公开(公告)号：US20130198168A1

公开(公告)日：2013-08-01

申请号：US13563506

申请日：2012-07-31

申请人： Wei Huang ,  Anurag Singla ,  Yanlin Wang ,  Dhiraj Sharan

发明人： Wei Huang ,  Anurag Singla ,  Yanlin Wang ,  Dhiraj Sharan

IPC分类号： G06F17/30

CPC分类号： G06F16/245 ,  G06F16/24542

摘要： A data storage system includes a query manager to identify storage engines to execute a query. A first storage engine may execute a portion of the query on a row-oriented table and a second storage engine may execute a second portion of the query on a column-oriented table.

摘要翻译： 数据存储系统包括查询管理器以识别执行查询的存储引擎。 第一存储引擎可以在面向行的表上执行查询的一部分，并且第二存储引擎可以在面向列的表上执行查询的第二部分。

公开(公告)号：US09438616B2

公开(公告)日：2016-09-06

申请号：US14116128

申请日：2011-10-31

申请人： Anurag Singla ,  Robert Block ,  Dhiraj Sharan ,  Dilraba Ibrahim

发明人： Anurag Singla ,  Robert Block ,  Dhiraj Sharan ,  Dilraba Ibrahim

IPC分类号： H04L29/06 ,  H04L12/24 ,  H04L12/26

CPC分类号： H04L63/1433 ,  H04L41/0893 ,  H04L41/0896 ,  H04L43/065 ,  H04L43/16 ,  H04L43/50 ,  H04L63/0263 ,  H04L63/20

摘要： A network asset information management system (101) may include an asset determination and event prioritization module (105) to generate real-time asset information based on network activity involving an asset (102). A rules module (109) may include a set of rules for monitoring the network activity involving the asset. An information analysis module (110) may evaluate the real-time asset information and the rules to generate a notification (111) related to the asset. The rules may include rules for determining vulnerabilities and risks associated with the asset based on comparison of a level of traffic identified to or from an IP address related to the asset to a predetermined threshold. The notification may include a level of risk associated with the asset.

摘要翻译： 网络资产信息管理系统（101）可以包括资产确定和事件优先化模块（105），用于基于涉及资产的网络活动（102）生成实时资产信息。 规则模块（109）可以包括用于监视涉及资产的网络活动的一组规则。 信息分析模块（110）可以评估实时资产信息和规则以生成与资产相关的通知（111）。 基于与资产相关的IP地址识别的流量与预定阈值的比较来确定与资产相关联的漏洞和风险的规则。 通知可能包括与资产相关的风险级别。

公开(公告)号：US20140075564A1

公开(公告)日：2014-03-13

申请号：US14116128

申请日：2011-10-31

申请人： Anurag Singla ,  Robert Block ,  Dhiraj Sharan ,  Dilraba Ibrahim

发明人： Anurag Singla ,  Robert Block ,  Dhiraj Sharan ,  Dilraba Ibrahim

IPC分类号： H04L29/06

CPC分类号： H04L63/1433 ,  H04L41/0893 ,  H04L41/0896 ,  H04L43/065 ,  H04L43/16 ,  H04L43/50 ,  H04L63/0263 ,  H04L63/20

摘要： A network asset information management system (101) may include an asset determination and event prioritization module (105) to generate real-time asset information based on network activity involving an asset (102). A rules module (109) may include a set of rules for monitoring the network activity involving the asset. An information analysis module (110) may evaluate the real-time asset information and the rules to generate a notification (111) related to the asset. The rules may include rules for determining vulnerabilities and risks associated with the asset based on comparison of a level of traffic identified to or from an IP address related to the asset to a predetermined threshold. The notification may include a level of risk associated with the asset.

