate with a data recipient system using a prestored security engine and using a shared registration secret uniquely associating the computing device with the data recipient system; retrieve an extraction job specification from an extraction job specification repository associated with the data recipient system; and using the extraction job specification, communicate to one or more client computing devices associated with a client system to extract data records from one or more data stores of the client system. Related methods are also disclosed.
    Type: Grant
    Filed: November 5, 2019
    Date of Patent: August 13, 2024
    Assignee: Palantir Technologies Inc.
    Inventors: Jason Free, Charles Walters, Claude Johnson, Stephen Denney, Drew Tuck, Jerry Sung, Daniel Berkowitz, Quinn Beightol, Melvin Shaw, Charles Smith
  • Patent number: 12063243
    Abstract: An autonomous email-report composer composes a type of report on cyber threats that is composed in a human-readable format with natural language prose, terminology, and level of detail on the cyber threats aimed at a target audience. The autonomous email-report composer cooperates with libraries with prewritten text templates with i) standard pre-written sentences written in the natural language prose and ii) prewritten text templates with fillable blanks that are populated with data for the cyber threats specific for a current report being composed, where a template for the type of report contains two or more sections in that template. Each section having different standard pre-written sentences written in the natural language prose.
    Type: Grant
    Filed: July 29, 2020
    Date of Patent: August 13, 2024
    Assignee: Darktrace Holdings Limited
    Inventors: John Anthony Boyer, Dickon Humphrey, Matthew Dunn
  • Patent number: 12061697
    Abstract: Detecting a malicious package associated with a software repository. A method identifies a subject package in a software repository, and extracts a feature set from the subject package. The feature set includes single-version features, including whether the subject package accesses personally identifying information, accesses specified system resource(s), uses specified application programming interface(s), includes installation script(s), and/or includes a binary, minified, or obfuscated file. The feature set also includes change features, including an amount of time since publication of a prior version of the subject package, a semantic update type, and/or how single-version feature(s) have changed since the prior version. The method provides the feature set as input to a set of classifiers, each being configured to use the feature set to generate a prediction of whether the subject package is malicious or benign.
    Type: Grant
    Filed: February 16, 2022
    Date of Patent: August 13, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Max Schaefer, Adriana Sejfia
  • Patent number: 12061771
    Abstract: Systems and methods for visual streams/Feeds and no-coding programming/management interface of trusted application/human flows and of addressable/measurable resources for end of supply excellence are described herein. Specifically, a biometrically controlled, crypto secure, peer-to-peer/service/authority/united trusted, “no touch” capable, space point independent, closed-loop self-resource/service-resource efficacy increasing, flexible assistant as a service is described that addresses the situational disconnected multi-channeling, over-processing and parallel communication flaws and lack of evidence/efficiency/non-identifiable transparency seen in current systems of (social) media and (physical) services, administration and overhead.
    Type: Grant
    Filed: December 23, 2021
    Date of Patent: August 13, 2024
    Inventor: Patrick Schur
  • Patent number: 12058146
    Abstract: A method for generating trust metrics for sensor data is disclosed. The method can include receiving the sensor data from at least one sensor associated with a platform; categorizing the sensor data into one or more sensor data types; applying one or more threat detection algorithms to the sensor data based on the one or more sensor data types to detect one or more threats to the integrity of the sensor data; calculating a detection certainty for the sensor data from the at least one sensor, the detection certainty indicating a probability that the one or more threats are affecting the integrity of the sensor data; and generating a trust metric for the sensor data of the at least one sensor based on the detection certainty for the sensor data from the at least one sensor.
    Type: Grant
    Filed: July 2, 2020
    Date of Patent: August 6, 2024
    Assignee: BOOZ ALLEN HAMILTON INC.
    Inventors: Paul D'Angio, Randy Yamada, Natasha Norris, Jon Duntze
  • Patent number: 12058158
    Abstract: A method and system for intrusion detection to detect malicious insider threat activities within a network of user profiles. The method includes training a Neural Network on multiple sets of user profile data for multiple user profiles and on multiple sets of activity data of the multiple user profiles of the network, such that the Neural Network is capable of predicting for future dates activities for multiple user profiles. The method includes applying the trained Neural Network on the set of further user profile data of the further user profile, predicting an activity of the further user profile based on the multiple sets of activity data by the trained Neural Network, observing activity of the further user profile, applying the trained Neural Network on the observed activity, and detecting malicious activity for the further user profile by the trained Neural Network, if the observed activity deviates from the predicted activity.
