公开(公告)号：US20200274886A1

公开(公告)日：2020-08-27

申请号：US16284884

申请日：2019-02-25

Applicant: ENTIT Software LLC

Inventor： Pratyusa K. Manadhata ,  Martin Arlitt

IPC: H04L29/06

Abstract: A service receives, from client computing devices of client networks, information regarding incoming network traffic addressed to dark Internet Protocol (IP) address spaces the of client networks. The service can predict a cyber attack based on the information received from the client computing devices of the client networks. The server computing device notifies the client computing device of each client network affected by the predicted cyber attack.

公开(公告)号：US10742412B2

公开(公告)日：2020-08-11

申请号：US15882952

申请日：2018-01-29

Applicant: EntIT Software LLC

Inventor： Chris A. Windle ,  Susan K. Langford ,  John Martin Lewis

IPC: H04L9/16 ,  H04L9/08

Abstract: According to examples, an apparatus may include a security enclosure, a main processor housed in the security enclosure, and a physical security monitoring control unit (PSMCU) processor housed in the security enclosure. The PSMCU processor may cause the apparatus to switchably operate between a first mode and a second mode. In the first mode, the PSMCU processor may allow access by the main processor to a first cryptographic key while preventing access by the main processor to a second cryptographic key. In addition, in the second mode, the PSMCU processor may allow access by the main processor to the second cryptographic key while preventing access by the main processor to the first cryptographic key.

公开(公告)号：US20200218566A1

公开(公告)日：2020-07-09

申请号：US16240858

申请日：2019-01-07

Applicant: ENTIT SOFTWARE LLC

Inventor： Stephane Herman Maes ,  Srikanth Natarajan

IPC: G06F9/48 ,  G06F9/50 ,  H04L29/08

Abstract: In some examples, a system migrates, responsive to a request, a workload comprising components and relationships among the components as represented by a topology model, the migrating comprising migrating the workload from the source infrastructure to a target infrastructure, and migrating components of the workload from the source infrastructure to the target infrastructure.

公开(公告)号：US10686588B2

公开(公告)日：2020-06-16

申请号：US15693327

申请日：2017-08-31

Applicant: EntIT Software LLC

Inventor： Leslie C. Gutschow ,  Richard Minner ,  Terence Spies

IPC: H04L9/06 ,  H04L9/14 ,  G06F16/245

Abstract: A technique includes performing element-by-element encryption of a segment of the plaintext string to provide a segment of an encrypted string. Performing the element-by-element encryption includes, for a given string element of the segment of the plaintext string, encrypting the given string element to provide a given string element of the segment of the encrypted string; and tweaking the encryption of the given string element based on a selector that includes multiple string elements of the encrypted string. The technique may include searching an encrypted database based on the encrypted string.

公开(公告)号：US10678910B2

公开(公告)日：2020-06-09

申请号：US15559642

申请日：2015-04-10

Applicant: ENTIT Software LLC

Inventor： Ming Sum Sam Ng ,  Alvaro Munoz ,  Oleksandr Mirosh

IPC: G06F21/54 ,  G06F21/52 ,  H04L29/06 ,  H04L29/08 ,  G06F8/41

Abstract: Examples disclosed herein relate to modifying a web page. In one example, in response to beginning execution of a process initiating generation of a web page of a web application at a server, a runtime agent is executed. In this example, the runtime agent modifies code of the web page to inject code to protect output of the web page. In the example, the process can be executed using the modified code to generate a modified web page.

公开(公告)号：US10592308B2

公开(公告)日：2020-03-17

申请号：US15569206

申请日：2015-04-30

Applicant: ENTIT Software LLC

Inventor： Fernando Vizer ,  Noam Fraenkel ,  Yair Horovitz

IPC: G06F9/54 ,  G06F16/28 ,  G06F11/34 ,  G06F17/40 ,  G06F11/30 ,  G06F11/07 ,  G06F11/32

Abstract: According to an example, aggregation based event identification may include aggregating each of a plurality of source events by an event type of event types that represent dusters of the source events and/or a host of a source event of the source events to generate a reduced number of the source events. Aggregation based event identification may further include analyzing a characteristic for each of the reduced number of the source events, and assigning, based on the analysis of the characteristic for each of the reduced number of the source events, a characteristic weight to each of the reduced number of the source events. Further, aggregation based event identification may include aggregating the characteristic weights for each of the reduced number of the source events to determine an aggregated event issue weight for each of the reduced number of the source events.

公开(公告)号：US10572841B2

公开(公告)日：2020-02-25

申请号：US14266135

申请日：2014-04-30

Applicant: ENTIT SOFTWARE LLC

Inventor： Leonid Reznik ,  Yuri Moshayev ,  Yariv Snapir ,  Michael Dikman ,  Dan Noter

IPC: G06Q10/06

Abstract: Recommending actions to an Information Technology (IT) case can include searching an index for an IT case that matches a received IT case, identifying a plurality of actions for the received IT case based on the search, and recommending a subset of actions from the plurality of actions for the received IT case to an IT agent.

公开(公告)号：US10565218B2

公开(公告)日：2020-02-18

申请号：US15325493

申请日：2014-08-18

Applicant: ENTIT SOFTWARE LLC

Inventor： Wen Yao ,  Mehran Kafai ,  April Slayden Mitchell

IPC: G06F16/2458 ,  G06F16/26 ,  G06F16/248 ,  G06F16/2457

Abstract: Interactive sequential pattern mining is disclosed. One example is a system including a sequence miner, and an interaction processor. A sequence database is received, the sequence database including a plurality of input sequences, where each sequence of the plurality of input sequences is an ordered list of events, and each event in the list of events includes at least one item. The sequence miner mines the sequence database for a plurality of candidate sequence patterns, the mining based on an interaction with a user. The interaction processor processes the interaction with the user, the interaction based on domain relevance of the plurality of candidate sequence patterns to the user.

公开(公告)号：US10516578B2

公开(公告)日：2019-12-24

申请号：US15558659

申请日：2015-03-31

Applicant: ENTIT Software LLC

Inventor： Noam Fraenkel ,  Doron Shaked ,  Maya Cohen Harel

IPC: G06F15/173 ,  H04L12/24

Abstract: In a method for inferring a topology of components in a network, at least one operation parameter is provided for each of a plurality of components in a network, and a similarity measure is computed between at least two of said components based on values of said operation parameters. Based on said similarity measure, it is determined whether said two components are topologically connected, wherein said similarity measure is computed in terms of a normalized mutual information between said operation parameters pertaining to said two components.

公开(公告)号：US20190340353A1

公开(公告)日：2019-11-07

申请号：US15973189

申请日：2018-05-07

Applicant: ENTIT SOFTWARE LLC

Inventor： Tamir Mitelman

IPC: G06F21/55 ,  G06N99/00

Abstract: A technique includes accessing data representing a state of a given investigation of a potential security threat to a computer system by a security analyst. The state includes a result of a current investigative step of the investigation, and the analyst conducting the investigation uses an investigation graphical user interface (GUI). The technique includes applying machine learning that is trained on observed investigations to determine a recommendation to guide the analyst in a next investigative step for the given investigation. The technique includes communicating the recommendation through an output provided to the investigation GUI.