公开(公告)号：US20250139250A1

公开(公告)日：2025-05-01

申请号：US18429564

申请日：2024-02-01

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Manisha Manjunath ,  Suhas Shivanna ,  Anusha Yerranagula ,  Supriya Kamthania

IPC: G06F21/57

Abstract: A process includes determining, by a recommendation engine, a security risk profile for a container environment. The container environment includes a plurality of pods that are to be deployed on an infrastructure that includes a plurality of nodes. Determining the security risk profile includes determining an infrastructure context characterizing the infrastructure and determining a workload context characterizing a workload associated with the container environment. The process includes determining, by the recommendation engine, a recommendation of a security policy for the container environment based on the security risk profile. The security policy includes a security control. The process includes deploying an agent to the infrastructure to manage compliance of the container environment with the security control.

公开(公告)号：US11455396B2

公开(公告)日：2022-09-27

申请号：US15593546

申请日：2017-05-12

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Suhas Shivanna ,  Shiva R. Dasari

IPC: G06F9/00 ,  G06F15/177 ,  G06F21/57 ,  G06F9/4401 ,  H04L9/32 ,  H04L9/08 ,  G06F8/61

Abstract: Examples disclosed herein relate to performing an action based on a pre-boot measurement of a firmware image. In an example, at a firmware component in a system, a measurement of a firmware image may be determined prior to booting of the system, beginning from a hardware root of trust boot block, by a Trusted Platform Module (TPM) emulator engine that emulates a hardware-based TPM. A pre-determined measurement of the firmware image may be retrieved from a storage location within the system. The measurement of the firmware image may be compared with the pre-determined measurement of the firmware image prior to booting of the system. In response to a determination that the measurement of the firmware image is different from the pre-determined measurement of the firmware image, performing an action.

公开(公告)号：US20210336992A1

公开(公告)日：2021-10-28

申请号：US16860262

申请日：2020-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Suhas Shivanna ,  Sridhar Bandi ,  Yelaka Surya Prakash ,  Shiva R. Dasari

IPC: H04L29/06

Abstract: In some examples, a system receives input information relating to a security level for an information technology (IT) stack comprising a plurality of layers including a hardware layer and a software layer, where the input information is technology and product agnostic. The system discovers components of the plurality of layers of the IT stack, accesses a knowledge base that maps the security level and the discovered components to configuration instructions relating to security controls, and configures the IT stack with the security controls using the configuration instructions.

公开(公告)号：US10956575B2

公开(公告)日：2021-03-23

申请号：US15817638

申请日：2017-11-20

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： John Scott Harsany ,  Suhas Shivanna ,  Luis E Luciani, Jr.

IPC: H04L9/00 ,  G06F21/57 ,  G06F21/56 ,  H04L29/06 ,  G06F21/60

Abstract: Examples disclosed herein relate to determining malware using firmware of a computing device. Firmware can be used to determine that an indication is present that malware is present on the computing device. The firmware can be executed to perform a security action in response to the indication that malware is present on the computing device.

公开(公告)号：US10430202B2

公开(公告)日：2019-10-01

申请号：US15526459

申请日：2014-11-13

Applicant: Hewlett Packard Enterprise Development LP ,  Suhas Shivanna ,  Srinivasan Varadarajan Sahasranamam ,  Nagaraj S Salotagi

Inventor： Suhas Shivanna ,  Srinivasan Varadarajan Sahasranamam ,  Nagaraj S Salotagi

IPC: G06F9/4401 ,  G06F11/00 ,  G06F3/06 ,  G06F15/177 ,  G06F11/07 ,  G06F11/22 ,  G06F11/14 ,  G06F1/26 ,  G06F1/3296

Abstract: Techniques for detecting an early boot error are provided. In one aspect, a host processor may transition to a first phase of an early boot process. The early boot process may occur before the host processor initializes a primary link between the host processor and a management controller. The host processor may then update a dual purpose boot register to store an early boot phase identifier corresponding to the first phase and an early boot status identifier corresponding to the first phase.

