公开(公告)号：US20210385254A1

公开(公告)日：2021-12-09

申请号：US17445473

申请日：2021-08-19

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt

IPC: H04L29/06 ,  H04L12/24

Abstract: Deploying configurations on computing devices and validating compliance with the configurations during scheduled intervals. Particular embodiments described herein include computing devices that send a requests to a management platform at different time periods for lists of configurations that are assigned to those computing devices at those different time periods. Received lists include identifiers of the configurations that are assigned to the those computing devices during the different time periods. Local agents on the computing devices use the received lists to determine if each of the configurations in that list are implemented. If a configuration is not implemented on a computing device, the local agent on that computing device implements that configuration or alerts the management platform that the configuration could not be implemented.

公开(公告)号：US12045630B2

公开(公告)日：2024-07-23

申请号：US17663112

申请日：2022-05-12

Applicant: Kandji, Inc.

Inventor： Nicholas McDonald ,  Brandon Modesitt ,  Adam Pettit ,  Wesley Pettit ,  Mark Daughters

IPC: G06F9/445 ,  G06F3/04847

CPC classification number: G06F9/44505 ,  G06F3/04847

Abstract: A method involves instantiating a device agent at a computing device. The device agent receives initialization orchestration module configuration data from a management platform operating at a server. The device agent instantiates an initialization orchestration module at the computing device in accordance with the initialization orchestration module configuration data. The device agent transmits the configuration data to the initialization orchestration module. The initialization orchestration module displays a user interface in accordance with the initialization orchestration module configuration data. The device agent transmits a list of configuration items to the initialization orchestration module. The device agent processes a first configuration item of the list of configuration items. The initialization orchestration module receives status messages from the device agent regarding the first configuration item as the device agent processes the first configuration item. The initialization orchestration module displays a status of the first configuration item in accordance with the status messages.

公开(公告)号：US12010151B2

公开(公告)日：2024-06-11

申请号：US17445473

申请日：2021-08-19

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt

IPC: H04L9/40 ,  H04L41/0813 ,  H04L41/085

CPC classification number: H04L63/205 ,  H04L41/0813 ,  H04L41/085

Abstract: Deploying configurations on computing devices and validating compliance with the configurations during scheduled intervals. Particular embodiments described herein include computing devices that send a requests to a management platform at different time periods for lists of configurations that are assigned to those computing devices at those different time periods. Received lists include identifiers of the configurations that are assigned to the those computing devices during the different time periods. Local agents on the computing devices use the received lists to determine if each of the configurations in that list are implemented. If a configuration is not implemented on a computing device, the local agent on that computing device implements that configuration or alerts the management platform that the configuration could not be implemented.

公开(公告)号：US11461459B1

公开(公告)日：2022-10-04

申请号：US17453219

申请日：2021-11-02

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt ,  Nicholas McDonald

IPC: H04L29/06 ,  G06F21/45 ,  H04L1/08 ,  G06F21/31 ,  H04L9/40

Abstract: A method involves receiving authentication module configuration data at a user device from a remote management platform. User credentials are received at the authentication module of the user device using a graphical user interface. The user credentials are transmitted to a remote identity provider service. Upon receiving a response indicating that the user credentials are authenticated by the remote identity provider service, the user credentials are transmitted to an operating system authentication module at the user device. Upon receiving a response indicating that the user credentials are not authenticated by the operating system authentication module, previously-stored user credentials are retrieved from an encrypted credential database at the user device. The user credentials are stored at an operating system credential database using the previously-stored user credentials. The user credentials are retransmitted to the operating system authentication module to authenticate the user at the user device.

公开(公告)号：US11102251B1

公开(公告)日：2021-08-24

申请号：US16530290

申请日：2019-08-02

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt

IPC: H04L29/06 ,  H04L12/24

Abstract: Deploying configurations on computing devices and validating compliance with the configurations during scheduled intervals. Particular embodiments described herein include computing devices that send a requests to a management platform at different time periods for lists of configurations that are assigned to those computing devices at those different time periods. Received lists include identifiers of the configurations that are assigned to the those computing devices during the different time periods. Local agents on the computing devices use the received lists to determine if each of the configurations in that list are implemented. If a configuration is not implemented on a computing device, the local agent on that computing device implements that configuration or alerts the management platform that the configuration could not be implemented.