    Type: Grant
    Filed: July 20, 2022
    Date of Patent: August 6, 2024
    Assignee: BULL SAS
    Inventors: Mathieu Garchery, Zerhoudi Saber, Michael Granitzer
  • Patent number: 12058167
    Abstract: A method, apparatus, and system provide the ability to act on cyber risks and reduce cyber attacks. System characteristics and system information for a cyber system are gathered. The system characteristics and system information are pre-processed to identify vulnerabilities that are relevant to the cyber system. A system model of a cyber environment is generated for the cyber system. One or more features are converted from cyber threat reports to one or more semantically relevant queries over the system model. The system model is reasoned over to generate one or more answers relevant to the one or more semantically relevant queries. Attack models are executed over the system model to generate actionable intelligence and reduce cyber attacks.
    Type: Grant
    Filed: August 23, 2022
    Date of Patent: August 6, 2024
    Assignee: CALIFORNIA INSTITUTE OF TECHNOLOGY
    Inventors: Kymie Tan, Jeremy L. Pecharich, Arun A. Viswanathan, Marc I. Pomerantz, Deniz E. Celik, Bryan Johnson, Brian Wright
  • Patent number: 12058168
    Abstract: A system for managing security within an enterprise includes a computing device that receives a vulnerability, generates a user score for each user within the enterprise and generates a threat score for the vulnerability. A user device score may also be generated for each device associated with a user. Based on the user score and the threat score, a composite score is generated. After acquiring a security measure, the security measure is implemented based on the composite score and, at times, the user score.
    Type: Grant
    Filed: September 12, 2022
    Date of Patent: August 6, 2024
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Douglas C. Rambo, Steven M. Trudeau, Titanya Hughes, Michael Colehouse, Timothy J. Calabro, Vincent N. Nguyen, Ben D. Brenden
  • Patent number: 12052273
    Abstract: Techniques for providing network traffic security in a virtualized environment are described. A threat aware controller uses a threat feed provided by a threat intelligence service to establish a threat detection engine on virtual switches. The threat aware controller and threat detection engine work together to detect any anomalous or malicious behavior of network traffic on the virtual switch and established virtual network functions to quickly detect, verify, and isolate network threats.
    Type: Grant
    Filed: December 15, 2022
    Date of Patent: July 30, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Balaji Sundararajan, Alberto Rodriguez Natal, Yegappan Lakshmanan, Fabio R. Maino, Anand Oswal
  • Patent number: 12050688
    Abstract: A computer device including a computing engine having a plurality of processor cores configured to simultaneously execute identical sets of processor-executable instructions, where each of the processor cores includes different instruction code assignments, and a malware monitoring and remediation component that detects presence of malware when instruction register values from a predetermined number of processor cores are identical during an instruction cycle. In various embodiments, the computer device may be an “edge” computer deployed in military or other highly-sensitive environments. The computing engine may be implemented using one or more field programmable gate arrays (FPGAs).
    Type: Grant
    Filed: February 15, 2024
    Date of Patent: July 30, 2024
    Assignees: MONTANA STATE UNIVERSITY, RESILIENT COMPUTING, LLC
    Inventors: Brock Jerome Lameres, Christopher Michel Major, Clemente I. Izurieta
  • Patent number: 12052282
    Abstract: Systems and/or techniques for facilitating automatic detection of proxy-based phishing sites are provided. In various embodiments, a system can access a computer-executable web resource and can embed an authorization verification logic within the computer-executable web resource. In various aspects, upon execution of the computer-executable web resource, the authorization verification logic can be configured to: identify a computing domain via which the computer-executable web resource is being executed; compare the identified computing domain with one or more authorized computing domains; determine that the identified computing domain is an unauthorized proxy site if the identified computing domain does not match at least one of the one or more authorized computing domains; and initiate a remedial action based on determining that the identified computing domain is an unauthorized proxy site.
    Type: Grant
    Filed: August 25, 2021
    Date of Patent: July 30, 2024
    Assignee: PayPal, Inc.
