Search Patents
  • Fast detection and remediation of unmanaged assets
    Patent number: 9769037
    Abstract: In one aspect, methods, system, and computer-readable media for monitoring unmanaged assets in a network having a plurality of managed machines include: at a first managed machine of the plurality of managed machines, wherein the plurality of managed machine are arranged in a linear communication orbit and have respective identifiers, and each managed machine is coupled to at least one respective neighbor by a corresponding local segment of the linear communication orbit: responding to a detection instruction for detecting unmanaged assets currently present in the network, by: scanning for live unmanaged machines within a selected portion of the network that is associated with a range of identifiers that includes identifiers between the respective identifiers of the first managed machine and a respective neighbor of the first managed machine; and generating a local report identifying one or more unmanaged machines that have been detected within the selected portion of the network.
    Type: Grant
    Filed: November 25, 2014
    Date of Patent: September 19, 2017
    Assignee: TANIUM INC.
    Inventors: David Hindawi, Orion Hindawi, Lisa Lippincott, Peter Lincroft
  • Automated mapping of multi-tier applications in a distributed system
    Patent number: 11956335
    Abstract: An application mapping procedure obtains and aggregates application mapping information from a plurality of machines in a distributed system. An application dependency map, including first layer of application mapping information, is initialized, and then a first query is sent to one or more of the machines. In response, information identifying entities that have participated in predefined communications with entities identified in an existing layer of application mapping information in the application dependency map are received, and a second layer of application mapping information is added to the application dependency map, based at least in part on the information received in response to the first query. After adding the second layer of application mapping information to the application dependency map, a second query is sent to one or more of the of the endpoint machines, the second query being based at least in part on the application dependency map.
    Type: Grant
    Filed: May 23, 2022
    Date of Patent: April 9, 2024
    Assignee: Tanium Inc.
    Inventors: Naveen Goela, Rishi Kant, Andrew R. White, Christian L. Hunt, David Irwin
  • Automated mapping of multi-tier applications in a distributed system
    Patent number: 11343355
    Abstract: An application mapping procedure obtains and aggregates application mapping information from a plurality of machines in a distributed system. A first layer of application mapping information is generated, identifying application entry points, each comprising a machine and a process executed by the identified machine. An application map is initialized with the first layer of application mapping information. A plurality of iterations of a predefined map gathering operation are performed, each iteration adding a layer of application mapping information to the application map, thereby producing an application map of the distributed processing of one or more respective applications. Each iteration sends queries, via one or more linear communication orbits, to machines in the distributed system, and obtains from the machines information identifying entities that have participated in predefined communications with entities identified in a most recently generated or added layer of application mapping information.
    Type: Grant
    Filed: July 30, 2020
    Date of Patent: May 24, 2022
    Assignee: TANIUM INC.
    Inventors: Naveen Goela, Rishi Kant, Andrew R. White, Christian L. Hunt, David Irwin
  • Reliable map-reduce communications in a decentralized, self-organizing communication orbit of a distributed network
    Patent number: 11461208
    Abstract: A first machine identifies, from among a non-static collection of machines, a respective set of forward contacts that comprises a set of machines. The set of forward contacts are distributed along the ordered sequence in the forward direction away from the respective machine in an order of increasing similarity between the respective channel number assigned to the first machine and a respective channel number assigned to each of the set of forward contacts. The first machine establishes a respective direct communication channel between the first machine and each of the set of forward contacts. The first machine sends a first query to a first forward contact and sends collected answers for the first query to at least a second forward contact that has a greater similarity to the first machine based on the respective channel numbers of the first machine and the first and second forward contacts.
    Type: Grant
    Filed: May 12, 2020
    Date of Patent: October 4, 2022
    Assignee: TANIUM INC.
    Inventors: Lisa Lippincott, David Hindawi, Orion Hindawi, Peter Lincroft
  • System and method for generating a global dictionary and performing similarity search queries in a network
    Patent number: 11886229
    Abstract: In a distributed system that includes a collection of machines, a server system generates a global dictionary from sampling responses received from machines in the collection of machine, at least a subject of the sampling responses including information indicating one or more terms in a corpus of information stored at a respective machine in the collection of machines. The global dictionary includes global document frequency values corresponding to the document frequencies of terms in the corpora of information stored in the collection of machines. The server system generates a similarity search query for a target document, the similarity search query including identifiers of terms in the target document and optionally document frequency information for those terms, obtained from the global dictionary, and sends, through one or more linear communication orbits, the similarity search query to one or more respective machines in the collection of machines.
    Type: Grant
    Filed: February 22, 2021
    Date of Patent: January 30, 2024
    Assignee: TANIUM INC.
