公开(公告)号：US20240406180A1

公开(公告)日：2024-12-05

申请号：US18326705

申请日：2023-05-31

Applicant: SailPoint Technologies, Inc.

Inventor： Kristopher A. Keller ,  Manoj K. Guglani

IPC: H04L9/40 ,  H04L41/22

Abstract: Systems and methods are disclosed relating to identity governance and privileged access control in a distributed networked computing environment for cloud based computing services. Embodiments disclosed include a logical model developed to describe the effective access of multiple cloud service providers (CSPs), each of which may be based on different access systems. The resulting system can then provide a singular experience across all CSPs used by users, giving users a clear picture of how access is achieved.

公开(公告)号：US12041056B2

公开(公告)日：2024-07-16

申请号：US17948635

申请日：2022-09-20

Applicant: SailPoint Technologies, Inc.

Inventor： Mohamed M. Badawy ,  Jostine Fei Ho

IPC: H04L29/06 ,  G06F16/901 ,  H04L9/40

CPC classification number: H04L63/102 ,  G06F16/9024 ,  H04L63/0892 ,  H04L63/104 ,  H04L63/20

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing identities or entitlements of a distributed networked enterprise computing environment. Specifically, in certain embodiments, an artificial intelligence based identity management systems may utilize the peer grouping of an identity graph (or peer grouping of portions or subgraphs thereof) to identify roles from peer groups or the like.

公开(公告)号：US12041046B2

公开(公告)日：2024-07-16

申请号：US17944319

申请日：2022-09-14

Applicant: SailPoint Technologies, Inc.

Inventor： Brian Eric Rose ,  Nicholas Ryan Wellinghoff

IPC: H04L29/06 ,  H04L9/40 ,  H04L67/10

CPC classification number: H04L63/0815 ,  H04L63/102 ,  H04L63/20 ,  H04L67/10

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Specifically, embodiments of an identity management system may provide identity management in association with cloud services used by an enterprise and, in particular, may provide identity management in association with cloud based services that may be accessed through federated access providers.

公开(公告)号：US20240193519A1

公开(公告)日：2024-06-13

申请号：US18077644

申请日：2022-12-08

Applicant: SailPoint Technologies, Inc.

Inventor： Jeremy Holovacs

IPC: G06Q10/06 ,  G06F16/2457 ,  G06F16/248

CPC classification number: G06Q10/0635 ,  G06F16/24573 ,  G06F16/248

Abstract: A database-driven analytics engine can break permission data from different enterprise-class systems down to the smallest components and roll them back up one level at a time, to permission groups, to business functions, then to risks (rules). This processing produces a list of complete permissions on a per user basis and allows the engine to conduct access risk analyses across the different enterprise-class systems. Responsive to a multi-system analysis request, the engine can query a database for the list of complete permissions on a per user basis and analyze in view of user permissions granted to each user and business functions assigned to the respective user in a system-agnostic manner and determine user access risks based on rules governing those business functions. Insights from this multi-system analysis can be used for generating a report on system-wide access risks. The report can be presented through a user interface.

公开(公告)号：US11822685B2

公开(公告)日：2023-11-21

申请号：US17140941

申请日：2021-01-04

Applicant: SailPoint Technologies, Inc.

Inventor： Jeremy James Southerland ,  Ryan Allan Pickens

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/40

CPC classification number: G06F21/6218 ,  H04L63/102

Abstract: Systems and methods for embodiments of identity management systems and data models used by identity management systems are disclosed. Embodiments of the identity management systems and associated data models as disclosed herein may associate identities with their respective entitlements, while preserving the hierarchy imposed by the source system from which those identities or entitlement were derived, including the hierarchical structure that resulted in the (direct or effective) assignment of such an entitlement, along with the hierarchical nature of the digital assets to which those entitlements pertain. Using embodiments of the disclosed data model embodiments of identity management systems may implement tasks, processes or policies that take advantage of the ability to easily navigate between an identity and its respective entitlements, the management structures that resulted in the entitlement being assigned or the hierarchical relationships between the digital assets corresponding to those entitlements.