    Inventors: Abraham Joseph Kang, Bharat Chandra Penta, Antonio Montanez, Jr., Faisal M Khan, Vinh Nguyen, Casey Ian Abernathy, Ilya Volodin
  • Patent number: 12050697
    Abstract: Execution of software containers is secured using security profiles. A security profile is generated for a container image, wherein the container image includes resources utilized to execute a corresponding application container, wherein the generated security profile includes at least a spawned processes profile, wherein the spawned processes profile includes, for each spawned process executed at runtime by the application container, a signature of an executable file of the spawned process. The operation of a runtime execution of the application container is monitored. A violation of the spawned processes profile is detected based on the monitored operation.
    Type: Grant
    Filed: April 6, 2023
    Date of Patent: July 30, 2024
    Assignee: Twistlock Ltd.
    Inventors: Dima Stopel, Liron Levin
  • Patent number: 12050685
    Abstract: Embodiments of the present invention include computer-implemented methods, systems, and computer program products where program code executing on a processor(s) obtains an artifact of a given computing system. The program code determines a type for the artifact. The program code designates a given analysis tool from a plurality of analysis tools, to process the artifact. The program code processes the artifact by utilizing the given analysis tool, to determine facts of the artifact. The program code determines which facts of the one or more facts comprise elements of a threat model. The program code stores the elements of the threat model and the facts. The program code generates a threat model for the given computing system, based on consolidating the elements of the threat model for the artifact with additional elements of the threat models of additional artifacts.
    Type: Grant
    Filed: December 30, 2021
    Date of Patent: July 30, 2024
    Inventor: Robert J. Mooney, III
  • Patent number: 12047383
    Abstract: This disclosure describes embodiments of an improvement to the static group solution because all the administrator needs to do is specify the criteria they care about. Unlike static groups, where the administrator needs to keep track of the status of individual users and move them between static groups as their status changes, smart groups allows for automatic identification of the relevant users at the moment that action needs to be taken. This feature automates user management for the purposes of enrollment in either phishing and training campaigns. Because the smart group membership is determined as the group is about to be used for something, the smart group membership is always accurate and never outdated. The query that determines the smart group membership gets run at the time when you are about to do a campaign or perform some other action that needs to know the membership of the smart group.
    Type: Grant
    Filed: May 27, 2022
    Date of Patent: July 23, 2024
    Inventors: Greg Kras, Alin Irimie
  • Patent number: 12045843
    Abstract: Systems, methods, and devices for tracking and managing data shared with third parties are disclosed. In one embodiment, a method including: retrieving data collection and usage policies of an entity; processing the data collection and usage policies with a natural language processing (NLP) model; generating, by the NLP model, predictive data collection and data usage attributes; generating a feature vector from the predictive data collection and data usage attributes; processing the feature vector with a graph neural network; storing data structured as a graph including the entity and the predictive data collection and data usage attributes; and processing the data structured as a graph with a classifier model that labels the entity as a first node in the data structured as a graph and predicts an edge to a second node in the data structured as a graph based on the predictive data collection and data usage attributes.
    Type: Grant
    Filed: October 7, 2021
    Date of Patent: July 23, 2024
    Assignee: JPMORGAN CHASE BANK , N.A.
    Inventors: Michelle Bonat, Tuan Dao, Rod Bachelor, Jeremy F. Bennett
  • Patent number: 12047355
    Abstract: Systems and methods mitigate aggregate exposure of identifying information using machine learning. A privacy monitoring system identifies entities and corresponding entity types by applying a set of domain-specific neural networks, each trained to recognize a particular entity type, to media data extracted from two or more content items associated with a user. The privacy monitoring system computes a privacy score indicating a cumulative privacy risk for potential exposure of identifying information associated with the user from the two or more content items by identifying connections between the identified entities. The connections between the entities are weighted according to the entity types and contribute to the privacy score. A reporting subsystem outputs an indication of a recommended action for mitigating the cumulative privacy risk.
    Type: Grant
    Filed: March 8, 2021
    Date of Patent: July 23, 2024
    Assignee: Adobe Inc.
    Inventors: Robert W. Burke, Jr., Ronald Oribio
  • Patent number: 12047415
    Abstract: In an embodiment, a non-transitory medium stores code representing instructions to be executed by one or more processors. The instructions comprise code to cause the one or more processors to receive, at a compute device associated with a user, a message that is a simulated phishing test. The instructions further comprise code to cause the one or more processors cause, without human intervention and automatically in response to receiving the message, a link included in the simulated phishing test to be selected while not indicating that the user has failed the simulated phishing test. The instructions further comprise code to cause the one or more processors determine, after the link has been clicked, that an action indicating that the user has failed the simulated phishing test has been performed.
