公开(公告)号：US11750659B2

公开(公告)日：2023-09-05

申请号：US17216939

申请日：2021-03-30

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Andrew Sellers ,  Richard Kelley

IPC分类号： H04L9/40 ,  G06F16/2458 ,  G06F16/951

CPC分类号： H04L63/20 ,  G06F16/2477 ,  G06F16/951 ,  H04L63/1425 ,  H04L63/1441

摘要： A system and method for generating comprehensive security profiles and ratings for organizations that takes into account the organization's infrastructure and operations in generating the profile, and the context and purpose of the rating to be generated related to the profile. The system and method may further comprise gathering data about the totality of the organization's infrastructure and operations, generating a cybersecurity profile using active and passive internal and external reconnaissance of the organization to determine cybersecurity vulnerabilities and potential impacts to the business in light of the information gathered about the organization's infrastructure and operations, and generating cybersecurity scores and ratings that take into account all of the above information, plus the context and purpose of the score or rating to be generated based on the cybersecurity profile.

公开(公告)号：US11714991B2

公开(公告)日：2023-08-01

申请号：US17333259

申请日：2021-05-28

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Andrew Sellers

IPC分类号： G06F7/00 ,  G06N3/006 ,  G06N5/043 ,  G06N20/00 ,  H04L67/10 ,  G06Q10/0637

CPC分类号： G06N3/006 ,  G06N5/043 ,  G06N20/00 ,  G06Q10/0637 ,  H04L67/10

摘要： A system and methods for generating and applying learning agents in simulated environments, in which an agent simulation is selected, one or more agent goals are received, and agents are created which are individual instances of the agent simulation with each agent having at least one of the agent goals, wherein the agents are used in the execution of an environment simulation which dynamically changes based on the collective behavior of the agents.

公开(公告)号：US20230239293A1

公开(公告)日：2023-07-27

申请号：US18158463

申请日：2023-01-23

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Andrew Sellers

IPC分类号： H04L9/40 ,  H04L43/04

CPC分类号： H04L63/0861 ,  H04L43/04 ,  H04L63/083 ,  H04L63/105 ,  H04L63/0876 ,  H04L63/1433 ,  H04L63/1408 ,  H04L2463/082

摘要： A system for probe-based risk analysis for multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network’s traffic data and to serve the traffic data to other modules and a directed computational graph module configured to probe connection destinations for a response, analyze any received responses, and determine a verification score needed before granting access based at least in part on the analysis of the received responses. A plurality of verification methods build up a user’s verification score to required level to gain access.

公开(公告)号：US11687527B2

公开(公告)日：2023-06-27

申请号：US17084263

申请日：2020-10-29

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Andrew Sellers

IPC分类号： G06F16/245 ,  G06F16/248 ,  G06F40/30 ,  G06N5/04 ,  G06F16/901

CPC分类号： G06F16/245 ,  G06F16/248 ,  G06F16/9024 ,  G06F40/30 ,  G06N5/04

摘要： A system for analyzing graph databases using intelligent reasoning systems including scalable collection of, and transformation of, graph data into facts suitable for use with programming logic languages doing deductive reasoning. A graph analyzer ingests disparate graph data from across the Internet and transforms the graph data into a fact table. In order to reduce latency and processing congestion, a stream processing engine and sharding strategy are employed to ensure scalability through parallelized processing of programming logic queries. Transformed graph data, now relational data, is utilized with programming logic languages that allow for hypothetical queries whereby an inference engine can deduce new information to satisfy such a query. Furthermore, the self-contained nature of inputs, outputs, and transformations of the system means strict data provenance can be observed and adhered to.

