公开(公告)号：US20240111809A1

公开(公告)日：2024-04-04

申请号：US18525710

申请日：2023-11-30

Applicant: Palantir Technologies Inc.

Inventor： Andrew Eggleton ,  Alexandra Serenhov ,  Ankit Shankar ,  Brandon Helms ,  Brian Keohane ,  Darren Zhao ,  Elliot Colquhoun ,  Gautam Punukollu ,  Morten Kromann ,  Nikhil Seetharaman ,  Ranec Highet ,  Raj Krishnan ,  Xiao Tang ,  Sriram Krishnan ,  Simon Vahr ,  Tareq Alkhatib ,  Thomas Mathew

IPC: G06F16/901 ,  G06F21/55 ,  H04L9/40

CPC classification number: G06F16/9024 ,  G06F21/552 ,  G06F21/554 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/20

Abstract: A method, performed by one or more processors, including: receiving one or more event records; generating, using the one or more event records, an event descriptor object descriptive of one or more events occurring in a networked system, wherein the event descriptor object comprises a plurality of event properties; receiving one or more entity records; generating, using the one or more entity records, an entity descriptor object descriptive of one or more entities relevant to the security of the networked system, wherein the entity descriptor object comprises a plurality of entity properties; incorporating, into an object graph, the event descriptor object and the entity descriptor object; and associating, in the object graph, the event descriptor object with the entity descriptor object using at least one of the plurality of event properties and at least one of the plurality of entity properties.

公开(公告)号：US11783269B1

公开(公告)日：2023-10-10

申请号：US17249397

申请日：2021-03-01

Applicant: Palantir Technologies Inc.

Inventor： Ankit Shankar ,  Darren Zhao ,  Kayo Teramoto ,  Matthew Hawes ,  Thomas Mathew ,  Faith Cataltepe

IPC: G06Q10/067 ,  G06F3/0482 ,  G06F3/04847

CPC classification number: G06Q10/067 ,  G06F3/0482 ,  G06F3/04847

Abstract: A computer system may be configured to access a rule including one or more conditions, providing a user interface configured for user input of a modification to a condition of the rule, receive from a user, via the user interface, a modification to a first condition of the rule constituting a first changed condition, wherein the first changed condition is associated with a modified rule, determine an output data set, based on an input data set including a plurality of past data samples, and the first changed condition of the modified rule, and update the user interface to include a visualization indicating at least some of the output data set.

公开(公告)号：US20220150138A1

公开(公告)日：2022-05-12

申请号：US17455127

申请日：2021-11-16

Applicant: Palantir Technologies Inc.

Inventor： Arjun Mathur ,  Andrew Ash ,  Anuraag Bahl ,  Andy Chen ,  Aydin Keskin ,  Christopher Rogers ,  Anshuman Prasad ,  Ankit Shankar ,  Casey Patton ,  Christopher Wynnyk ,  Joanna Peller ,  Jonathan Victor ,  Mackenzie Bohannon ,  Mitchell Skiles ,  Nikhil Taneja ,  Ryan Norris ,  Scott Adams ,  Samuel Sinensky ,  Sri Krishna Vempati ,  Thomas Mathew ,  Vinoo Ganesh ,  Rahij Ramsharan

IPC: H04L41/5022 ,  H04L41/0631 ,  H04L41/5067 ,  H04L41/5074

Abstract: A system for troubleshooting network problems is disclosed. A model can use demographic information, network usage information, and network membership information to determine an importance of a problem. The importance of the problem for the user who reported the problem, a number of other users affected by the problem, and the importance of the problem to the other users can be used to determine a priority for resolving the problem. Before and after a work order is executed to resolve the problem, network metrics can be gathered, including aggregate network metrics, and automatically presented in various user interfaces. The analysis of the metrics can be used to update a database of which work orders are assigned in response to which problems.

公开(公告)号：US20200336394A1

公开(公告)日：2020-10-22

申请号：US16895621

申请日：2020-06-08

Applicant: Palantir Technologies Inc.

