公开(公告)号：US20240333753A1

公开(公告)日：2024-10-03

申请号：US18742234

申请日：2024-06-13

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: H04L9/40 ,  H04L43/045

CPC classification number: H04L63/1433 ,  H04L43/045 ,  H04L63/1425 ,  H04L63/18

Abstract: A system includes a data channel configured to provide device connectivity data associated with an entity, a data channel communication network configured to communicate the device connectivity data from the data channel, and a processing circuit communicatively coupled to the data channel via the data channel communication network. The processing circuit is structured to identify a vulnerability associated with a property of the device connectivity data, generate a scanner uniform resource locator (URL) based on the property of the device connectivity data, the scanner URL including a parametrized scanner executable structured to accept as a parameter at least a part of the property of the device connectivity data, and transmit the scanner URL to a computing system.

公开(公告)号：US12015630B1

公开(公告)日：2024-06-18

申请号：US17129801

申请日：2020-12-21

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: H04L9/40 ,  H04L43/045

CPC classification number: H04L63/1433 ,  H04L43/045 ,  H04L63/1425 ,  H04L63/18

Abstract: Systems and methods for vulnerability remediation based on a dynamic security model are disclosed. Device connectivity data for an entity external to an identifier entity is received by the identifier entity. A vulnerability is identified and risk-scored based on a property parsed from the device connectivity data. The identifier entity may execute an automatic action to prevent the identifier entity from receiving electronic communications from the affected component of the external entity. Further, based on the risk score meeting various parameters, a hyperlink is generated by the identifier entity and provided to the external entity. The hyperlink may include a remediation executable parametrized using the property parsed from the device connectivity data. The remediation executable may include a reference to a patch structured to remediate the vulnerability. Once the external entity remediates the vulnerability, the external entity may initiate a rescan of its affected component.

公开(公告)号：US20230351026A1

公开(公告)日：2023-11-02

申请号：US18213183

申请日：2023-06-22

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: G06F21/57 ,  G06F9/455

CPC classification number: G06F21/577 ,  G06F9/455 ,  G06F2221/034 ,  G06F3/04842

Abstract: Systems and methods for managing cybersecurity for an entity are disclosed. An example method includes providing a content portal to a user configured to display a security risk profile via a generated GUI; receiving, via the generated GUI, a first input from the user comprising a selection of a component identified in the security risk profile and a response parameter; providing, via the generated GUI, parameters for a targeted scan of the selected component; receiving, via the generated GUI, a second input from the user comprising a selection of a confirmation of the parameters; identifying a vulnerability associated with a first property or a second property from device connectivity data based on the parameters; initiating the targeted scan of the selected component associated with the vulnerability; determining a result of the targeted scan; updating the security risk profile; and updating a multi-dimensional score based on the updated security risk profile.

公开(公告)号：US12149557B2

公开(公告)日：2024-11-19

申请号：US18202860

申请日：2023-05-26

Applicant: Wells Fargo Bank, N.A.

Inventor： Daniel Fricano ,  Thomas Gilheany ,  Peter Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk ,  Shane Cross

IPC: H04L9/40 ,  H04L43/045

Abstract: Systems, methods, and computer-readable storage media are utilized to analyze multi-channel data based on a security model in a computer network environment. One system includes a plurality of data channels configured to access entity data and a processing circuit communicatively coupled to a data channel of the plurality of data channels, the processing circuit configured to identify at least one vulnerability, determine an impact of the at least one vulnerability, assign the first property to a first cybersecurity dimension, generate a cybersecurity risk score based at least on the impact of the at least one vulnerability, and generate a multi-dimensional score for a target computer network environment based on the cybersecurity risk score.

公开(公告)号：US11777992B1

公开(公告)日：2023-10-03

申请号：US17129767

申请日：2020-12-21

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: H04L9/40 ,  G06F16/23 ,  H04L43/0811 ,  G06F16/11 ,  H04L61/4511 ,  H04L61/5007 ,  H04L101/37

CPC classification number: H04L63/20 ,  G06F16/128 ,  G06F16/2379 ,  H04L43/0811 ,  H04L61/4511 ,  H04L61/5007 ,  H04L63/0876 ,  H04L63/1433 ,  H04L2101/37 ,  H04L2463/121

Abstract: Systems, methods and computer-readable storage media are utilized dynamically discovering components of a computer network environment. The processing circuit of a data acquisition engine configured determine a domain name associated with an entity profile, determine an IP range, validate at the domain name, the IP range, and the IP address, collect additional device connectivity data, and provide the additional device connectively data.

公开(公告)号：US20230300165A1

公开(公告)日：2023-09-21

申请号：US18202860

申请日：2023-05-26

Applicant: Wells Fargo Bank, N.A.