摘要翻译： 网络资产信息管理系统（101）可以包括资产确定和事件优先化模块（105），用于基于涉及资产的网络活动（102）生成实时资产信息。 规则模块（109）可以包括用于监视涉及资产的网络活动的一组规则。 信息分析模块（110）可以评估实时资产信息和规则以生成与资产相关的通知（111）。 基于与资产相关的IP地址识别的流量与预定阈值的比较来确定与资产相关联的漏洞和风险的规则。 通知可能包括与资产相关的风险级别。

公开(公告)号：US20120311562A1

公开(公告)日：2012-12-06

申请号：US13285903

申请日：2011-10-31

申请人： Yanlin Wang ,  Hugh Njemanze ,  Dhiraj Sharan

发明人： Yanlin Wang ,  Hugh Njemanze ,  Dhiraj Sharan

IPC分类号： G06F9/445 ,  G06F9/46

CPC分类号： H04L67/22 ,  H04L63/1416 ,  H04L67/34

摘要： A system for extending event processing in an information and event management system includes an event stream application engine. The event stream application engine manages event stream applications, which includes installing the event stream applications in the information and event management system. The installed event stream applications are available to be deployed in an event data processing run-time environment to process event data received at the information and event management system. The system includes an event process extender to the event stream applications in an event stream processing workflow. Each event stream application in the workflow is to process the event data if the event stream application determines the event data to be relevant to processing performed by the event stream application..

摘要翻译： 用于在信息和事件管理系统中扩展事件处理的系统包括事件流应用引擎。 事件流应用引擎管理事件流应用程序，其中包括将事件流应用程序安装在信息和事件管理系统中。 安装的事件流应用程序可以部署在事件数据处理运行时环境中，以处理在信息和事件管理系统接收到的事件数据。 该系统包括事件流处理工作流中的事件流应用程序的事件处理扩展器。 如果事件流应用程序确定与事件流应用执行的处理相关的事件数据，则工作流中的每个事件流应用程序是处理事件数据。

公开(公告)号：US20120311611A1

公开(公告)日：2012-12-06

申请号：US13285939

申请日：2011-10-31

申请人： Yanlin WANG ,  Dhiraj Sharan

发明人： Yanlin WANG ,  Dhiraj Sharan

IPC分类号： G06F9/46

CPC分类号： G06F9/547 ,  G06F9/541

摘要： A system for extending event processing through services includes an event process module to process event data according to event processing rules and services. A build-time system provides an interface for adding or modifying services. A service request gateway receives service requests from service consumers and receives event data from event data providers and provides the service requests to a service container module and provides the event data to the event process module. The service container modules invokes services for the service requests.

摘要翻译： 用于通过服务来扩展事件处理的系统包括事件处理模块，用于根据事件处理规则和服务处理事件数据。 构建时系统提供了一个用于添加或修改服务的界面。 服务请求网关接收来自服务使用者的服务请求并从事件数据提供者接收事件数据，并将服务请求提供给服务容器模块，并将事件数据提供给事件处理模块。 服务容器模块调用服务请求的服务。

公开(公告)号：US08661456B2

公开(公告)日：2014-02-25

申请号：US13285939

申请日：2011-10-31

申请人： Yanlin Wang ,  Dhiraj Sharan

发明人： Yanlin Wang ,  Dhiraj Sharan

IPC分类号： G06F3/00

CPC分类号： G06F9/547 ,  G06F9/541

摘要： A system for extending event processing through services includes an event process module to process event data according to event processing rules and services. A build-time system provides an interface for adding or modifying services. A service request gateway receives service requests from service consumers and receives event data from event data providers and provides the service requests to a service container module and provides the event data to the event process module. The service container modules invokes services for the service requests.

摘要翻译： 用于通过服务来扩展事件处理的系统包括事件处理模块，用于根据事件处理规则和服务处理事件数据。 构建时系统提供了一个用于添加或修改服务的界面。 服务请求网关接收来自服务使用者的服务请求并从事件数据提供者接收事件数据，并将服务请求提供给服务容器模块，并将事件数据提供给事件处理模块。 服务容器模块调用服务请求的服务。

公开(公告)号：US20230359619A1

公开(公告)日：2023-11-09

申请号：US18222998

申请日：2023-07-17

申请人： Dhiraj Sharan ,  Srot Sinha ,  Brant Watson ,  Jeremy Fisher ,  Dhiraj Sharan ,  Matt Eberhart

