公开(公告)号：US20230315439A1

公开(公告)日：2023-10-05

申请号：US17706781

申请日：2022-03-29

申请人： BANK OF AMERICA CORPORATION

发明人： Tomas M. Castrejon, III ,  Manu Jacob Kurian ,  David Nardoni ,  Joel Townsend ,  Michael Robert Young

IPC分类号： G06F8/70 ,  G06F21/57 ,  G06N5/02

CPC分类号： G06F8/70 ,  G06F2221/033 ,  G06N5/022 ,  G06F21/577

摘要： Systems, computer program products, and methods are described herein for enhanced component-level detection in software applications. The present invention is configured to receive, from a client device, one or more data packets with payload containing a request to onboard a first application into a computing environment; determine, using an application ingestion subsystem, information associated with the first application; deploy, using a machine learning subsystem, a trained machine learning model on the information associated with the first application; determine, using the trained machine learning model, one or more components associated with the first application and one or more component scanning parameters for each of the one or more components; and build a software bill of materials (SBOM) for the first application based on at least the one or more components.

公开(公告)号：US20240305991A1

公开(公告)日：2024-09-12

申请号：US18668215

申请日：2024-05-19

申请人： BANK OF AMERICA CORPORATION

发明人： Tomas M. Castrejon, III ,  Manu Jacob Kurian ,  David Nardoni ,  Joel Townsend ,  Michael Robert Young

IPC分类号： H04W12/50 ,  H04W12/102 ,  H04W12/60 ,  H04W76/15

CPC分类号： H04W12/50 ,  H04W12/102 ,  H04W12/66 ,  H04W76/15

摘要： Systems, computer program products, and methods are described herein for dynamic communication channel switching for secure message propagation. The present invention may be configured to receive wireless signals from a plurality of devices and identify, from the plurality of devices and based on the wireless signals, a trusted device. The present invention may be configured to receive, from another device, a secure message, where the secure message includes information identifying a vulnerability in a network to which the trusted device is connected. The present invention may be configured to establish, based on receiving the secure message and using a first wireless communication interface, a communication link with a second wireless communication interface of the trusted device to establish a wireless data channel with the trusted device and transmit, via the wireless data channel, the secure message to the trusted device.

公开(公告)号：US12093377B2

公开(公告)日：2024-09-17

申请号：US17730744

申请日：2022-04-27

申请人： BANK OF AMERICA CORPORATION

发明人： Tomas M. Castrejon, III ,  Michael Robert Young ,  David Nardoni ,  Joel Townsend ,  Manu Jacob Kurian

IPC分类号： G06F21/55 ,  G06F21/57

CPC分类号： G06F21/554 ,  G06F21/552 ,  G06F21/577

摘要： Various systems, methods, and computer program products for providing data security using software library containers are provided. The method includes identifying a software library used by a first application with a potential vulnerability. The method also includes determining a software library permission for the software library used by the first application based on the potential vulnerability. The software library permission for the software library defines a level of functionality of at least a portion of the software library. The method further includes identifying one or more additional applications that use the software library. The method still further includes causing the software library permission to be applied to the software library installed on the first application and at least one of the one or more additional applications.

公开(公告)号：US12035142B2

公开(公告)日：2024-07-09

申请号：US17699479

申请日：2022-03-21

申请人： BANK OF AMERICA CORPORATION

发明人： Tomas M. Castrejon, III ,  Manu Jacob Kurian ,  David Nardoni ,  Joel Townsend ,  Michael Robert Young

IPC分类号： H04M1/66 ,  H04W12/102 ,  H04W12/50 ,  H04W12/60 ,  H04W76/15

CPC分类号： H04W12/50 ,  H04W12/102 ,  H04W12/66 ,  H04W76/15

摘要： Systems, computer program products, and methods are described herein for dynamic communication channel switching for secure message propagation. The present invention may be configured to receive wireless signals from a plurality of devices and identify, from the plurality of devices and based on the wireless signals, a trusted device. The present invention may be configured to receive, from another device, a secure message, where the secure message includes information identifying a vulnerability in a network to which the trusted device is connected. The present invention may be configured to establish, based on receiving the secure message and using a first wireless communication interface, a communication link with a second wireless communication interface of the trusted device to establish a wireless data channel with the trusted device and transmit, via the wireless data channel, the secure message to the trusted device.

公开(公告)号：US20230351012A1

公开(公告)日：2023-11-02

申请号：US17730744

申请日：2022-04-27

申请人： BANK OF AMERICA CORPORATION

发明人： Tomas M. Castrejon, III ,  Michael Robert Young ,  David Nardoni ,  Joel Townsend ,  Manu Jacob Kurian

IPC分类号： G06F21/55 ,  G06F21/57

CPC分类号： G06F21/554 ,  G06F21/552 ,  G06F21/577

摘要： Various systems, methods, and computer program products for providing data security using software library containers are provided. The method includes identifying a software library used by a first application with a potential vulnerability. The method also includes determining a software library permission for the software library used by the first application based on the potential vulnerability. The software library permission for the software library defines a level of functionality of at least a portion of the software library. The method further includes identifying one or more additional applications that use the software library. The method still further includes causing the software library permission to be applied to the software library installed on the first application and at least one of the one or more additional applications.