公开(公告)号：US11818136B2

公开(公告)日：2023-11-14

申请号：US17391371

申请日：2021-08-02

Applicant: SailPoint Technologies, Inc.

Inventor： Mohamed M. Badawy ,  Jostine Fei Ho ,  Rajat Kabra

IPC: H04L9/40 ,  G06N20/00 ,  H04L41/16 ,  G06F21/60 ,  G06F21/62

CPC classification number: H04L63/104 ,  G06F21/604 ,  G06F21/62 ,  G06N20/00 ,  H04L41/16 ,  H04L63/08 ,  H04L63/10

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing identities or entitlements of a distributed networked enterprise computing environment. Specifically, in certain embodiments, an artificial intelligence based identity governance systems may include an intelligent decision support agent to provide an approval or denial recommendation for an access request. To provide an approval or denial recommendation, the intelligent agent may utilize a classifier trained on historical certification data. The intelligent agent may utilize features which represent relevant signals to the approval or denial decision including features that may be associated with a network graph of the identities and entitlements of the enterprise computing environment.

公开(公告)号：US11729169B2

公开(公告)日：2023-08-15

申请号：US17554942

申请日：2021-12-17

Applicant: Sailpoint Technologies, Inc.

Inventor： Cameron Williams ,  Ryan Privette ,  Christopher Chad Wheeler ,  Andrew John Cer ,  Joseph Nathan Zendle

IPC: H04L9/40 ,  H04L12/46

CPC classification number: H04L63/0884 ,  H04L12/4633 ,  H04L12/4641 ,  H04L63/0272 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/0846 ,  H04L63/0876

Abstract: Systems and methods for network security are provided. Various embodiments issue single use certificates for validating remote endpoints access to the private network. Some embodiments use a triage zone (or triage gateway) to which remote device can calls into using a static issued certificate. However, instead of granting complete access to the virtual private network, the use of this static certificate only grants access to the triage zone where further validation of the endpoint without any access to sensitive content on the private network. The endpoint can be connected to an ID manager within the triage zone. The endpoint can then send the username and password to the ID manager that can create a single use certificate (e.g., valid for a limited period of time). While valid, the single use certificate can be used by the remote device to gain access to the production zone using a VPN tunnel.

公开(公告)号：US20220300586A1

公开(公告)日：2022-09-22

申请号：US17698178

申请日：2022-03-18

Applicant: SailPoint Technologies, Inc

Inventor： Matthew Lee Domsch ,  Rohit Gupta

IPC: G06F21/31 ,  G06F21/62 ,  G06N20/00

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the correlation of identities determined authoritative source systems with uncorrelated accounts within an enterprise using artificial intelligence techniques.

公开(公告)号：US11388169B2

公开(公告)日：2022-07-12

申请号：US16861335

申请日：2020-04-29

Applicant: SailPoint Technologies, Inc.

Inventor： Mohamed M. Badawy ,  Jostine Fei Ho

IPC: H04L29/06 ,  H04L9/40 ,  G06F16/901

Abstract: Systems and methods for artificial intelligence systems for identity management systems are disclosed. Embodiments may perform outlier detection and risk assessment based on identity management data, including one or more property graphs or peer groups determined from those property graphs, to determine identity management artifacts with ‘abnormal’ patterns when compared to other related identity management artifacts.

公开(公告)号：US11368448B2

公开(公告)日：2022-06-21

申请号：US17181878

申请日：2021-02-22

Applicant: SailPoint Technologies, Inc.

Inventor： Ryan Privette ,  Kris Keller

IPC: G06F12/00 ,  H04L9/40 ,  G06F12/0802

Abstract: Systems and methods for network security are provided. Various embodiments of the present technology provide systems and methods for an identity security gateway agent that provides for privileged access. Embodiments include a system and method that uses a single sign-on (SSO) (or similar) mechanism to facilitate a user accessing web-based service providers, but separates the assertion and entire SSO process from the user credential.