-
公开(公告)号:US11886507B2
公开(公告)日:2024-01-30
申请号:US17982457
申请日:2022-11-07
申请人: QOMPLX, INC.
发明人: Jason Crabtree , Richard Kelley
IPC分类号: G06F16/90 , G06F16/901 , G06N5/02 , G06F16/28 , G06F16/22 , G06F16/2458 , G06F18/20
CPC分类号: G06F16/9024 , G06F16/2272 , G06F16/2458 , G06F16/284 , G06F18/29 , G06N5/02
摘要: A system and method for cybersecurity analysis utilizing high-performance, scalable, multi-tenant, dynamically specifiable, knowledge graph information storage and utilization. The system uses an in-memory associative array for high-performance graph storage and access, with a non-volatile distributed database for scalable backup storage, a scalable, distributed graph service for graph creation, an indexing search engine to increase searching performance, and a graph crawler for graph traversal. One or more of these components may be in the form of a cloud-based service, and in some embodiments the cloud-based services may be containerized to allow for multi-tenant co-existence with no possibility of data leakage or cross-over. The system uses a cyber-physical graph to represent an enterprise's cyber-physical system and can provide graph analysis, graph security, and graph fusion related tasks to identify potential cybersecurity threats.
-
2.发明公开公开(公告)号:US20240022547A1
公开(公告)日:2024-01-18
申请号:US18361831
申请日:2023-07-29
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Richard Kelley
CPC分类号: H04L63/0428 , H04L9/3236 , H04L9/3239 , H04L63/1433 , H04L63/1425 , H04L63/0807 , H04L63/0815 , H04L63/145
摘要: A system and method that uses midservers located between an enterprise network and an external network to provide mass scanning network traffic detection and analysis capabilities for the enterprise network. The midserver may be loaded with configurations that allow it to operate as a mass scan event detector capable of detecting network sniffers, botnets, and malicious peer-to-peer connections which can lead to security vulnerabilities. In such configurations, midserver may receive and analyze network traffic to determine if the network traffic is suspicious based on heuristic and signature-based techniques, and then generate an appropriate response action which can be implemented to mitigate the risk.
-
3.发明授权公开(公告)号:US11818150B2
公开(公告)日:2023-11-14
申请号:US17975548
申请日:2022-10-27
申请人: QOMPLX, Inc.
发明人: Randy Clayton , Jason Crabtree , Luka Jurukovski , Richard Kelley , Angadbir Singh Salaria , Andrew Sellers , Farooq Israr Ahmed Shaikh
CPC分类号: H04L63/1416 , H04L63/0876 , H04L63/1425 , H04L63/1466
摘要: A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.
-
公开(公告)号:US20230362200A1
公开(公告)日:2023-11-09
申请号:US18339214
申请日:2023-06-21
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Richard Kelley
IPC分类号: H04L9/40 , G06F16/951 , G06F16/2458
CPC分类号: H04L63/20 , H04L63/1425 , G06F16/951 , G06F16/2477 , H04L63/1441
摘要: A system and method for operational and cyber risk assessment that utilizes a data-driven approach to evaluate the current security posture and identify areas for improvement based on the user's desired target profile. This process involves estimating the costs and benefits associated with various security program enhancements, increased, hiring, and control uplifts. The system and method then quantify these benefits in terms of reduction in tail value at risk, expected losses, cyber insurance premiums, and the amount of risk capital set aside. The system simulates attack paths associated with various risk scenarios and uses a risk scenario model to compute losses associated with each attack path for each risk scenario. The results of the simulation may be used to determine one or more business outcomes associated with the costs and benefits of implementing security enhancements.
-
公开(公告)号:US20230362141A1
公开(公告)日:2023-11-09
申请号:US18333414
申请日:2023-06-12
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Richard Kelley
CPC分类号: H04L63/0428 , H04L9/3236 , H04L9/3239 , H04L63/0807 , H04L63/0815 , H04L63/1425 , H04L63/1433 , H04L63/145
摘要: A system and method for scoring and enforcing authentication standards that actually enable zero trust network security principles when combined with stateful authentication object tracking, authentication object manipulation and forgery detection, and assessment of authentication and identity attack surface. The methodology involves gathering all authentication objects issued by a network, storing the authentication objects in a centralized location for use in stateful deterministic authentication object tracking, scoring the completeness of the authentication observations, assessing the quality of the authentication observations, and assigning organization-specific penalty functions.
