Patent search ap:("Splunk Inc.") AND inv:"Brad Lovering" Page 1

1.

发明申请
COMPUTER-IMPLEMENTED SYSTEM AND METHOD FOR CREATING AN ENVIRONMENT FOR DETECTING MALICIOUS CONTENT 审中-公开

公开(公告)号：US20200344254A1

公开(公告)日：2020-10-29

申请号：US16872077

申请日：2020-05-11

Applicant: Splunk Inc.

Inventor： Kurt Kokko , Damien Lindauer , Brad Lovering , Lynn Kasel

IPC: H04L29/06 , G06F21/54 , G06F21/53

Abstract: Techniques and mechanisms are disclosed for creating an environment for detecting malicious network traffic. A test computer network including a plurality of cloned nodes is created. The plurality of cloned nodes in the test computer network corresponds to at least some of a plurality of target nodes of a host computer network, and the test computer network has no network connectivity to the host computer network. Sensors in both the host computer network and the test computer network generate network flow records that are sent to a detection processing pipeline. The detection processing pipeline merges the records received from the sensors and uses the merged records to train at least one model used to identify instances of malicious network traffic.

2.

发明授权
Authenticating a user to access a data intake and query system 有权

公开(公告)号：US11327992B1

公开(公告)日：2022-05-10

申请号：US16512899

申请日：2019-07-16

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis , Clifton Gordon , Brad Lovering , Christopher Madden Pride

IPC: G06F16/00 , G06F16/25 , H04L29/06 , G06F16/903 , H04L67/60 , G06F16/901 , G06F9/50 , G06F16/908

Abstract: Systems and methods are disclosed for authenticating a user to use one or more components of a data intake and query system. The data intake and query system enables the generation or searching of events that include raw machine data associated with a timestamp. The data intake and query system receives a request for access via an application programming interface (API). Based on the request, the data intake and query system authenticates the user. The data intake and query system can receive a second request via the API for a component of the data intake and query system. Based on a determination that the user is authenticated, the data intake and query system can communicate the request to the component.

3.

发明申请
COMPUTER-IMPLEMENTED SYSTEM AND METHOD FOR CREATING AN ENVIRONMENT FOR DETECTING MALICIOUS CONTENT 审中-公开

公开(公告)号：US20180219896A1

公开(公告)日：2018-08-02

申请号：US15885709

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Kurt Kokko , Damien Lindauer , Brad Lovering , Lynn Kasel

IPC: H04L29/06 , G06F21/53 , G06F21/54

CPC classification number: H04L63/1425 , G06F21/53 , G06F21/54 , G06N20/00 , H04L63/1433

Abstract: Techniques and mechanisms are disclosed for creating an environment for detecting malicious network traffic. A test computer network including a plurality of cloned nodes is created. The plurality of cloned nodes in the test computer network corresponds to at least some of a plurality of target nodes of a host computer network, and the test computer network has no network connectivity to the host computer network. Sensors in both the host computer network and the test computer network generate network flow records that are sent to a detection processing pipeline. The detection processing pipeline merges the records received from the sensors and uses the merged records to train at least one model used to identify instances of malicious network traffic.

4.

发明授权
Generating malicious network traffic detection models using cloned network environments 有权

公开(公告)号：US11588841B2

公开(公告)日：2023-02-21

申请号：US16872077

申请日：2020-05-11

Applicant: Splunk Inc.

Inventor： Kurt Kokko , Damien Lindauer , Brad Lovering , Lynn Kasel

IPC: G06F21/00 , H04L9/40 , G06F21/54 , G06F21/53 , G06N20/00

Abstract: Techniques and mechanisms are disclosed for creating an environment for detecting malicious network traffic. A test computer network including a plurality of cloned nodes is created. The plurality of cloned nodes in the test computer network corresponds to at least some of a plurality of target nodes of a host computer network, and the test computer network has no network connectivity to the host computer network. Sensors in both the host computer network and the test computer network generate network flow records that are sent to a detection processing pipeline. The detection processing pipeline merges the records received from the sensors and uses the merged records to train at least one model used to identify instances of malicious network traffic.

5.

发明授权
Computer-implemented system and method for creating an environment for detecting malicious content 有权

公开(公告)号：US10652261B2

公开(公告)日：2020-05-12

申请号：US15885709

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Kurt Kokko , Damien Lindauer , Brad Lovering , Lynn Kasel

IPC: H04L29/00 , H04L29/06 , G06F21/54 , G06F21/53 , G06N20/00

Abstract: Techniques and mechanisms are disclosed for creating an environment for detecting malicious network traffic. A test computer network including a plurality of cloned nodes is created. The plurality of cloned nodes in the test computer network corresponds to at least some of a plurality of target nodes of a host computer network, and the test computer network has no network connectivity to the host computer network. Sensors in both the host computer network and the test computer network generate network flow records that are sent to a detection processing pipeline. The detection processing pipeline merges the records received from the sensors and uses the merged records to train at least one model used to identify instances of malicious network traffic.

Patent Agency Ranking