发明人： Dhiraj Sharan ,  Srot Sinha ,  Brant Watson ,  Jeremy Fisher ,  Dhiraj Sharan ,  Matt Eberhart

IPC分类号： G06F16/2453 ,  G06F16/2455

CPC分类号： G06F16/24532 ,  G06F16/2455

摘要： A parallel and distributed query engine for federated searching is disclosed herein. As contemplated by the present disclosure, the system may provide a single application programming interface that allows a user to access and analyze multiple enterprise data storage locations remotely and simultaneously while presenting and reporting information from the multiple sources in a single, uniform display. Such a solution may allow a user to analyze and cross-reference data stored in multiple locations by using multiple queries in real time without requiring the actual data files to be displaced or combined. The system may further implement interactive artificial intelligence assistant, natural language processing, and workflow-based operations for improved user access and functionality.

公开(公告)号：US20200175077A1

公开(公告)日：2020-06-04

申请号：US16208843

申请日：2018-12-04

申请人： Dhiraj Sharan ,  Shaswat Anand

发明人： Dhiraj Sharan ,  Shaswat Anand

IPC分类号： G06F16/9032 ,  G06F16/903 ,  G06F11/34 ,  G06F21/57 ,  G06F9/451 ,  G06Q10/06 ,  G06F16/9038

摘要： The artificial intelligence-assisted information technology data management and natural language playbook system disclosed herein is designed to support current enterprise information technology security personnel by providing a faster and easier method for finding information or anomalies in current system data and logs. Enterprise security divisions often use multiple security information and event management (SIEM) software platforms to monitor their personnel data and logs, though even the use of such platforms requires advanced knowledge and skill on behalf of the user. The current system allows security users of all skill levels to interact using natural language processing with the system and effectively investigate such data and logs. The system assists such users by interacting with these SIEM platforms on their behalf and providing the users with access to pre-programmed natural language inquiry sequences, called “playbooks,” and easily customizable output displays. The software is entirely web-based, though can be integrated into current SIEM consoles for streamlined use.

公开(公告)号：US09569471B2

公开(公告)日：2017-02-14

申请号：US14233178

申请日：2012-08-01

申请人： Dhiraj Sharan ,  Qiang Zeng ,  Sez Ming Yee

发明人： Dhiraj Sharan ,  Qiang Zeng ,  Sez Ming Yee

IPC分类号： G06F17/30 ,  H04L12/24 ,  H04L29/06

CPC分类号： G06F17/30294 ,  H04L41/022 ,  H04L41/0266 ,  H04L41/0631 ,  H04L63/1416

摘要： An asset model import connector includes an interface to receive asset data from a data source and a normalize module. The normalize module determines an operation to be performed at a system based on the received asset data and determines code to perform the determined operation. The schema may be populated with attributes from the asset data, and sent to the system.

摘要翻译： 资产模型导入连接器包括从数据源和归一化模块接收资产数据的接口。 归一化模块基于接收到的资产数据确定要在系统中执行的操作，并且确定执行确定的操作的代码。 可以使用资产数据中的属性填充模式，并将其发送到系统。

公开(公告)号：US12111830B2

公开(公告)日：2024-10-08

申请号：US18222998

申请日：2023-07-17

申请人： Dhiraj Sharan

发明人： Dhiraj Sharan

IPC分类号： G06F16/24 ,  G06F16/2453 ,  G06F16/2455

CPC分类号： G06F16/24532 ,  G06F16/2455

摘要： A parallel and distributed query engine for federated searching is disclosed herein. As contemplated by the present disclosure, the system may provide a single application programming interface that allows a user to access and analyze multiple enterprise data storage locations remotely and simultaneously while presenting and reporting information from the multiple sources in a single, uniform display. Such a solution may allow a user to analyze and cross-reference data stored in multiple locations by using multiple queries in real time without requiring the actual data files to be displaced or combined. The system may further implement interactive artificial intelligence assistant, natural language processing, and workflow-based operations for improved user access and functionality.