    Type: Grant
    Filed: June 13, 2023
    Date of Patent: July 23, 2024
    Assignee: Arctic Wolf Networks, Inc.
    Inventors: Nick Fauset, Brent Bennett, Stephen McDermott, Marissa Lynn Pandes, Tim Hadden, Brennon David Thomas
  • Patent number: 12041072
    Abstract: The present disclosure provides a method, system, and device for securely updating a software release across a network. To illustrate, a server may compile a transaction log that includes information corresponding to one or more nodes in the network to which the software release has been transmitted. The server may analyze one or more files based on vulnerability information to identify at least one file of the one or more files that poses a risk. The server may also identify at least one node of the network at which the at least one file is deployed. Based on identifying the at least one node, the server may transmit a corrective action with respect to the at least one node.
    Type: Grant
    Filed: October 30, 2022
    Date of Patent: July 16, 2024
    Assignee: JFrog Ltd.
    Inventor: Yoav Landman
  • Patent number: 12039546
    Abstract: A system includes buyer portal logic enabling a buyer to specify security requirements for attestation by a supplier. The system includes attestation program logic enabling the supplier to define a continuous attestation program for the security requirements through a supplier interface provided by supplier portal logic. The continuation attestation program includes an annual attestation program and a sub-annual attestation program. The system receives compliance attestation responses from the supplier for the security requirements and correlates the compliance attestation responses to the continuous attestation program for the supplier. The system enables the supplier to specify an access privilege for the buyer with regard to the supplier's sub-annual continuous attestation program data and/or annual attestation program data.
    Type: Grant
    Filed: September 13, 2019
    Date of Patent: July 16, 2024
    Assignee: Referentia Systems Incorporated
    Inventors: Timothy C. Williams, Nelson T. Kanemoto
  • Patent number: 12039037
    Abstract: A method, a computer program product and an apparatus for online detection of command injection attacks in a computerized system. The method comprises determining that an input of a potential input provisioning event received from a network includes a command separator and an executable product and recording a suspicious record event. The method further comprises determining that an execution command configured to be executed a potential execution event correlates to the suspicious record event and in response to said determining flagging the execution command as a command injection attack. The method further comprises performing a remedial action with respect to the flagged command injection attack prior to attempting to execute the execution command.
    Type: Grant
    Filed: July 25, 2023
    Date of Patent: July 16, 2024
    Assignee: JFROG LTD
    Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
  • Patent number: 12040961
    Abstract: Novel tools and techniques are provided for implementing firewall functionalities, and, more particularly, to methods, systems, and apparatuses for implementing high availability (“HA”) web application firewall (“WAF”) functionalities. In various embodiments, a first computing system might monitor network communications between a client and a server providing access to software applications, and might determine whether latency has been introduced as a result of at least one first WAF container having been launched and whether any introduced latency exceeds a predetermined threshold, each first WAF container being tuned to a corresponding software application and protecting the software application from network attacks. Based on a determination that latency has been introduced and based on a determination that the introduced latency exceeds the predetermined threshold, one or more second WAF containers may be launched, each being tuned to the corresponding software application.
    Type: Grant
    Filed: July 28, 2023
    Date of Patent: July 16, 2024
    Assignee: CenturyLink Intellectual Property LLC
    Inventor: Ronald A. Lewis
  • Patent number: 12041086
    Abstract: Aspects of the disclosure relate to detecting impersonation in email body content using machine learning. Based on email data received from user accounts, a computing platform may generate user identification models that are each specific to one of the user accounts. The computing platform may intercept a message from a first user account to a second user account and may apply a user identification model, specific to the first user account, to the message, so as to calculate feature vectors for the message. The computing platform then may apply impersonation algorithms to the feature vectors and may determine that the message is impersonated. Based on results of the impersonation algorithms, the computing platform may modify delivery of the message.
    Type: Grant
    Filed: December 8, 2022
    Date of Patent: July 16, 2024
    Assignee: Proofpoint, Inc.
    Inventor: Harold Nguyen
  • Patent number: 12041071
    Abstract: A method, system, and computer program product for identifying a malicious user obtain a plurality of service requests for a service provided by a processing system, each service request of the plurality of service requests being associated with a requesting user and a requesting system, and a plurality of service responses associated with the plurality of service requests, each service response of the plurality of service responses being associated with the processing system; and identify the requesting user as malicious based on the plurality of service requests and the plurality of service responses.
