公开(公告)号：US09710644B2

公开(公告)日：2017-07-18

申请号：US14615202

申请日：2015-02-05

Applicant: ServiceNow, Inc.

Inventor： Richard Reybok ,  Andreas Seip Haugsnes ,  Kurt Joseph Zettel, II ,  Jeffrey Rhines ,  Henry Geddes ,  Volodymyr Osypov ,  Scott Lewis ,  Sean Brady ,  Mark Manning

IPC: G06F3/00 ,  G06F21/55 ,  H04L29/06

CPC classification number: G06F21/552 ,  H04L63/145

Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.

公开(公告)号：US20190268354A1

公开(公告)日：2019-08-29

申请号：US15906771

申请日：2018-02-27

Applicant: ServiceNow, Inc.

Inventor： Kurt Joseph Zettel, II ,  Scott Alan Lewis ,  James Erbes ,  Richard Reybok ,  Harold Byun ,  Ryan Currier ,  Michel Abou Samah ,  Sachin Nayak ,  Patrice Tollenaere ,  Zhe Wang

IPC: H04L29/06 ,  G06F3/0482

Abstract: Providing are incident response techniques useful for personas with a variety of experience levels are described. The incident response techniques include a graphical user interface (GUI) for providing a variety of different views for different personas. The graphical user interface may provide a landing page for providing a queue of risk-score prioritized incidents, an incident playbook for providing default or customizable instructions for resolving a particular incident to lesser-experienced personas, an explore container for facilitating efficient navigation of data associated with a particular incident by more-experienced personas, and an activity stream container for providing an overview of activities that have been performed with regard to a particular incident to more-experienced or supervising personas. The explore container may also be integrated with tools for performing actions with the data without leaving the graphical user interface.

公开(公告)号：US20190104156A1

公开(公告)日：2019-04-04

申请号：US15815129

申请日：2017-11-16

Applicant: ServiceNow, Inc.

Inventor： David Barkovic ,  Cresta Kirkwood ,  Lal Narayanasamy ,  Anushree Randad ,  Clifford Huntington ,  Richard Reybok ,  Harold Byun

IPC: H04L29/06 ,  H04L12/24 ,  G06Q10/06 ,  G06F3/0481 ,  H04L12/26

Abstract: Systems and methods for configuration vulnerability checking and remediation are provided. The systems provided herein map vulnerability data with compliance data, such that automated compliance indication may be facilitated.

公开(公告)号：US11704405B2

公开(公告)日：2023-07-18

申请号：US17457152

申请日：2021-12-01

Applicant: ServiceNow, Inc.

Inventor： Richard Reybok ,  Andreas Seip Haugsnes ,  Kurt Joseph Zettel, II ,  Jeffrey Rhines ,  Henry Geddes ,  Volodymyr Osypov ,  Scott Lewis ,  Sean Brady ,  Mark Manning

IPC: G06F21/55 ,  H04L9/40

CPC classification number: G06F21/552 ,  H04L63/145

Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.

公开(公告)号：US20220083653A1

公开(公告)日：2022-03-17

申请号：US17457152

申请日：2021-12-01

Applicant: ServiceNow, Inc.

Inventor： Richard Reybok ,  Andreas Seip Haugsnes ,  Kurt Joseph Zettel, III ,  Jeffrey Rhines ,  Henry Geddes ,  Volodymyr Osypov ,  Scott Lewis ,  Sean Brady ,  Mark Manning

IPC: G06F21/55 ,  H04L29/06

Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.

公开(公告)号：US10706226B2

公开(公告)日：2020-07-07

申请号：US15588161

申请日：2017-05-05

Applicant: ServiceNow, Inc.

Inventor： Harold Byun ,  Richard Reybok ,  David Barkovic ,  Vivian Gopico Tero

IPC: G06F40/174 ,  H04L29/08 ,  G06F9/451 ,  G06F9/445

Abstract: An embodiment may involve transmitting, to a first client device, a representation of a first graphical user interface. The first graphical user interface may define fillable web-based forms. The embodiment may involve receiving, from the first client device, a first submission of the fillable web-based forms. The embodiment may involve transmitting, to a second client device, a representation of a second graphical user interface. The second graphical user interface may allow the second client device to fill out the fillable web-based forms. The embodiment may further involve receiving, from the second client device, a second submission of the fillable web-based forms. The embodiment may further involve determining numerical scores associated with each of the fillable web-based forms. The embodiment may also involve transmitting a representation of a third graphical user interface. The third graphical user interface may show the fillable web-based forms and their respective numerical scores.