Inventor： Arjun Mathur ,  Andrew Ash ,  Anuraag Bahl ,  Andy Chen ,  Aydin Keskin ,  Christopher Rogers ,  Anshuman Prasad ,  Ankit Shankar ,  Casey Patton ,  Christopher Wynnyk ,  Joanna Peller ,  Jonathan Victor ,  Mackenzie Bohannon ,  Mitchell Skiles ,  Nikhil Taneja ,  Ryan Norris ,  Scott Adams ,  Samuel Sinensky ,  Sri Krishna Vempati ,  Thomas Mathew ,  Vinoo Ganesh ,  Rahij Ramsharan

IPC: H04L12/24 ,  G06K9/62

Abstract: A system for troubleshooting network problems is disclosed. A model can use demographic information, network usage information, and network membership information to determine an importance of a problem. The importance of the problem for the user who reported the problem, a number of other users affected by the problem, and the importance of the problem to the other users can be used to determine a priority for resolving the problem. Before and after a work order is executed to resolve the problem, network metrics can be gathered, including aggregate network metrics, and automatically presented in various user interfaces. The analysis of the metrics can be used to update a database of which work orders are assigned in response to which problems.

公开(公告)号：US20240311471A1

公开(公告)日：2024-09-19

申请号：US18672230

申请日：2024-05-23

Applicant: Palantir Technologies Inc.

Inventor： Elliot Colquhoun ,  Andrew Eggleton ,  Alexandra Serenhov ,  Ankit Shankar ,  Brian Keohane ,  Corinne Petroschke ,  Darren Zhao ,  Ionut Octavian Iordache ,  Xiao Tang ,  Simon Vahr ,  Tareq Alkhatib ,  Athanasios Kontonasios ,  Thomas Mathew ,  Rushad Heerjee

IPC: G06F21/55 ,  G06F21/53 ,  G06F21/56 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F21/53 ,  G06F21/566 ,  G06F21/57 ,  G06F2221/2149

Abstract: A method, performed by one or more processors, includes: receiving an indication of a desired modification to a cybersecurity event detector that is being contemporaneously used for the detection of potential cybersecurity events in a production environment; modifying, in a sandbox environment, the cybersecurity event detector based on the indication of the desired modification to the cybersecurity event detector; and for each system event in a set of system events, determining, in the sandbox environment, whether the respective system event is indicative of a potential cybersecurity event using the modified cybersecurity event detector. Related apparatus are also disclosed.

公开(公告)号：US20230394083A1

公开(公告)日：2023-12-07

申请号：US16660217

申请日：2019-10-22

Applicant: Palantir Technologies Inc.

Inventor： Andrew Eggleton ,  Alexandra Serenhov ,  Ankit Shankar ,  Brandon Helms ,  Brian Keohane ,  Darren Zhao ,  Elliot Colquhoun ,  Gautam Punukollu ,  Morten Kromann ,  Nikhil Seetharaman ,  Ranec Highet ,  Raj Krishnan ,  Xiao Tang ,  Sriram Krishnan ,  Simon Vahr ,  Tareq Alkhatib ,  Thomas Mathew

IPC: H04L9/40

CPC classification number: H04L63/205 ,  H04L63/1425 ,  H04L63/1416 ,  H04L63/145

Abstract: A method, performed by one or more processors, including: receiving one or more event records; generating, using the one or more event records, an event descriptor object descriptive of one or more events occurring in a networked system, wherein the event descriptor object comprises a plurality of event properties; receiving one or more entity records; generating, using the one or more entity records, an entity descriptor object descriptive of one or more entities relevant to the security of the networked system, wherein the entity descriptor object comprises a plurality of entity properties; incorporating, into an object graph, the event descriptor object and the entity descriptor object; and associating, in the object graph, the event descriptor object with the entity descriptor object using at least one of the plurality of event properties and at least one of the plurality of entity properties.

公开(公告)号：US11379525B1

公开(公告)日：2022-07-05

申请号：US15963038

申请日：2018-04-25

Applicant: PALANTIR TECHNOLOGIES INC.

Inventor： Daniel Deutsch ,  Kyle Solan ,  Thomas Mathew ,  Vasil Vasilev

IPC: G06F16/901 ,  G06F16/27 ,  G06F16/23

Abstract: Techniques for automatically scheduling builds of derived datasets in a distributed database system that supports pipelined data transformations are described herein. In an embodiment, a data processing method comprises obtaining a definition of at least one derived dataset of a data pipeline, and in response to the obtaining: creating and storing a dependency graph in memory, the dependency graph representing the at least one derived dataset and one or more raw datasets or intermediate derived datasets on which the at least one derived dataset depends; detecting a first update to a first dataset from among the one or more raw datasets or intermediate derived datasets on which the at least one derived dataset depends, and in response to the first update: based on the dependency graph, initiating a first build of a first intermediate derived dataset that depends on the first dataset; initiating a second build that uses the first intermediate derived dataset and that is next in order in the data pipeline according to the dependency graph; asynchronously detecting a second update to a second dataset from among the one or more raw datasets or intermediate derived datasets on which the at least one derived dataset depends, and in response to the second update: based on the dependency graph, initiating a third build of a second intermediate derived dataset that depends on the second dataset; wherein the method is performed using one or more processors.