Inventor： Daniel Fricano ,  Thomas Gilheany ,  Peter Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk ,  Shane Cross

IPC: H04L9/40 ,  H04L43/045

CPC classification number: H04L63/1433 ,  H04L63/1425 ,  H04L43/045 ,  H04L63/18

Abstract: Systems, methods, and computer-readable storage media are utilized to analyze multi-channel data based on a security model in a computer network environment. One system includes a plurality of data channels configured to access entity data and a processing circuit communicatively coupled to a data channel of the plurality of data channels, the processing circuit configured to identify at least one vulnerability, determine an impact of the at least one vulnerability, assign the first property to a first cybersecurity dimension, generate a cybersecurity risk score based at least on the impact of the at least one vulnerability, and generate a multi-dimensional score for a target computer network environment based on the cybersecurity risk score.

公开(公告)号：US12229275B2

公开(公告)日：2025-02-18

申请号：US18213183

申请日：2023-06-22

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: G06F21/57 ,  G06F9/455 ,  G06F3/04842

Abstract: Systems and methods for managing cybersecurity for an entity are disclosed. An example method includes providing a content portal to a user configured to display a security risk profile via a generated GUI; receiving, via the generated GUI, a first input from the user comprising a selection of a component identified in the security risk profile and a response parameter; providing, via the generated GUI, parameters for a targeted scan of the selected component; receiving, via the generated GUI, a second input from the user comprising a selection of a confirmation of the parameters; identifying a vulnerability associated with a first property or a second property from device connectivity data based on the parameters; initiating the targeted scan of the selected component associated with the vulnerability; determining a result of the targeted scan; updating the security risk profile; and updating a multi-dimensional score based on the updated security risk profile.

公开(公告)号：US20250023904A1

公开(公告)日：2025-01-16

申请号：US18902685

申请日：2024-09-30

Applicant: Wells Fargo Bank, N.A.

Inventor： Daniel Fricano ,  Thomas Gilheany ,  Peter Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk ,  Shane Cross

IPC: H04L9/40 ,  H04L43/045

Abstract: Systems, methods, and computer-readable storage media are utilized to analyze multi-channel data based on a security model in a computer network environment. One system includes a plurality of data channels configured to access entity data and a processing circuit communicatively coupled to a data channel of the plurality of data channels, the processing circuit configured to identify at least one vulnerability, determine an impact of the at least one vulnerability, assign the first property to a first cybersecurity dimension, generate a cybersecurity risk score based at least on the impact of the at least one vulnerability, and generate a multi-dimensional score for a target computer network environment based on the cybersecurity risk score.

公开(公告)号：US20240015185A1

公开(公告)日：2024-01-11

申请号：US18371963

申请日：2023-09-22

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: H04L9/40 ,  G06F16/23 ,  H04L43/0811 ,  G06F16/11 ,  H04L61/4511 ,  H04L61/5007

CPC classification number: H04L63/20 ,  H04L63/0876 ,  H04L63/1433 ,  G06F16/2379 ,  H04L43/0811 ,  G06F16/128 ,  H04L61/4511 ,  H04L61/5007 ,  H04L2463/121 ,  H04L2101/37

Abstract: Systems, methods and computer-readable storage media are utilized dynamically discovering components of a computer network environment. The processing circuit of a data acquisition engine configured to determine a network identifier associated with an entity, the entity comprising information associated with previously stored device connectivity data for the entity, determine network data based on the network identifier, validate the network name and the network data, comprising determining whether the network data is included in the previously stored device connectivity data, and provide additionally collected device connectivity data to a security model.

公开(公告)号：US11720686B1

公开(公告)日：2023-08-08

申请号：US17129777

申请日：2020-12-21

Applicant: Wells Fargo Bank, N.A.

Inventor： Shane Cross ,  Daniel Fricano ,  Thomas Gilheany ,  Peter Anatole Makohon ,  Dale Miller ,  Charles Steven Edison ,  Kodzo Wegba ,  James Bonk

IPC: G06F21/57 ,  G06F9/455 ,  G06F3/04842

CPC classification number: G06F21/577 ,  G06F9/455 ,  G06F3/04842 ,  G06F2221/034

Abstract: Systems, methods, and computer-readable media for managing cybersecurity risk for an entity are disclosed. An example method includes receiving device connectivity data for the entity; determining vulnerability data based on the device connectivity data; generating a security risk profile of the entity; retrieving an external contact; generating a vulnerability notification; transmitting the vulnerability notification; providing a content portal to a user, wherein the content portal is configured to display the security risk profile via a dynamically generated graphical user interface (GUI); receiving, via the dynamically generated GUI, an input from the user, the input comprising a selection of a component identified in the security risk profile and a response parameter; initiating a targeted scan of the selected component; determining a result of the targeted scan; updating the security risk profile; and providing, via the dynamically generated GUI, the updated security risk profile to the user.