公开(公告)号：US10360370B2

公开(公告)日：2019-07-23

申请号：US15592528

申请日：2017-05-11

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Suhas Shivanna ,  Srinivasa Ragavan Rajagopalan ,  Nagaraj S Salotagi

IPC: G06F9/32 ,  G06F21/44 ,  G06F21/57 ,  H04L9/32 ,  G06F9/4401 ,  G06F21/62 ,  G06F21/85

Abstract: Examples include an authenticated access to manageability hardware components in a computing device. Some examples enumerate manageability hardware components connected to an operative system kernel of the computing device, the manageability hardware components comprising a bus configuration space and the bus configuration space comprising memory map registers. Some examples include encoding an address stored in the memory map registers of each of the manageability hardware components to produce encoded address to control unauthorized accesses and locks the bus configuration space of each manageability hardware component by setting a read-only attribute to the bus configuration space. Some examples reprogram, in response to a request for access of an authenticated OS component to a manageability hardware component, the memory map register of the requested manageability hardware component with an accessible address to provide the authenticated OS component with access to the manageability hardware component.

公开(公告)号：US20180212951A1

公开(公告)日：2018-07-26

申请号：US15744515

申请日：2015-09-04

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Alan Goodrum ,  Suhas Shivanna ,  David Koenen ,  Patrick Schoeller

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0823 ,  H04L63/0428 ,  H04L63/083 ,  H04L67/141

Abstract: An example device includes a processor coupled to a network and a memory coupled to the processor. The memory includes computer code for causing the processor to establish a secure connection between a manageability application and an interconnect device, the interconnect device being in communication with a newly connected networked device; and securely communicate, from the manageability application to the interconnect device, temporary login information for the networked device.

公开(公告)号：US11803646B2

公开(公告)日：2023-10-31

申请号：US17237381

申请日：2021-04-22

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Suhas Shivanna

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: Aspects of vulnerability scanning are disclosed. In one example, configuration and context information of a first device for which vulnerability scanning is to be performed is obtained. The configuration information includes telemetry data of the first device. A second device is provisioned based on the configuration information to create a cloned first device. The vulnerability scanning is performed on the cloned first device based on the context information to obtain a scan report.

公开(公告)号：US11601473B2

公开(公告)日：2023-03-07

申请号：US16860262

申请日：2020-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Suhas Shivanna ,  Sridhar Bandi ,  Yelaka Surya Prakash ,  Shiva R. Dasari

IPC: H04L9/40

Abstract: In some examples, a system receives input information relating to a security level for an information technology (IT) stack comprising a plurality of layers including a hardware layer and a software layer, where the input information is technology and product agnostic. The system discovers components of the plurality of layers of the IT stack, accesses a knowledge base that maps the security level and the discovered components to configuration instructions relating to security controls, and configures the IT stack with the security controls using the configuration instructions.

公开(公告)号：US20210248047A1

公开(公告)日：2021-08-12

申请号：US16786853

申请日：2020-02-10

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Smitha Jayaram ,  Manoj Thankappan Varadamma ,  SRINIVAS KRISHNAPPA SHAPUR ,  Nagaraju K N ,  Vijay Ballal ,  Suhas Shivanna

IPC: G06F11/20 ,  G06F9/455

Abstract: Example implementations relate to application-specific policies for failing over from an edge site to a cloud. When an application becomes operational within an edge site, a discovery phase is performed by a local disaster recovery (DR) agent. I/O associated with a workload of the application is monitored. An I/O rate for data replication that satisfies latency characteristics of the application is predicted based on the incoming I/O. Based on results of tests against multiple clouds indicative of their respective RTO/RPO values, information regarding a selected cloud to serve as a secondary system is stored in an application-specific policy. The application-specific policy is transferred to a remote DR agent running in the selected cloud. Responsive to a failover event, infrastructure within a virtualized environment of the selected cloud is enabled to support a failover workload for the application based on the application-specific policy.