    Inventors: Naveen Goela, Joshua F. Stoddard, John R. Coates, Christian L. Hunt, Adam Mustafa
  • Reliable map-reduce communications in a decentralized, self-organizing communication orbit of a distributed network
    Patent number: 9910752
    Abstract: Method and system for providing message communications with failure detection and recovery are disclosed. At a respective node of a non-static collection of nodes forming a linear communication orbit: the node identifies, from among the non-static collection of nodes, a set of forward contacts distributed in a forward direction along the linear communication orbit; the node monitors a propagation state of a first query that has departed from the respective node to travel in the forward direction along the linear communication orbit; and upon detecting a propagation failure of the first query based on the monitoring, the node sends the first query directly to a first forward contact among the set of forward contacts to initiate a failure recovery process within at least part of a segment of the linear communication orbit between the respective node and the first forward contact of the respective node.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: March 6, 2018
    Assignee: TANIUM INC.
    Inventors: Lisa Lippincott, David Hindawi, Orion Hindawi, Peter Lincroft
  • Risk scoring based on compliance verification test results in a local network
    Patent number: 11563764
    Abstract: A server system sends, via a linearly ordered communication orbit, to computational machines at a first subset of nodes in a computer network, a set of local environment verification tests and a set of mappings that map results of the local environment verification tests into a set of risk scores. Requests sent by the server system cause the computational machines at the plurality of nodes to: locally evaluate the set of local environment verification tests to produce test results, and locally map the test results using the set of mappings into a set of risk scores. Queries sent by the server cause the computational machines at the plurality of nodes to return to the server system at least a portion of the test results and risk scores. The server, identifies, based on the received test results and risk scores, computational machines and/or control categories having risk scores satisfying predefined criteria.
    Type: Grant
    Filed: August 24, 2020
    Date of Patent: January 24, 2023
    Assignee: TANIUM INC.
    Inventors: James B. Hoscheit, Peyton T. Ball, E. Egon Rinderer, John Phillip Ham
  • Distributed statistical detection of network problems and causes
    Patent number: 8972566
    Abstract: In a network, a set of machines communicate pairwise, each conditionally adjusting messages in response to its own local state, and each in response to statistical methods conditionally propagating those messages, with the effect that problems with that network, or with a subset of its machines, are reported to a receiver/server. Only a substantially constant number of reports are made to the receiver/server, even when there are a substantial number of such machines able to detect that problem. When a problem is reported, a similar technique causes the machines to collectively evaluate and report suggested causes for that problem. Messages are propagated from each machine to another using locally random global locality. The machines in the network, in response to statistical techniques, organize hierarchically in O(log n) time, where n is the number of machines in the network, substantially without any requirement for nonlocal message exchange.
    Type: Grant
    Filed: November 21, 2011
    Date of Patent: March 3, 2015
    Assignee: Tanium Inc.
    Inventors: David Hindawi, Orion Hindawi, Lisa Lippincott, Peter Lincroft
  • Integrity monitoring in a local network
    Patent number: 10498744
    Abstract: This application is directed to an integrity monitoring method performed at a computational machine in a linear communication orbit. The computational machine receives a watch list through the linear communication orbit. The watch list identifies objects for which events are to be monitored at the computational machine. While a plurality of events are occurring locally at the computational machine, the computational machine identifies the plurality of events in real-time. The identified events include events for the objects identified by the watch list, and event information for these identified events is stored in a local database of the computational machine. In response to an integrity reporting request received through the linear communication orbit, the computational machine identifies event information for at least some of the objects identified by the watch list in the local database, and returns the identified event information to a server system through the linear communication orbit.
    Type: Grant
    Filed: September 22, 2017
    Date of Patent: December 3, 2019
    Assignee: TANIUM INC.
    Inventors: Christian L. Hunt, Thomas R. Gissel, Aaron Tarter, Daniel Floyd, Benjamin Hobbs, Michael Smith
  • Distributed data analysis for streaming data sources
    Patent number: 11153383
    Abstract: This application is directed to a distributed data processing method performed at a server system coupled to a linear communication orbit. The server system has a plurality of function modules. Each function module is configured to collect data related to a core function from the linear communication orbit. Each function module includes an internal client configured to adaptively perform a set of data processing operations according to a schema definition, including generating a data collection request for collecting raw data items, sending the data collection request through the linear communication orbit, collecting the requested raw data items from a set of machines via the linear communication orbit, and performing analysis on the collected raw data items. In some embodiments, a central data management module of the one or more servers is configured to provide the schema definition to and receive result data reported from the function modules.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: October 19, 2021
    Assignee: TANIUM INC.