公开(公告)号：US20230177613A1

公开(公告)日：2023-06-08

申请号：US18071563

申请日：2022-11-29

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Richard Kelley

IPC分类号： G06Q40/08 ,  G06Q30/0601 ,  G06N20/00 ,  G06F16/951 ,  G06Q30/0202 ,  G06N5/046 ,  G06N5/045

CPC分类号： G06Q40/08 ,  G06Q30/0611 ,  G06N20/00 ,  G06F16/951 ,  G06Q30/0202 ,  G06N5/046 ,  G06N5/045 ,  G06N3/006

摘要： A system for autonomous risk assessment and quantification for insurance policies for computer and information technology related risks, including but not limited to losses due to system availability, cloud computing failures, current and past data breaches, and data integrity issues. The system will use a variety of current risk information to assess the likelihood of operational interruption or loss due to both accidental issues and malicious activity. Based on these assessments, the system will be able to autonomously issue policies, adjust premium pricing, process claims, and seek re-insurance opportunities with a minimum of human input.

公开(公告)号：US20230118726A1

公开(公告)日：2023-04-20

申请号：US17975548

申请日：2022-10-27

申请人： QOMPLX, Inc.

发明人： Randy Clayton ,  Jason Crabtree ,  Luka Jurukovski ,  Richard Kelley ,  Angadbir Singh Salaria ,  Andrew Sellers ,  Farooq Israr Ahmed Shaikh

IPC分类号： H04L9/40

摘要： A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.

公开(公告)号：US11570214B2

公开(公告)日：2023-01-31

申请号：US17061195

申请日：2020-10-01

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Andrew Sellers

IPC分类号： H04L9/40 ,  G06F16/2458 ,  G06F16/951

摘要： A system and method for crowdsourced innovation and automated process implementation, wherein individuals and businesses use a distributed computational graph module with crowdsourcing-technology to develop ideas and create process workflows for implementing those ideas. The developed process workflows are implemented through a system which automatically integrates heterogenous Internet resources such as electronic commerce, recruiting, and management platforms into a single portal. Businesses and other collaboration initiatives are supported via crowdsourced labor that are automatically orchestrated by the distributed computational graph workflows and user interface that provide a comprehensive and convergent solution for process management.

公开(公告)号：US11563741B2

公开(公告)日：2023-01-24

申请号：US17138202

申请日：2020-12-30

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Andrew Sellers

IPC分类号： H04L9/40 ,  H04L43/04

摘要： A system for probe-based risk analysis for multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network's traffic data and to serve the traffic data to other modules and a directed computational graph module configured to probe connection destinations for a response, analyze any received responses, and determine a verification score needed before granting access based at least in part on the analysis of the received responses. A plurality of verification methods build up a user's verification score to required level to gain access.

公开(公告)号：US20230008173A1

公开(公告)日：2023-01-12

申请号：US17845826

申请日：2022-06-21

申请人： QOMPLX, Inc.

发明人： Jason Crabtree ,  Richard Kelley

IPC分类号： H04L9/40 ,  G06F16/951 ,  G06F16/2458

摘要： A system and method for the detection and mitigation of data source compromises in an adversarial information environment. The system and method feature the ability to scan for, ingest and process, and then use relational, wide column, and graph stores for capturing entity data, their relationships, and actions associated with them. Furthermore, meta-data is gathered and linked to the ingested data, which provides a broader contextual view of the environment leading up to and during an event of interest. Data quality analysis is conducted on the data as it is ingested in order to identify various data source metrics and determine if a data source may be compromised. The results of the data quality analysis, the identified metrics, the gathered data, and meta-data are used to manage the reputation of the contributing data sources. The system can make recommendations on data sources based on the data source reputation scoring.

公开(公告)号：US11539663B2

公开(公告)日：2022-12-27

申请号：US16412340

申请日：2019-05-14

申请人： QOMPLX, Inc.

发明人： Mike Chasman ,  Jeffrey Chung ,  Jason Crabtree ,  Luka Jurukovski ,  Richard Kelley ,  Artem Panasenkov ,  Andrew Sellers

IPC分类号： H04L9/40 ,  G06F8/61 ,  H04L41/0806 ,  G06F9/445 ,  G06F9/455 ,  H04L67/104 ,  H04L67/141 ,  H04L12/46 ,  G06N99/00

摘要： A system and method that uses midservers located between the business enterprise computer infrastructure and the cloud-based infrastructure to collect, aggregate, analyze, transform, and securely transmit data from a multitude of computing devices and peripherals at an external network to a cloud-based service.