公开(公告)号：US12192218B2

公开(公告)日：2025-01-07

申请号：US18360713

申请日：2023-07-27

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L9/40 ,  H04L61/5007 ,  G06F21/55

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US11769096B2

公开(公告)日：2023-09-26

申请号：US17568684

申请日：2022-01-04

Applicant: Palantir Technologies Inc.

Inventor： Alexander Maass ,  Ben Regev ,  Duncan Hoffman ,  Eugene Mak ,  Elise Norman ,  Elizabeth Patitucci ,  Yevhen Shevchuk ,  Harkirat Singh ,  Joshua Aschheim ,  Juan Jimenez Puig ,  Jorien Van Den Bergh ,  Kai Kamberger ,  Maciej Biskupiak ,  Marissa Miracolo ,  Matthew Julius Wilson ,  Nicolas Prettejohn ,  Patrick Walter ,  Rootul Patel ,  Stephen Heitkamp ,  Richard Deitch

IPC: G06Q10/0635 ,  G06Q20/10

CPC classification number: G06Q10/0635 ,  G06Q20/10

Abstract: A customer risk trigger associated with a customer may be identified. A response to the customer risk trigger may be detected. First risk analysis data related to the customer risk trigger may be gathered, based on the response, from a first datastore. Second risk analysis data related to the customer risk trigger may be gathered, based on the response, from a second datastore. A customer risk profile to model risk attribute(s) of the customer may be gathered. The risk attributes may represent a risk correlation between the customer and a prohibited act. Customer risk visualization tool(s) configured to facilitate visual user interaction with the customer risk profile may be gathered. The customer risk visualization tools may be rendered in a display of the computing system. The customer risk visualization tools provide a customer-centric view of risk for various applications, including anti-money laundering applications.

公开(公告)号：US11757905B2

公开(公告)日：2023-09-12

申请号：US17526953

申请日：2021-11-15

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L9/40 ,  H04L61/5007 ,  G06F21/55

CPC classification number: H04L63/1416 ,  H04L61/5007 ,  H04L63/029 ,  H04L63/0272 ,  H04L63/145 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/20 ,  G06F21/556

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US20200220884A1

公开(公告)日：2020-07-09

申请号：US16822646

申请日：2020-03-18

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L29/06 ,  H04L29/12

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US10609046B2

公开(公告)日：2020-03-31

申请号：US15891873

申请日：2018-02-08

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: G06F12/14 ,  H04L29/06 ,  H04L29/12 ,  G06F21/55

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US10133782B2

公开(公告)日：2018-11-20

申请号：US15225437

申请日：2016-08-01

Applicant: Palantir Technologies Inc.

Inventor： Huw Pryce ,  James Neale ,  Robert Fink ,  Jared Newman ,  Graham Dennis ,  Viktor Nordling ,  Artur Jonkisz ,  Daniel Fox ,  Felix de Souza ,  Harkirat Singh ,  Mark Elliot

IPC: G06F17/30

Abstract: Computer-implemented techniques for data extraction are described. The techniques include a method and system for retrieving an extraction job specification, wherein the extraction job specification comprises a source repository identifier that identifies a source repository comprising a plurality of data records; a data recipient identifier that identifies a data recipient; and a schedule that indicates a timing of when to retrieve the plurality of data records. The method and system further include retrieving the plurality of data records from the source repository based on the schedule, creating an extraction transaction from the plurality of data records, wherein the extraction transaction comprises a subset of the plurality of data records and metadata, and sending the extraction transaction to the data recipient.

公开(公告)号：US09930055B2

公开(公告)日：2018-03-27

申请号：US15228297

申请日：2016-08-04

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L29/06 ,  H04L29/12 ,  G06F21/55

CPC classification number: H04L63/1416 ,  G06F21/556 ,  H04L61/2007 ,  H04L63/0272 ,  H04L63/1425 ,  H04L63/1441

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US20150235334A1

公开(公告)日：2015-08-20

申请号：US14518757

申请日：2014-10-20

Applicant: Palantir Technologies Inc.

Inventor： Lekan Wang ,  Melody Hildebrandt ,  Tayler Cox ,  Chris Burchhardt ,  Casey Ketterling ,  Ajay Sudan ,  Bob McGrew ,  Jacob Albertson ,  Harkirat Singh ,  Shyam Sankar ,  Rick Ducott ,  Peter Maag ,  Marissa Kimball

IPC: G06Q50/22 ,  G06Q30/00

CPC classification number: G06Q50/22 ,  G06F21/50 ,  G06Q10/10 ,  G06Q30/018 ,  G06Q40/08

Abstract: Systems and techniques for sharing healthcare fraud data are described herein. Healthcare fraud detection schemes and/or fraud data may be automatically shared, investigated, enabled, and/or used by entities. A healthcare fraud detection scheme may be enabled on different entities comprising different computing systems to combat similar healthcare fraud threats, instances, and/or attacks. Healthcare fraud detection schemes and/or fraud data may be modified to redact sensitive information and/or configured through access controls for sharing.

Abstract translation: 本文描述了用于共享医疗欺诈数据的系统和技术。 医疗欺诈检测方案和/或欺诈数据可以被实体自动共享，调查，启用和/或使用。 可以在包括不同计算系统的不同实体上实现医疗欺诈检测方案，以对抗类似的医疗欺诈威胁，实例和/或攻击。 可以修改医疗保健欺诈检测方案和/或欺诈数据以修正敏感信息和/或通过用于共享的访问控制来配置。

公开(公告)号：US20230370483A1

公开(公告)日：2023-11-16

申请号：US18360713

申请日：2023-07-27

Applicant: Palantir Technologies Inc.

Inventor： Juan Ricafort ,  Harkirat Singh ,  Philip Martin

IPC: H04L9/40 ,  H04L61/5007 ,  G06F21/55

CPC classification number: H04L63/1416 ,  H04L61/5007 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/20 ,  G06F21/556

Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.

公开(公告)号：US11216762B1

公开(公告)日：2022-01-04

申请号：US15684507

申请日：2017-08-23

Applicant: Palantir Technologies Inc.

Inventor： Alexander Maass ,  Ben Regev ,  Duncan Hoffman ,  Eugene Mak ,  Elise Norman ,  Elizabeth Patitucci ,  Yevhen Shevchuk ,  Harkirat Singh ,  Joshua Aschheim ,  Juan Jimenez Puig ,  Jorien Van Den Bergh ,  Kai Kamberger ,  Maciej Biskupiak ,  Marissa Miracolo ,  Matthew Julius Wilson ,  Nicolas Prettejohn ,  Patrick Walter ,  Rootul Patel ,  Stephen Heitkamp ,  Richard Deitch

IPC: G06Q10/06 ,  G06Q20/10

Abstract: A customer risk trigger associated with a customer may be identified. A response to the customer risk trigger may be detected. First risk analysis data related to the customer risk trigger may be gathered, based on the response, from a first datastore. Second risk analysis data related to the customer risk trigger may be gathered, based on the response, from a second datastore. A customer risk profile to model risk attribute(s) of the customer may be gathered. The risk attributes may represent a risk correlation between the customer and a prohibited act. Customer risk visualization tool(s) configured to facilitate visual user interaction with the customer risk profile may be gathered. The customer risk visualization tools may be rendered in a display of the computing system. The customer risk visualization tools provide a customer-centric view of risk for various applications, including anti-money laundering applications.