公开(公告)号：US20080056156A1

公开(公告)日：2008-03-06

申请号：US11470240

申请日：2006-09-05

Applicant: Robert Andrews ,  Navindra Yadav ,  Shree Murthy

Inventor： Robert Andrews ,  Navindra Yadav ,  Shree Murthy

IPC: H04L12/28

CPC classification number: H04L41/0866 ,  H04L12/66 ,  H04L41/0806 ,  H04L41/0853 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/5003 ,  H04L45/00

Abstract: Method and system for providing a dynamic network configuration and management based on defining and applying high level administrative intents including retrieving one or more attributes associated with one or more logical groups in a network, determining one or more network policies based on the one or more retrieved attributes, associating the one or more logical groups to a respective network group identifier, and generating a network group list associated with the one or more network group identifiers, is disclosed.

Abstract translation: 用于基于定义和应用高级管理意图提供动态网络配置和管理的方法和系统，包括检索与网络中的一个或多个逻辑组相关联的一个或多个属性，基于一个或多个检索到的一个或多个检索到的一个或多个网络策略 属性，将一个或多个逻辑组关联到相应的网络组标识符，以及生成与一个或多个网络组标识符相关联的网络组列表。

公开(公告)号：US12294589B2

公开(公告)日：2025-05-06

申请号：US17527466

申请日：2021-11-16

Applicant: Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Paul John Lesiak ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang ,  Udayan Joshi ,  Soumyadeep Choudhury ,  Muhammada Furqan ,  Manish Arigala

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Paul John Lesiak ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang ,  Udayan Joshi ,  Soumyadeep Choudhury ,  Muhammada Furqan ,  Manish Arigala

IPC: H04L9/40 ,  G06F9/54 ,  G06F16/23 ,  G06F21/57 ,  G06F21/60 ,  G06F21/62

Abstract: In one aspect, a method for implementing a cloud-platform push for one or more known data breaches includes the step of, for each data breach of the one or more known data breaches, providing a functionality that maps one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes generating a security rule for each mapped kill chain or TTP based on the functionality that maps the one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes pushing the security rule to an enterprise so that the enterprise is aware of a vulnerability in the data breach. A step includes generating a customized posture for a Virtual private cloud (VPC) in the enterprise's cloud-based network. A step includes determining that the data breach can occur within the enterprise's cloud-based network.

公开(公告)号：US12289331B2

公开(公告)日：2025-04-29

申请号：US17829361

申请日：2022-06-01

Applicant: Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Brady Schulman ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang ,  Udayan Joshi ,  Soumyadeep Choudhury ,  Muhammada Furqan ,  Danesh Irani

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Brady Schulman ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang ,  Udayan Joshi ,  Soumyadeep Choudhury ,  Muhammada Furqan ,  Danesh Irani

IPC: H04L9/40

Abstract: In one aspect, a computerized system for locating anomalous query activity with a cloud-based database, comprising: with an atypical query engine: analyzing and understanding data within a cloud-based database, processing all accesses to the data within cloud-based database and SAAS environment, generating a list of user that accesses a table from a location in the cloud-based database using, and capture a set of specified key statistics about the cloud-based database query; and role suggestion engine: generating a user behavior fingerprint comprising a history of the user's behavior within the cloud-based database, identifying that a user is an outlier with respect to behavior with respect to the set of specified key statistics, and suggesting a new role within an enterprise managing the cloud-based database for the user, wherein the fingerprint of the outlier user is used to generate the suggestion for the new role.

公开(公告)号：US12010124B2

公开(公告)日：2024-06-11

申请号：US17335932

申请日：2021-06-01

Applicant: Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

IPC: H04L9/40 ,  G06F9/54 ,  G06F16/23 ,  G06F21/57 ,  G06F21/60 ,  G06F21/62

CPC classification number: H04L63/1416 ,  G06F9/541 ,  G06F16/2379 ,  G06F21/577 ,  G06F21/604 ,  G06F21/6245 ,  H04L63/0209 ,  H04L63/1425 ,  H04L63/1466 ,  H04L63/20 ,  G06F2221/034

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

公开(公告)号：US20240106847A1

公开(公告)日：2024-03-28

申请号：US18214527

申请日：2023-06-27

Applicant: NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  YIWEI WANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

Inventor： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  YIWEI WANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/1416 ,  H04L63/1433 ,  H04L63/145

Abstract: In one aspect, a computerized method for detecting reconnaissance and infiltration in data lakes and cloud warehouses, comprising: monitoring a SaaS data store or a cloud-native data store from inside the data store; examining the attack and automatically identifies how far the attack has progressed in the attack lifecycle; identifying the target and scope of the attack evaluates how far the attackers have penetrated the system and what is their target; and establishing the value of the asset subject to the attackers' attack and maps the impact of the attack on the CIA (confidentiality, integrity and availability) triad.

