公开(公告)号：US20240106847A1

公开(公告)日：2024-03-28

申请号：US18214527

申请日：2023-06-27

申请人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  YIWEI WANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

发明人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  YIWEI WANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC分类号： H04L9/40

CPC分类号： H04L63/1425 ,  H04L63/1416 ,  H04L63/1433 ,  H04L63/145

摘要： In one aspect, a computerized method for detecting reconnaissance and infiltration in data lakes and cloud warehouses, comprising: monitoring a SaaS data store or a cloud-native data store from inside the data store; examining the attack and automatically identifies how far the attack has progressed in the attack lifecycle; identifying the target and scope of the attack evaluates how far the attackers have penetrated the system and what is their target; and establishing the value of the asset subject to the attackers' attack and maps the impact of the attack on the CIA (confidentiality, integrity and availability) triad.

公开(公告)号：US20240232341A1

公开(公告)日：2024-07-11

申请号：US18367894

申请日：2023-09-13

申请人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

发明人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC分类号： G06F21/55

CPC分类号： G06F21/554 ,  G06F2221/034

摘要： In one aspect, In one aspect, a computerized method for automatic grading, impact analysis and mapping to the CIA triad, comprising: identifying a value of a plurality of data stores; associating the value back to an attack scenario such that a measure of impact with respect to attack progression or susceptibility now has a pecuniary value and generating a grading score; associating the grading score mapped to Confidentiality, Integrity and Availability (CIA) Triad; associating an attack progression with the pecuniary value and priority; identifying a progression of the attack; determining a time that is available for a response before a damage occurs to a system under attack; determining a stage of the attack in an attack kill chain, wherein for every stage of the attack as the progress happens, associating the pecuniary value and an impact for such a stage; and automatically calculates an overall data threat grade of the system.

公开(公告)号：US20240028572A1

公开(公告)日：2024-01-25

申请号：US18100574

申请日：2023-01-24

申请人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH Rao ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

发明人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH Rao ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC分类号： G06F16/21 ,  G06F16/27

CPC分类号： G06F16/219 ,  G06F16/27

摘要： In one aspect, a computerized system for securing data cloning and sharing options on data warehouses, comprising: a clone determiner engine that determines that a data asset is a primary data asset or a clone data asset, wherein the clone determiner engine comprises: a log data analyzer that obtains and analyzes a set of logs of the data asset from a specified log source, and wherein set of logs are used to determine that the data asset is the primary data asset or the clone data asset, a timestamp analyzer engine that obtains a timestamp data of the data asset and reviews the timestamp data to analyze ordering of the data asset, and wherein the timestamp analyzer engine determines the data asset is a primary asset or a secondary asset, and a fingerprints analyzer that obtains and reviews the data asset and any metadata of data asset, and wherein the fingerprints analyzer creates a fingerprint based on a content of the data asset and the metadata of the data asset, and wherein the fingerprints analyzer then uses the fingerprints to determine that the data asset is the clone data asset of an already known asset in conjunction with an output of the timestamp analyzer engine and the log data analyzer.

公开(公告)号：US20230334162A1

公开(公告)日：2023-10-19

申请号：US18107513

申请日：2023-02-09

申请人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

发明人： NAVINDRA YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC分类号： G06F21/60 ,  G06F21/62

CPC分类号： G06F21/604 ,  G06F21/6218 ,  G06F2221/2113

摘要： In one aspect, a computerized method for minimizing a data governance in order to improve data security, comprising: providing and imposing a set of access rules to a set of data, wherein the set of data is stored in a data warehouse; measuring a level of over provisioning of the set of data; measuring a level of data abuse susceptibility of the set of data; implementing a dark data governance operation on the set of data; and identifying a set of infrequently used roles in the set of data.

公开(公告)号：US20240056460A1

公开(公告)日：2024-02-15

申请号：US18235349

申请日：2023-08-18

申请人： NAVINDRA Ross YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

发明人： NAVINDRA Ross YADAV ,  SUPREETH HOSUR NAGESH RAO ,  RAVI SANKURATRI ,  DANESH IRANI ,  ALOK LALIT WADHWA ,  VASIL DOCHKOV YORDANOV ,  VENKATESHU CHERUKUPALLI ,  YIWEI WANG ,  ZHIWEN ZHANG ,  UDAYAN JOSHI

IPC分类号： H04L9/40 ,  G06F21/64

CPC分类号： H04L63/1416 ,  G06F21/64 ,  H04L63/1425

摘要： In one aspect, a computerized method for detecting data abuse and data exfiltration in a data store or a data lakes cloud warehouse, comprising: identifying a plurality of Command and control (CnC) channels in an enterprise data cloud infrastructure; identifying and detecting malicious compressed data transfers and encrypted data transfers; implementing a destination analysis from within the data store; and implementing data abuse detection and prevention operations.