公开(公告)号：US20170316203A1

公开(公告)日：2017-11-02

申请号：US15651924

申请日：2017-07-17

Applicant: ServiceNow, Inc.

Inventor： Richard Reybok ,  Andreis Seip Haugsnes ,  Kurt Joseph Zettel, II ,  Jeffrey Rhines ,  Henry Geddes ,  Volodymyr Osypov ,  Scott Lewis ,  Sean Brady ,  Mark Manning

IPC: G06F21/55 ,  H04L29/06

CPC classification number: G06F21/552 ,  H04L63/145

Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.

公开(公告)号：US11443104B2

公开(公告)日：2022-09-13

申请号：US16921217

申请日：2020-07-06

Applicant: ServiceNow, Inc.

Inventor： Harold Byun ,  Richard Reybok ,  David Barkovic ,  Vivian Gopico Tero

IPC: G06F40/174 ,  H04L67/02 ,  G06F9/451 ,  G06F9/445

Abstract: An embodiment may involve transmitting, to a first client device, a representation of a first graphical user interface. The first graphical user interface may define fillable web-based forms. The embodiment may involve receiving, from the first client device, a first submission of the fillable web-based forms. The embodiment may involve transmitting, to a second client device, a representation of a second graphical user interface. The second graphical user interface may allow the second client device to fill out the fillable web-based forms. The embodiment may further involve receiving, from the second client device, a second submission of the fillable web-based forms. The embodiment may further involve determining numerical scores associated with each of the fillable web-based forms. The embodiment may also involve transmitting a representation of a third graphical user interface. The third graphical user interface may show the fillable web-based forms and their respective numerical scores.

公开(公告)号：US20210051067A1

公开(公告)日：2021-02-18

申请号：US17087196

申请日：2020-11-02

Applicant: ServiceNow, Inc.

Inventor： David Barkovic ,  Cresta Kirkwood ,  Lal Narayanasamy ,  Anushree Randad ,  Clifford Huntington ,  Richard Reybok ,  Harold Byun

IPC: H04L12/24 ,  G06F9/50 ,  G06F9/48 ,  G06F9/46 ,  H04L29/08 ,  H04L29/06 ,  G06F11/14 ,  G06F40/18 ,  G06F40/186 ,  G06F16/951 ,  G06F9/54 ,  G06F9/451 ,  G06F16/27 ,  G06F16/2457 ,  G06F16/242 ,  G06F16/248 ,  G06F11/30 ,  G06F11/34 ,  G06F3/0486 ,  G06Q10/06 ,  G06Q30/06 ,  H04L12/26 ,  G06F3/0484 ,  G06Q30/00 ,  G06Q50/18 ,  G06F16/904 ,  G06F3/0482 ,  G06Q40/00 ,  G06F16/30 ,  G06F3/0481

Abstract: Systems and methods for configuration vulnerability checking and remediation are provided. The systems provided herein identify risk based upon service indications of a particular configuration, such that automated risk analysis may be facilitated.

公开(公告)号：US10862905B2

公开(公告)日：2020-12-08

申请号：US15906771

申请日：2018-02-27

Applicant: ServiceNow, Inc.

Inventor： Kurt Joseph Zettel, II ,  Scott Alan Lewis ,  James Erbes ,  Richard Reybok ,  Harold Byun ,  Ryan Currier ,  Michel Abou Samah ,  Sachin Nayak ,  Patrice Tollenaere ,  Zhe Wang

IPC: H04L29/06 ,  G06F3/0482

Abstract: Providing are incident response techniques useful for personas with a variety of experience levels are described. The incident response techniques include a graphical user interface (GUI) for providing a variety of different views for different personas. The graphical user interface may provide a landing page for providing a queue of risk-score prioritized incidents, an incident playbook for providing default or customizable instructions for resolving a particular incident to lesser-experienced personas, an explore container for facilitating efficient navigation of data associated with a particular incident by more-experienced personas, and an activity stream container for providing an overview of activities that have been performed with regard to a particular incident to more-experienced or supervising personas. The explore container may also be integrated with tools for performing actions with the data without leaving the graphical user interface.