公开(公告)号：US12086269B2

公开(公告)日：2024-09-10

申请号：US17699443

申请日：2022-03-21

申请人： BANK OF AMERICA CORPORATION

发明人： Manu Jacob Kurian ,  Tomas M. Castrejon, III ,  Michael Robert Young ,  David Nardoni ,  Joel Townsend

IPC分类号： G06F21/57 ,  G06F8/60 ,  G06F8/65

CPC分类号： G06F21/577 ,  G06F8/60 ,  G06F8/65 ,  G06F2221/033

摘要： Systems, computer program products, and methods are described herein for deployable software vulnerability testing platform. The present invention is configured to receive, from a user input device, an initial request from a user to generate a deployable software vulnerability testing (SVT) engine; prompt an SVT dashboard for display on the user input device to receive one or more input parameters associated with the first vulnerability in response to receiving the initial request; receive, via the SVT dashboard, the one or more input parameters; generate the SVT engine based on at least the one or more input parameters; receive, from the user input device, one or more deployment parameters associated with a deployment of the SVT engine; and deploy the SVT engine within the distributed technology infrastructure to identify the one or more instances of the first vulnerability based on at least the one or more deployment parameters.

公开(公告)号：US12073209B2

公开(公告)日：2024-08-27

申请号：US17706781

申请日：2022-03-29

申请人： BANK OF AMERICA CORPORATION

发明人： Tomas M. Castrejon, III ,  Manu Jacob Kurian ,  David Nardoni ,  Joel Townsend ,  Michael Robert Young

IPC分类号： G06F8/70 ,  G06F21/57 ,  G06N5/022

CPC分类号： G06F8/70 ,  G06F21/577 ,  G06N5/022 ,  G06F2221/033

摘要： Systems, computer program products, and methods are described herein for component-level detection in third party software applications. An example system may receive, from a client device, data packets with payload containing a request to onboard a first application into a computing environment. In response, the system may determine, using an application ingestion subsystem, information associated with the first application, and subsequently deploy, using a machine learning subsystem, a trained machine learning model on the information to various components associated with the first application and component scanning parameters for each of the one or more components. Based on components, the system may build a software bill of materials (SBOM) for the first application.

公开(公告)号：US20230297689A1

公开(公告)日：2023-09-21

申请号：US17699443

申请日：2022-03-21

申请人： BANK OF AMERICA CORPORATION

发明人： Manu Jacob Kurian ,  Tomas M. Castrejon, III ,  Michael Robert Young ,  David Nardoni ,  Joel Townsend

IPC分类号： G06F21/57 ,  G06F8/60

CPC分类号： G06F21/577 ,  G06F8/60 ,  G06F2221/033 ,  G06F8/65

摘要： Systems, computer program products, and methods are described herein for deployable software vulnerability testing platform. The present invention is configured to receive, from a user input device, an initial request from a user to generate a deployable software vulnerability testing (SVT) engine; prompt an SVT dashboard for display on the user input device to receive one or more input parameters associated with the first vulnerability in response to receiving the initial request; receive, via the SVT dashboard, the one or more input parameters; generate the SVT engine based on at least the one or more input parameters; receive, from the user input device, one or more deployment parameters associated with a deployment of the SVT engine; and deploy the SVT engine within the distributed technology infrastructure to identify the one or more instances of the first vulnerability based on at least the one or more deployment parameters.

公开(公告)号：US20230177511A1

公开(公告)日：2023-06-08

申请号：US17543114

申请日：2021-12-06

申请人： Bank of America Corporation

发明人： Peter Kurrasch ,  Joel Townsend

IPC分类号： G06Q20/40 ,  G06Q20/42 ,  G06Q20/34 ,  G06N3/04

CPC分类号： G06Q20/4016 ,  G06Q20/4014 ,  G06Q20/407 ,  G06Q20/425 ,  G06Q20/353 ,  G06N3/04

摘要： Aspects of the disclosure relate to a payment device to detect real-time suspicious payment cards. Prior to a transaction, a payment device detects suspicious payment cards based on captured images of the payment card. An alert may be generated upon detection of any suspicious or fraudulent payment card. In some arrangements, the payment device may utilize machine learning models or machine learning capabilities to detect suspicious payment cards. A characterization score may be generated and used to determine if a payment card is suspicious. The characterization scores may be updated based on different card issuer criteria and transaction use of each payment card.

公开(公告)号：US20240362341A1

公开(公告)日：2024-10-31

申请号：US18756947

申请日：2024-06-27

申请人： BANK OF AMERICA CORPORATION

发明人： Manu Jacob Kurian ,  Tomas M. Castrejon, III ,  Michael Robert Young ,  David Nardoni ,  Joel Townsend

IPC分类号： G06F21/57 ,  G06F8/60 ,  G06F8/65

CPC分类号： G06F21/577 ,  G06F8/60 ,  G06F8/65 ,  G06F2221/033

摘要： Systems, computer program products, and methods are described herein for deployable software vulnerability testing platform. The present invention is configured to receive, from a user input device, an initial request from a user to generate a deployable software vulnerability testing (SVT) engine; prompt an SVT dashboard for display on the user input device to receive one or more input parameters associated with the first vulnerability in response to receiving the initial request; receive, via the SVT dashboard, the one or more input parameters; generate the SVT engine based on at least the one or more input parameters; receive, from the user input device, one or more deployment parameters associated with a deployment of the SVT engine; and deploy the SVT engine within the distributed technology infrastructure to identify the one or more instances of the first vulnerability based on at least the one or more deployment parameters.