    Inventors: Ryan S. Richards, John R. Coates, James B. Evans
  • Risk scoring based on compliance verification test results in a local network
    Patent number: 11777981
    Abstract: A server system sends, via a linearly ordered communication orbit, to computational machines at a first subset of nodes in a computer network, a set of local environment verification tests and a set of mappings that map results of the local environment verification tests into a set of risk scores. Requests sent by the server system cause the computational machines at the plurality of nodes to: locally evaluate the set of local environment verification tests to produce test results, and locally map the test results using the set of mappings into a set of risk scores. Queries sent by the server cause the computational machines at the plurality of nodes to return to the server system at least a portion of the test results and risk scores. The server, identifies, based on the received test results and risk scores, computational machines and/or control categories having risk scores satisfying predefined criteria.
    Type: Grant
    Filed: January 20, 2023
    Date of Patent: October 3, 2023
    Assignee: TANIUM INC.
    Inventors: James B. Hoscheit, Peyton T. Ball, E. Egon Rinderer, John Phillip Ham
  • Reliable map-reduce communications in a decentralized, self-organizing communication orbit of a distributed network
    Patent number: 11809294
    Abstract: A first machine identifies, from among a non-static collection of machines, a respective set of forward contacts that comprises a set of machines. The set of forward contacts are distributed along the ordered sequence in the forward direction away from the respective machine in an order of increasing similarity between the respective channel number assigned to the first machine and a respective channel number assigned to each of the set of forward contacts. The first machine establishes a respective direct communication channel between the first machine and each of the set of forward contacts. The first machine sends a first query to a first forward contact and sends collected answers for the first query to at least a second forward contact that has a greater similarity to the first machine based on the respective channel numbers of the first machine and the first and second forward contacts.
    Type: Grant
    Filed: October 3, 2022
    Date of Patent: November 7, 2023
    Assignee: TANIUM INC.
    Inventors: Lisa Lippincott, David Hindawi, Orion Hindawi, Peter Lincroft
  • Reliable map-reduce communications in a decentralized, self-organizing communication orbit of a distributed network
    Patent number: 10649870
    Abstract: Method and system for providing message communications with failure detection and recovery are disclosed. At a respective node of a non-static collection of nodes forming a linear communication orbit: the node identifies, from among the non-static collection of nodes, a set of forward contacts distributed in a forward direction along the linear communication orbit; the node monitors a propagation state of a first query that has departed from the respective node to travel in the forward direction along the linear communication orbit; and upon detecting a propagation failure of the first query based on the monitoring, the node sends the first query directly to a first forward contact among the set of forward contacts to initiate a failure recovery process within at least part of a segment of the linear communication orbit between the respective node and the first forward contact of the respective node.
    Type: Grant
    Filed: January 23, 2018
    Date of Patent: May 12, 2020
    Assignee: TANIUM INC.
    Inventors: Lisa Lippincott, David Hindawi, Orion Hindawi, Peter Lincroft
  • System and method for performing security management operations in network having non-static collection of nodes
    Patent number: 10111208
    Abstract: Machines in a managed network implement a set of rules that cause individual machines to directly interact with only a small number of machines in the network. Independent local actions of the individual machines collectively cause the individual machines to be self-organized into one or more communication orbits without any global control or coordination by a server or an administrator. The communication orbits are used for supporting security management, including, at a first node of the network, receiving a security management message from an upstream neighbor through a respective receiving channel from the upstream neighbor to the first node; performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and forwarding the security management message to a downstream neighbor through a respective propagation channel from the first node to the downstream neighbor.
    Type: Grant
    Filed: June 6, 2016
    Date of Patent: October 23, 2018
    Assignee: TANIUM INC.
    Inventors: David Hindawi, Orion Hindawi, Lisa Lippincott, Peter Lincroft
  • Distributed statistical detection of network problems and causes
    Patent number: 8086729
    Abstract: In a network, a set of machines communicate pairwise, each conditionally adjusting messages in response to its own local state, and each in response to statistical methods conditionally propagating those messages, with the effect that problems with that network, or with a subset of its machines, are reported to a receiver/server. Only a substantially constant number of reports are made to the receiver/server, even when there are a substantial number of such machines able to detect that problem. When a problem is reported, a similar technique causes the machines to collectively evaluate and report suggested causes for that problem. Messages are propagated from each machine to another using locally random global locality. The machines in the network, in response to statistical techniques, organize hierarchically in O(log n) time, where n is the number of machines in the network, substantially without any requirement for nonlocal message exchange.
    Type: Grant
    Filed: March 27, 2009
    Date of Patent: December 27, 2011
    Assignee: Tanium Inc.