公开(公告)号：US20240028572A1

公开(公告)日：2024-01-25

申请号：US18100574

申请日：2023-01-24

Applicant: NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH Rao ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

Inventor： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH Rao ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC: G06F16/21 ,  G06F16/27

CPC classification number: G06F16/219 ,  G06F16/27

Abstract: In one aspect, a computerized system for securing data cloning and sharing options on data warehouses, comprising: a clone determiner engine that determines that a data asset is a primary data asset or a clone data asset, wherein the clone determiner engine comprises: a log data analyzer that obtains and analyzes a set of logs of the data asset from a specified log source, and wherein set of logs are used to determine that the data asset is the primary data asset or the clone data asset, a timestamp analyzer engine that obtains a timestamp data of the data asset and reviews the timestamp data to analyze ordering of the data asset, and wherein the timestamp analyzer engine determines the data asset is a primary asset or a secondary asset, and a fingerprints analyzer that obtains and reviews the data asset and any metadata of data asset, and wherein the fingerprints analyzer creates a fingerprint based on a content of the data asset and the metadata of the data asset, and wherein the fingerprints analyzer then uses the fingerprints to determine that the data asset is the clone data asset of an already known asset in conjunction with an output of the timestamp analyzer engine and the log data analyzer.

公开(公告)号：US20230334162A1

公开(公告)日：2023-10-19

申请号：US18107513

申请日：2023-02-09

Applicant: NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

Inventor： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC: G06F21/60 ,  G06F21/62

CPC classification number: G06F21/604 ,  G06F21/6218 ,  G06F2221/2113

Abstract: In one aspect, a computerized method for minimizing a data governance in order to improve data security, comprising: providing and imposing a set of access rules to a set of data, wherein the set of data is stored in a data warehouse; measuring a level of over provisioning of the set of data; measuring a level of data abuse susceptibility of the set of data; implementing a dark data governance operation on the set of data; and identifying a set of infrequently used roles in the set of data.

公开(公告)号：US20220269815A1

公开(公告)日：2022-08-25

申请号：US17335932

申请日：2021-06-01

Applicant: SUPREETH HOSUR NAGESH RAO ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

Inventor： SUPREETH HOSUR NAGESH RAO ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

IPC: G06F21/62 ,  G06F9/54 ,  G06F16/23 ,  H04L29/06

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

公开(公告)号：US09319276B2

公开(公告)日：2016-04-19

申请号：US12928863

申请日：2010-12-21

Applicant: Navindra Yadav ,  Bhanu Gopalasetty ,  Sheausong Yang

Inventor： Navindra Yadav ,  Bhanu Gopalasetty ,  Sheausong Yang

IPC: H04W4/00 ,  H04L12/24 ,  H04L12/931

CPC classification number: H04L41/0893 ,  H04L49/503

Abstract: In one embodiment, a method includes receiving a packet at a network device in communication with a plurality of client nodes, the packet identifying a first client node, performing a look up in a table stored at the network device to locate policies associated with the first client node, the table including an entry for each of the client nodes, each entry having a plurality of policies associated with the client node, applying the policies associated with the first client node at a forwarding engine at the network device, and forwarding the packet from the network device. An apparatus is also disclosed.

Abstract translation: 在一个实施例中，一种方法包括在与多个客户端节点通信的网络设备处接收分组，该分组识别第一客户端节点，在存储在网络设备处的表中执行查找以定位与第一客户端节点相关联的策略 客户端节点，该表包括用于每个客户端节点的条目，每个条目具有与客户机节点相关联的多个策略，将与第一客户端节点相关联的策略应用于网络设备处的转发引擎，并且转发该分组 从网络设备。 还公开了一种装置。

公开(公告)号：US08780706B1

公开(公告)日：2014-07-15

申请号：US13343117

申请日：2012-01-04

Applicant: Paul Donner ,  Navindra Yadav

Inventor： Paul Donner ,  Navindra Yadav

IPC: H04L1/00 ,  H04L12/26

CPC classification number: H04L45/16 ,  H04L12/1895

Abstract: A network device sends into a network a request to be connected to a particular multicast source-group pair for a Phasor Measurement Unit (PMU) data stream comprising packets containing phasor measurement data. The network device receives the phasor measurement data stream for the particular multicast source-group pair. The source-group pair information is compared against stored data specifying handling rules for packets associated with phasor measurement data streams. The packets in the received phasor measurement data stream are modified when there are handling rules in the stored data for the particular multicast source-group pair of the received phasor measurement data stream. The packets (now modified) for the phasor measurement data stream for the particular multicast source-group pair are re-originated with a new multicast source-group pair and sent into the network. In order to support existing legacy PMU devices, IP unicast-to-multicast conversion is implemented.

Abstract translation: 网络设备将包含相量测量数据的分组的相量测量单元（PMU）数据流的请求连接到特定的组播源组对的请求。 网络设备接收特定组播源组对的相量测量数据流。 将源组对信息与指定与相量测量数据流相关联的分组的处理规则的存储数据进行比较。 当接收到的相量测量数据流的特定组播源组对的存储数据中存在处理规则时，接收的相量测量数据流中的分组被修改。 用于特定组播源组对的相量测量数据流的分组（现在被修改）用新的组播源组对重新发送并发送到网络中。 为了支持现有的传统PMU设备，实现了IP单播到组播转换。