    Type: Grant
    Filed: January 11, 2023
    Date of Patent: July 16, 2024
    Assignee: Visa International Service Association
    Inventors: Bartlomiej Piotr Prokop, Kerry Philomena McGullion, Peter Jackson Lennon, Thomas Joseph Looney
  • Patent number: 12039480
    Abstract: A computer-implemented method of identifying and mitigating information security risks may be provided. The method may involve an operator receiving control implementation inputs and historical and cyber risk intelligence control effectiveness data and combining the historical and cyber risk intelligence control effectiveness data and the operator control implementation input to determine a control effectiveness measurement for each of a plurality of risk scenarios. The determined control effectiveness measurement results may be aggregated for each of a plurality of controls for the plurality of risk scenario, a control effectiveness simulation model may be generated, and a control effectiveness simulation model summary may be outputted.
    Type: Grant
    Filed: October 12, 2022
    Date of Patent: July 16, 2024
    Assignee: Secure Systems Innovation Corporation
    Inventor: Robert Vescio
  • Patent number: 12034755
    Abstract: Computer software that assesses risks for security threat events by that performing the following operations: (i) receiving information pertaining to a managed asset; (ii) identifying, based, at least in part, on the received information: a threat to the managed asset and, one or more corresponding security controls for mitigating the threat, the security controls having associated control criteria; (iii) utilizing a risk assessment engine to calculate a risk value for the threat based, at least in part, on the received information; (iv) calculating a certainty factor for the threat based, at least in part, on a measure of belief associated with the control criteria; and (v) performing a computer-based remediation action based, at least in part, on the risk value and the certainty factor.
    Type: Grant
    Filed: March 18, 2021
    Date of Patent: July 9, 2024
    Assignee: International Business Machines Corporation
    Inventor: Douglas F Egan
  • Patent number: 12032681
    Abstract: The methods and systems disclosed herein generally relate to automated execution and evaluation of computer network training exercises, such as in a virtual environment. A server executes a first attack action by a virtual attack machine against a virtual target machine based on a cyber-attack scenario, wherein the virtual target machine is configured to be controlled by the user computer. The server receives a user response to the first attack action, determines, using a decision tree, a first proposed attack action based on the user response, and executes an artificial intelligence model to determine a second proposed attack action based on the user response. The server selects a subsequent attack action from the first proposed attack action and the second proposed attack action and executes the subsequent attack action by the virtual attack machine against the virtual target machine.
    Type: Grant
    Filed: August 26, 2022
    Date of Patent: July 9, 2024
    Assignee: Architecture Technology Corporation
    Inventors: Matthew Donovan, Paul Nicotera, Dahyun Hollister, Robert Joyce, Judson Powers
  • Patent number: 12032664
    Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the correlation of identities determined authoritative source systems with uncorrelated accounts within an enterprise using artificial intelligence techniques.
    Type: Grant
    Filed: March 18, 2022
    Date of Patent: July 9, 2024
    Assignee: SAILPOINT TECHNOLOGIES, INC.
    Inventors: Matthew Lee Domsch, Rohit Gupta
  • Patent number: 12034753
    Abstract: A system that detects malicious traffic flows in a network includes a computer system including a processor in communication with at least one memory device. The processor is programmed to store a plurality of context information about the network including a plurality of devices. The processor is also programmed to determine a network configuration of the network at a specific point in time. The processor is further programmed to generate one or more security policies for one or more devices of the plurality of devices in the network based on the network configuration and the plurality of context information. In addition, the processor is programmed to deploy the one or more security policies to the one or more devices in the network, wherein the one or more devices are configured to execute an algorithm to monitor communications on the network in view of a corresponding security policy of the one or more security policies.