    Inventors: David Hindawi, Orion Hindawi, Lisa Lippincott, Peter Lincroft
  • Evaluating machine and process performance in distributed system
    Patent number: 11609835
    Abstract: Performance of a collection of machines, arranged in a linear sequence of machines that form a linear communication orbit (LCO), is monitored. Multiple machines in the LCO receive, via the LCO, a set of rules (or various subsets of the same set of rules), each rule specifying one or a combination of conditions (e.g., a performance metric and corresponding criterion) for satisfying the rule, evaluate those rules with respect to locally occurring events and local processes, and stores results of those evaluations in a local database. In response to a performance query sent to the machines via the LCO, each of the machines returns a report, including information identifying processes whose performance during the specified time period satisfies at least one rule in the set of one or more rules. Those reports are aggregated and used to present performance information to a user.
    Type: Grant
    Filed: July 30, 2020
    Date of Patent: March 21, 2023
    Assignee: TANIUM INC.
    Inventors: Daniel Varga, Christian L. Hunt, Casey Watson, Trever Shick, Michelle Rezentes, Ryan Catherman, Joshua F. Stoddard
  • System and method for prioritizing distributed system risk remediations
    Patent number: 11831670
    Abstract: A server system obtains, for machines in a distributed system, system risk information, such as information identifying open sessions between respective users and respective machines, information identifying vulnerabilities in respective machines; and administrative rights information identifying groups of users having administrative rights to respective machines. The server system determines security risk factors, including risk factors related to lateral movement between logically coupled machines, and generates machine risk assessment values for at least a subset of the machines, based on a weighted combination of the risk factors. A user interface that includes a list of machines, sorted in accordance with the machine risk assessment values is presented to a user.
    Type: Grant
    Filed: November 18, 2020
    Date of Patent: November 28, 2023
    Assignee: TANIUM INC.
    Inventors: Stefan Horst-Guenter Molls, Joshua M. Bryant, Keith A. Robertson, John E. Foscue
  • System and method for performing search requests in a network
    Patent number: 11372938
    Abstract: A machine in a linear communication orbit receives a query, including a set of one or more rules, through the linear communication orbit. The machine, for each respective rule: identifies files that contain content that satisfies the respective rule, generates a first report identifying a count of files at the machine that contain content satisfying the rule, and sends the first report through the linear communication orbit to a server. The machine receives an instruction packet from an external machine that includes an instruction for establishing a direct duplex connection between the respective machine and the external machine. then sends a request to the external machine to establish the direct duplex connection. The machine sends to the external machine, via the direct duplex connection, a second report including information identifying files at the machine that contain file content satisfying each rule in the set of one or more rules.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: June 28, 2022
    Assignee: TANIUM INC.
    Inventors: Joshua F. Stoddard, Sachin P. Patel, Shawn M. Surber, Aaron J. Tarter, John R. Coates
  • System and method of performing similarity search queries in a network
    Patent number: 10929345
    Abstract: In a distributed system, each of N machines receives a similarity search query through a linear communication orbit. The similarity search query includes token identifiers corresponding to tokens in a target document. Each machine, in response, identifies files that meet predefined similarity criteria with respect to the target document. Subsequent to receiving the similarity search query, the machine generates a first report, including a count of files stored at the machine that meet the predefined similarity criteria with respect to the target document, and/or information identifying a set of files that meet the predefined similarity criteria with respect to the target document; and sends the first report to a server through the linear communication orbit. The server produces a merged report presenting information with respect to files at a set of machines, including the N machines, that meet the predefined similarity criteria with respect to the target document.
    Type: Grant
    Filed: August 5, 2019
    Date of Patent: February 23, 2021
    Assignee: TANIUM INC.
    Inventors: Joshua F. Stoddard, John R. Coates, Naveen Goela, Aaron J. Tarter, Christian L. Hunt
  • System and method for performing event inquiries in a network
    Patent number: 10482242
    Abstract: A respective node in a linear communication orbit receives an instruction packet through the linear communication orbit, where the instruction packet has been propagated from a starting node to the respective node through one or more upstream nodes along the linear communication orbit, and the instruction packet includes an instruction for establishing a direct duplex connection between the respective node and a respective server. In response to receiving the instruction packet, the respective node sends an outbound connection request to the respective server to establish the direct duplex connection. The respective node then uploads local data to the respective server through the direct duplex connection (e.g., in response to one or more queries, instructions, and requests received from the respective server through the direct duplex connection), where the respective server performs analysis on the local data received from the respective node through the direct duplex connection.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: November 19, 2019
    Assignee: TANIUM INC.
    Inventors: Christian L. Hunt, Thomas R. Gissel, Aaron Tarter, Daniel Floyd, Benjamin Hobbs
Narrow Results

Filter by US Classification