公开(公告)号：US20170134425A1

公开(公告)日：2017-05-11

申请号：US14684231

申请日：2015-04-10

Applicant: Palantir Technologies Inc.

Inventor： Jacob Albertson ,  Melody Hildebrandt ,  Harkirat Singh ,  Shyam Sankar ,  Rick Ducott ,  Peter Maag ,  Marissa Kimball

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/50 ,  G06F21/55 ,  H04L63/14 ,  H04L63/1441

Abstract: Systems and techniques for sharing security data are described herein. Security rules and/or attack data may be automatically shared, investigated, enabled, and/or used by entities. A security rule may be enabled on different entities comprising different computing systems to combat similar security threats and/or attacks. Security rules and/or attack data may be modified to redact sensitive information and/or configured through access controls for sharing.

公开(公告)号：US11848760B2

公开(公告)日：2023-12-19

申请号：US17658893

申请日：2022-04-12

Applicant: Palantir Technologies Inc.

Inventor： Harkirat Singh ,  Geoffrey Stowe ,  Brendan Weickert ,  Matthew Sprague ,  Michael Kross ,  Adam Borochoff ,  Parvathy Menon ,  Michael Harris

IPC: G06Q40/00 ,  H04L9/40 ,  G06F16/2457 ,  G06F16/23 ,  G06F16/242 ,  G06F16/28 ,  G06F16/9535 ,  G06Q10/10 ,  G06Q40/02 ,  G06Q40/10 ,  G06F16/335 ,  G06F16/35 ,  G06F16/26 ,  G06F16/2458 ,  G06Q40/03 ,  G06Q20/40 ,  G06Q30/018 ,  G06Q40/12 ,  G06Q20/38

CPC classification number: H04L63/145 ,  G06F16/23 ,  G06F16/244 ,  G06F16/2465 ,  G06F16/24578 ,  G06F16/26 ,  G06F16/283 ,  G06F16/285 ,  G06F16/287 ,  G06F16/288 ,  G06F16/335 ,  G06F16/35 ,  G06F16/355 ,  G06F16/9535 ,  G06Q10/10 ,  G06Q20/382 ,  G06Q20/4016 ,  G06Q30/0185 ,  G06Q40/00 ,  G06Q40/02 ,  G06Q40/03 ,  G06Q40/10 ,  G06Q40/123

Abstract: In various embodiments, systems, methods, and techniques are disclosed for generating a collection of clusters of related data from a seed. Seeds may be generated based on seed generation strategies or rules. Clusters may be generated by, for example, retrieving a seed, adding the seed to a first cluster, retrieving a clustering strategy or rules, and adding related data and/or data entities to the cluster based on the clustering strategy. Various cluster scores may be generated based on attributes of data in a given cluster. Further, cluster metascores may be generated based on various cluster scores associated with a cluster. Clusters may be ranked based on cluster metascores. Various embodiments may enable an analyst to discover various insights related to data clusters, and may be applicable to various tasks including, for example, tax fraud detection, beaconing malware detection, malware user-agent detection, and/or activity trend detection, among various others.

公开(公告)号：US20220150263A1

公开(公告)日：2022-05-12

申请号：US17526953

申请日：2021-11-15

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L9/40

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US11201879B2

公开(公告)日：2021-12-14

申请号：US16822646

申请日：2020-03-18

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L29/06 ,  H04L29/12 ,  G06F21/55

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US20210176281A1

公开(公告)日：2021-06-10

申请号：US17129563

申请日：2020-12-21

Applicant: Palantir Technologies Inc.

Inventor： Jacob Albertson ,  Melody Hildebrandt ,  Harkirat Singh ,  Shyam Sankar ,  Rick Ducott ,  Peter Maag ,  Marissa Kimball

IPC: H04L29/06 ,  G06F21/50 ,  G06F21/55

Abstract: Systems and techniques for sharing security data are described herein. Security rules and/or attack data may be automatically shared, investigated, enabled, and/or used by entities. A security rule may be enabled on different entities comprising different computing systems to combat similar security threats and/or attacks. Security rules and/or attack data may be modified to redact sensitive information and/or configured through access controls for sharing.

公开(公告)号：US20200349152A1

公开(公告)日：2020-11-05

申请号：US16933688

申请日：2020-07-20

Applicant: Palantir Technologies Inc.

Inventor： HUW PRYCE ,  James Neale ,  Robert Fink ,  Jared Newman ,  Graham Dennis ,  Viktor Nordling ,  Artur Jonkisz ,  Daniel Fox ,  Felix de Souza ,  Harkirat Singh ,  Mark Elliot

IPC: G06F16/2455 ,  G06F16/25 ,  G06F16/2458

Abstract: Computer-implemented techniques for data extraction are described. The techniques include a method and system for retrieving an extraction job specification, wherein the extraction job specification comprises a source repository identifier that identifies a source repository comprising a plurality of data records; a data recipient identifier that identifies a data recipient; and a schedule that indicates a timing of when to retrieve the plurality of data records. The method and system further include retrieving the plurality of data records from the source repository based on the schedule, creating an extraction transaction from the plurality of data records, wherein the extraction transaction comprises a subset of the plurality of data records and metadata, and sending the extraction transaction to the data recipient.

公开(公告)号：US20200304522A1

公开(公告)日：2020-09-24

申请号：US16898850

申请日：2020-06-11

Applicant: Palantir Technologies Inc.