-
公开(公告)号:US11792229B2
公开(公告)日:2023-10-17
申请号:US17389863
申请日:2021-07-30
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Andrew Sellers
IPC分类号: H04L9/40 , G06F16/2458 , G06F16/951
CPC分类号: H04L63/20 , G06F16/2477 , G06F16/951 , H04L63/1425 , H04L63/1441
摘要: A system and method for automated cybersecurity defensive strategy analysis that predicts the evolution of new cybersecurity attack strategies and makes recommendations for cybersecurity improvements to networked systems based on a cost/benefit analysis. The system and method use machine learning algorithms to run simulated attack and defense strategies against a model of the networked system created using a directed graph. Recommendations are generated based on an analysis of the simulation results against a variety of cost/benefit indicators.
-
7.发明公开公开(公告)号:US20230328132A1
公开(公告)日:2023-10-12
申请号:US18186605
申请日:2023-03-20
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Richard Kelley
IPC分类号: H04L67/10
CPC分类号: H04L67/10
摘要: A system and method that uses midservers located between the business enterprise computer infrastructure and the cloud-based infrastructure to collect, aggregate, analyze, transform, and securely transmit data from a multitude of computing devices and peripherals at an external network to a cloud-based service. The system and method make use of a plurality of virtual and physical worker agents which can be dynamically instantiated by a transformation engine to carry out one or more transformation sequences, based on pipeline instructions, to a received data stream to prepare the data for transmission as a target data stream format.
-
公开(公告)号:US20230308487A1
公开(公告)日:2023-09-28
申请号:US18189967
申请日:2023-03-24
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Andrew Sellers , Richard Kelley
IPC分类号: H04L9/40 , G06F16/2458 , G06F16/951
CPC分类号: H04L63/20 , H04L63/1425 , H04L63/1441 , G06F16/2477 , G06F16/951
摘要: A system and method for the secure and private demonstration of cloud-based cyber-security tools. Using an advanced sandboxing design patterns, isolated instances of virtual networks allow a potential client to compare their existing cyber defense tools against a set of cloud-based tools. Capitalizing on non-persistent and secure sandboxes allow the invention to demonstrate fully functional and devastating cyber-attacks while guaranteeing strict privacy and security to both existing customers and potential ones. Additionally, instantiating separate sandboxed observed systems in a single multi-tenant infrastructure provide each customer with the ability to rapidly create actual representations of their enterprise environment offering the most realistic and accurate demonstration and comparison between products.
-
公开(公告)号:US11757945B2
公开(公告)日:2023-09-12
申请号:US17829211
申请日:2022-05-31
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Andrew Sellers , Richard Kelley
IPC分类号: H04L9/40 , G06F16/2458 , G06F16/951 , G06F21/62 , H04L67/1097
CPC分类号: H04L63/20 , G06F16/2477 , G06F16/951 , G06F21/6218 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L67/1097
摘要: A system and method for the contextualization and management of collaborative databases in an adversarial information environment. The system and method feature the ability to scan for, ingest and process, and then use relational, wide column, and graph stores for capturing entity data, their relationships, and actions associated with them. Furthermore, meta-data is gathered and linked to the ingested data, which provides a broader contextual view of the environment leading up to and during an event of interest. The gathered data and meta-data is used to manage the reputation of the contributing data sources. The system links each successive data set, algorithm, or meta-data which might pertain to its unique identification and to its ultimate reputation, utility, or fitness for purpose.
-
公开(公告)号:US11757920B2
公开(公告)日:2023-09-12
申请号:US17390889
申请日:2021-07-31
申请人: QOMPLX, Inc.
发明人: Jason Crabtree , Andrew Sellers
CPC分类号: H04L63/1433 , G06N20/00 , H04L41/12 , H04L41/22 , H04L63/1416 , H04L63/1466
摘要: A system and method for network cybersecurity analysis that uses user and entity behavioral analysis combined with network topology information to provide improved cybersecurity. The system and method involve gathering network entity information, establishing baseline behaviors for each entity, and monitoring each entity for behavioral anomalies that might indicate cybersecurity concerns. Further, the system and method involve incorporating network topology information into the analysis by generating a model of the network, annotating the model with risk and criticality information for each entity in the model and with a vulnerability level between entities, and using the model to evaluate cybersecurity risks to the network. Risks and vulnerabilities associated with user entities may be represented, in part or in whole, by the behavioral analyses and monitoring of those user entities.
-
-
-
-
-
-
-
-
-
搜索结果
245 条记录 (耗时 0.023 秒)