    Type: Grant
    Filed: November 29, 2021
    Date of Patent: July 9, 2024
    Assignee: The Boeing Company
    Inventors: Scott Charles Sullivan, Ronald Ward Sackman, Ramin Nobakht
  • Patent number: 12034747
    Abstract: Data associated with performances of microservices functioning in a distributed computing environment is clustered by executing an unsupervised machine learning algorithm. A representative data is selected from a cluster, selecting performed for a plurality of the clusters. Based on time series data of the representative data associated with the plurality of the clusters, causal extraction is performed. Based on the causal extraction and the plurality of the clusters, a causal graph is constructed. The causal graph is embedded into vector space. Based on the embedded vector space, an artificial neural network model can be trained for managing the distributed computing environment.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: July 9, 2024
    Assignee: International Business Machines Corporation
    Inventors: Ramya Raghavendra, Mudhakar Srivatsa, Joshua M. Rosenkranz, Christopher Streiffer
  • Patent number: 12026683
    Abstract: In general, the invention relates to a method involving allowing access to a financial application by a third-party extension based on a single license to use the financial application, where the third-party extension was developed by a third-party developer using one or more tools in a software development kit (SDK) for the financial application and where the financial application stores first transaction data obtained for a first user of the financial application, monitoring operations performed on the financial application by the third-party extension to detect operations that migrate transaction data to a competitive application, using distributed computing software adjust a risk index that is associated with the third-party extension, determining that the risk index exceeds a pre-defined threshold, and controlling future access to the financial application by the third-party extension.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: July 2, 2024
    Assignee: Intuit Inc.
    Inventors: Venkata Nagabhushan Rao Varagani, Sudeep Gangadharan
  • Patent number: 12028380
    Abstract: A method of building a risk management model, the method including: sampling a plurality of organization networks; assessing identified security features; ranking the identified security features based on security risk; transforming ranked features into categorized factors; building logistic model to blend the categorized factors into a likelihood of breach; and transforming the logistics model from a multiplicative model to an additive model by scaling the logistics model.
    Type: Grant
    Filed: June 15, 2021
    Date of Patent: July 2, 2024
    Assignee: Fortify Data Inc.
    Inventor: Victor Gamra
  • Patent number: 12028351
    Abstract: A computer-implemented method, system and computer program product for protecting against application programming interface (API) attacks. A connection is established between an API user and an API provider. The established connection is then monitored to assess connection security and trustworthiness of the connection as well as trustworthiness of the API user and/or API provider. A score is then generated for each factor used in assessing the connection security and trustworthiness of the connection as well as the trustworthiness of the API user and/or API provider based on the monitoring. A level of risk for an API attack with respect to the API user and/or API provider is then generated based on such scores. An action (e.g., blocking traffic) is then performed with respect to the API user and/or API provider based on the level of risk for an API attack with respect to the API user and/or API provider, respectively.
    Type: Grant
    Filed: November 15, 2021
    Date of Patent: July 2, 2024
    Assignee: International Business Machines Corporation
    Inventors: Lloyd Wellington Mascarenhas, Matthias Seul, Arielle Tovah Orazio
  • Patent number: 12028367
    Abstract: Systems and methods can enable select virtual session capabilities on a user device configured to access a virtual session, which is an instance of a virtual machine. The user device can receive and forward to a gateway sever, a request to launch a virtual session. Based on the virtual session launch request, the gateway server can obtain a compliance profile determined from operational data. The gateway can permit user device access a virtual session hosted on a virtual machine (“VM”) server. The VM server can use the compliance profile and security data from the user device to determine a risk profile of the user device. The virtual session can be configured at the VM server based on the risk profile so as to allow access to a subset of available applications and functions within the applications for the virtual session.
    Type: Grant
    Filed: February 15, 2023
    Date of Patent: July 2, 2024
    Assignee: VMware LLC
    Inventors: Sisimon Soman, Padoor Chandramohan Arun
  • Patent number: 12028366
    Abstract: Disclosed embodiments relate to systems and methods for dynamically performing entity-specific security assessments for entities of virtualized network environments. Techniques include identifying an entity associated with a virtualized network environment, identifying a plurality of security factors, determining entity-specific weights to the plurality of security factors, and generating a composite exposure assessment for the entity.
    Type: Grant
    Filed: March 11, 2021
    Date of Patent: July 2, 2024
    Assignee: CyberArk Software Ltd.
    Inventors: Niv Rabin, Michael Balber, Noa Moyal, Asaf Hecht, Gal Naor
  • Patent number: 12021561
    Abstract: Provisioning of Internet Protocol (IP) configuration data or other configuration related data for devices or services connected to a passive optical network (PON) is contemplated. The provisioning may be facilitated with an optical line terminal (OLT) providing the desired configuration data over the PON to an optical network unit (ONU) connected to the device or service desired for provisioning, such as to enable the ONU to provision the device or service without exchanging Dynamic Host Configuration Protocol (DHCP) messaging with a DHCP server.
    Type: Grant
    Filed: November 23, 2020
    Date of Patent: June 25, 2024
    Assignee: Cable Television Laboratories, Inc.
    Inventors: John Berg, Jon Schnoor