Inventor： Harkirat Singh ,  Geoffrey Stowe ,  Brendan Weickert ,  Matthew Sprague ,  Michael Kross ,  Adam Borochoff ,  Parvathy Menon ,  Michael Harris

IPC: H04L29/06 ,  G06Q40/00 ,  G06F16/2457 ,  G06F16/23 ,  G06F16/242 ,  G06F16/28 ,  G06F16/9535 ,  G06Q10/10 ,  G06Q40/02 ,  G06F16/335 ,  G06F16/35 ,  G06F16/26 ,  G06F16/2458 ,  G06Q20/40 ,  G06Q30/00 ,  G06Q20/38

Abstract: In various embodiments, systems, methods, and techniques are disclosed for generating a collection of clusters of related data from a seed. Seeds may be generated based on seed generation strategies or rules. Clusters may be generated by, for example, retrieving a seed, adding the seed to a first cluster, retrieving a clustering strategy or rules, and adding related data and/or data entities to the cluster based on the clustering strategy. Various cluster scores may be generated based on attributes of data in a given cluster. Further, cluster metascores may be generated based on various cluster scores associated with a cluster. Clusters may be ranked based on cluster metascores. Various embodiments may enable an analyst to discover various insights related to data clusters, and may be applicable to various tasks including, for example, tax fraud detection, beaconing malware detection, malware user-agent detection, and/or activity trend detection, among various others.

公开(公告)号：US10776360B2

公开(公告)日：2020-09-15

申请号：US16147687

申请日：2018-09-29

Applicant: Palantir Technologies Inc.

Inventor： Huw Pryce ,  James Neale ,  Robert Fink ,  Jared Newman ,  Graham Dennis ,  Viktor Nordling ,  Artur Jonkisz ,  Daniel Fox ,  Felix de Souza ,  Harkirat Singh ,  Mark Elliot

IPC: G06F16/00 ,  G06F16/2455 ,  G06F16/25 ,  G06F16/2458

Abstract: Computer-implemented techniques for data extraction are described. The techniques include a method and system for retrieving an extraction job specification, wherein the extraction job specification has a source repository identifier that identifies a source repository including a plurality of data records; a data recipient identifier that identifies a data recipient; and a schedule that indicates a timing of when to retrieve the plurality of data records. The method and system further include retrieving the plurality of data records from the source repository based on the schedule, creating an extraction transaction from the plurality of data records, wherein the extraction transaction includes a subset of the plurality of data records and metadata, and sending the extraction transaction to the data recipient.

公开(公告)号：US10721268B2

公开(公告)日：2020-07-21

申请号：US16239081

申请日：2019-01-03

Applicant: Palantir Technologies Inc.

Inventor： Harkirat Singh ,  Brendan Weickert ,  Matthew Sprague ,  Michael Kross ,  Adam Borochoff ,  Parvathy Menon ,  Michael Harris

IPC: G06Q40/00 ,  H04L29/06 ,  G06F16/2457 ,  G06F16/23 ,  G06F16/242 ,  G06F16/28 ,  G06F16/9535 ,  G06Q10/10 ,  G06Q40/02 ,  G06F16/335 ,  G06F16/35 ,  G06F16/26 ,  G06F16/2458 ,  G06Q20/40 ,  G06Q30/00 ,  G06Q20/38

Abstract: In various embodiments, systems, methods, and techniques are disclosed for generating a collection of clusters of related data from a seed. Seeds may be generated based on seed generation strategies or rules. Clusters may be generated by, for example, retrieving a seed, adding the seed to a first cluster, retrieving a clustering strategy or rules, and adding related data and/or data entities to the cluster based on the clustering strategy. Various cluster scores may be generated based on attributes of data in a given cluster. Further, cluster metascores may be generated based on various cluster scores associated with a cluster. Clusters may be ranked based on cluster metascores. Various embodiments may enable an analyst to discover various insights related to data clusters, and may be applicable to various tasks including, for example, tax fraud detection, beaconing malware detection, malware user-agent detection, and/or activity trend detection, among various others.

公开(公告)号：US20190052648A1

公开(公告)日：2019-02-14

申请号：US14928512

申请日：2015-10-30

Applicant: Palantir Technologies Inc.

Inventor： Geoff Stowe ,  Harkirat Singh ,  Stefan Bach ,  Matthew Sprague ,  Michael Kross ,  Adam Borochoff ,  Parvathy Menon ,  Michael Harris

IPC: H04L29/06 ,  G06Q20/38 ,  G06F17/30

Abstract: In various embodiments, systems, methods, and techniques are disclosed for generating a collection of clusters of related data from a seed. Seeds may be generated based on seed generation strategies or rules. Clusters may be generated by, for example, retrieving a seed, adding the seed to a first cluster, retrieving a clustering strategy or rules, and adding related data and/or data entities to the cluster based on the clustering strategy. Various cluster scores may be generated based on attributes of data in a given cluster. Further, cluster metascores may be generated based on various cluster scores associated with a cluster. Clusters may be ranked based on cluster metascores. Various embodiments may enable an analyst to discover various insights related to data clusters, and may be applicable to various tasks including, for example, tax fraud detection, beaconing malware detection, malware user-agent detection, and/or activity trend detection, among various others.