公开(公告)号：US20250007929A1

公开(公告)日：2025-01-02

申请号：US18883054

申请日：2024-09-12

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt

IPC: H04L9/40

Abstract: A method involves receiving a plurality of security rules from a remote management platform at an endpoint detection and response (EDR) module at a user device. The EDR module subscribes to one or more event types at the user device. The EDR module receives a notification of an event corresponding to one of the subscribed event types. Upon determining that the event is associated with a file stored at the user device, the EDR module instantiates an event tracer tree that is associated with the file. The EDR module generates a file hash value for the file using the event tracer tree. Upon determining that the file hash value satisfies a security rule, the EDR module quarantines the file and reports that the file has been quarantined.

公开(公告)号：US12113814B2

公开(公告)日：2024-10-08

申请号：US18520806

申请日：2023-11-28

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/145

Abstract: A method involves receiving a plurality of security rules from a remote management platform at an endpoint detection and response (EDR) module at a user device. The EDR module subscribes to one or more event types at the user device. The EDR module receives a notification of an event corresponding to one of the subscribed event types. Upon determining that the event is associated with a file stored at the user device, the EDR module instantiates an event tracer tree that is associated with the file. The EDR module generates a file hash value for the file using the event tracer tree. Upon determining that the file hash value satisfies a security rule, the EDR module quarantines the file and reports that the file has been quarantined.

公开(公告)号：US11874916B2

公开(公告)日：2024-01-16

申请号：US17931927

申请日：2022-09-14

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt ,  Nicholas McDonald

IPC: G06F21/45 ,  H04L1/08 ,  G06F21/31 ,  H04L9/40

CPC classification number: G06F21/45 ,  G06F21/31 ,  H04L1/08 ,  H04L63/0884

Abstract: A method involves receiving authentication module configuration data at a user device from a remote management platform. User credentials are received at the authentication module of the user device using a graphical user interface. The user credentials are transmitted to a remote identity provider service. Upon receiving a response indicating that the user credentials are authenticated by the remote identity provider service, the user credentials are transmitted to an operating system authentication module at the user device. Upon receiving a response indicating that the user credentials are not authenticated by the operating system authentication module, previously-stored user credentials are retrieved from an encrypted credential database at the user device. The user credentials are stored at an operating system credential database using the previously-stored user credentials. The user credentials are retransmitted to the operating system authentication module to authenticate the user at the user device.

公开(公告)号：US20240330015A1

公开(公告)日：2024-10-03

申请号：US18742716

申请日：2024-06-13

Applicant: Kandji, Inc.

Inventor： Brandon Modesitt ,  Wesley Pettit ,  Nicholas McDonald ,  Adam Pettit ,  Mark Daughters

IPC: G06F9/445 ,  G06F3/04847

CPC classification number: G06F9/44505 ,  G06F3/04847

Abstract: A method involves generating, using a web-portal provided by a management platform operating at a server, initialization orchestration module configuration data using a graphical customization user interface. The graphical customization user interface provides a graphical preview of a graphical status screen user interface. An initialization orchestration module instantiated at a computing device displays the graphical status screen user interface in accordance with the initialization orchestration module configuration data. A device agent instantiated at the computing device processes a first configuration item of a list of configuration items. The initialization orchestration module using the graphical status screen user interface, displays a status of the first configuration item in accordance with first status messages regarding the first configuration item as the device agent processes the first configuration item.

公开(公告)号：US20240187427A1

公开(公告)日：2024-06-06

申请号：US18520806

申请日：2023-11-28

Applicant: Kandji, Inc.

Inventor： Adam Pettit ,  Wesley Pettit ,  Mark Daughters ,  Brandon Modesitt

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/145

Abstract: A method involves receiving a plurality of security rules from a remote management platform at an endpoint detection and response (EDR) module at a user device. The EDR module subscribes to one or more event types at the user device. The EDR module receives a notification of an event corresponding to one of the subscribed event types. Upon determining that the event is associated with a file stored at the user device, the EDR module instantiates an event tracer tree that is associated with the file. The EDR module generates a file hash value for the file using the event tracer tree. Upon determining that the file hash value satisfies a security rule, the EDR module quarantines the file and reports that the file has been quarantined.