公开(公告)号：US11206196B2

公开(公告)日：2021-12-21

申请号：US16895621

申请日：2020-06-08

Applicant: Palantir Technologies Inc.

Inventor： Arjun Mathur ,  Andrew Ash ,  Anuraag Bahl ,  Andy Chen ,  Aydin Keskin ,  Christopher Rogers ,  Anshuman Prasad ,  Ankit Shankar ,  Casey Patton ,  Christopher Wynnyk ,  Joanna Peller ,  Jonathan Victor ,  Mackenzie Bohannon ,  Mitchell Skiles ,  Nikhil Taneja ,  Ryan Norris ,  Scott Adams ,  Samuel Sinensky ,  Sri Krishna Vempati ,  Thomas Mathew ,  Vinoo Ganesh ,  Rahij Ramsharan

IPC: G06F15/173 ,  H04L12/24 ,  G06K9/62 ,  G06F15/16

Abstract: A system for troubleshooting network problems is disclosed. A model can use demographic information, network usage information, and network membership information to determine an importance of a problem. The importance of the problem for the user who reported the problem, a number of other users affected by the problem, and the importance of the problem to the other users can be used to determine a priority for resolving the problem. Before and after a work order is executed to resolve the problem, network metrics can be gathered, including aggregate network metrics, and automatically presented in various user interfaces. The analysis of the metrics can be used to update a database of which work orders are assigned in response to which problems.

公开(公告)号：US11874872B2

公开(公告)日：2024-01-16

申请号：US16660217

申请日：2019-10-22

Applicant: Palantir Technologies Inc.

Inventor： Andrew Eggleton ,  Alexandra Serenhov ,  Ankit Shankar ,  Brandon Helms ,  Brian Keohane ,  Darren Zhao ,  Elliot Colquhoun ,  Gautam Punukollu ,  Morten Kromann ,  Nikhil Seetharaman ,  Ranec Highet ,  Raj Krishnan ,  Xiao Tang ,  Sriram Krishnan ,  Simon Vahr ,  Tareq Alkhatib ,  Thomas Mathew

IPC: G06F21/00 ,  G06F16/901 ,  H04L9/40 ,  G06F21/55

CPC classification number: G06F16/9024 ,  G06F21/552 ,  G06F21/554 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/20

Abstract: A method, performed by one or more processors, including: receiving one or more event records; generating, using the one or more event records, an event descriptor object descriptive of one or more events occurring in a networked system, wherein the event descriptor object comprises a plurality of event properties; receiving one or more entity records; generating, using the one or more entity records, an entity descriptor object descriptive of one or more entities relevant to the security of the networked system, wherein the entity descriptor object comprises a plurality of entity properties; incorporating, into an object graph, the event descriptor object and the entity descriptor object; and associating, in the object graph, the event descriptor object with the entity descriptor object using at least one of the plurality of event properties and at least one of the plurality of entity properties.

公开(公告)号：US12229189B2

公开(公告)日：2025-02-18

申请号：US17826099

申请日：2022-05-26

Applicant: Palantir Technologies Inc.

Inventor： Daniel Deutsch ,  Kyle Solan ,  Thomas Mathew ,  Vasil Vasilev

IPC: G06F16/901 ,  G06F16/23 ,  G06F16/27

Abstract: A data processing method comprises creating and storing a dependency graph representing at least one derived dataset and one or more raw datasets or intermediate derived datasets on which the at least one derived dataset depends; reading configuration data specifying one or more periods for one or more datasets in the dependency graph; detecting a first update to a first dataset; initiating a first build of a first intermediate derived dataset only when a then-current time is within a first period of the one or more periods or a previous build of the first intermediate derived dataset occurred earlier than a then-current time less a second period of the one or more periods; asynchronously detecting a second update to a second dataset; initiating, in response to the second update, a second build of a second intermediate derived dataset that depends on the second dataset.