What technology area does this patent fall under?

Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 25 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

System and method for the secure evaluation of cyber detection products

US11637866B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11637866-B2
Application number	US-202017008351-A
Country	US
Kind code	B2
Filing date	Aug 31, 2020
Priority date	Oct 28, 2015
Publication date	Apr 25, 2023
Grant date	Apr 25, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A system and method for the secure and private demonstration of cloud-based cyber-security tools. Using an advanced sandboxing design patterns, isolated instances of virtual networks allow a potential client to compare their existing cyber defense tools against a set of cloud-based tools. Capitalizing on non-persistent and secure sandboxes allow the invention to demonstrate fully functional and devastating cyber-attacks while guaranteeing strict privacy and security to both existing customers and potential ones. Additionally, instantiating separate sandboxed observed systems in a single multi-tenant infrastructure provide each customer with the ability to rapidly create actual representations of their enterprise environment offering the most realistic and accurate demonstration and comparison between products.

First claim

Opening claim text (preview).

What is claimed is: 1. A system for secure evaluation of cybersecurity tools is disclosed, comprising: a computing device comprising a memory and a processor; a sandbox environment manager comprising a first plurality of programming instructions stored in the memory and operating on the processor, wherein the first plurality of programming instructions, when operating on the processor, cause the computing device to: receive a configuration for a virtual computer network, the virtual computer network representing an actual computer network of a client and comprising one or more virtual domain controllers, one or more member servers, one or more endpoint machines, and a first set of cybersecurity defense tools operating on the client's actual computer network; create a first sandbox environment for the testing of the virtual computer network, wherein the sandbox environment is provided with a set of controlled computing resources of the computing device for its operation and is prevented from accessing any other computing resources of the computing device; and create an observed system within the sandbox environment, the observed system comprising compartmentalized instance of the virtual computer network as a second sandbox within the first sandbox, a second set of cybersecurity defense tools for testing against the first set of cybersecurity defense tools, and one or more instances of malware; create a secure tunnel from the observed system to the client's actual computer network for the client to observe testing of the first set of cybersecurity defense tools and the second set of cybersecurity defense tools on the observed system; and an observed system manager comprising a second plurality of programming instructions stored in the memory and operating on the processor, wherein the second plurality of programming instructions, when operating on the processor, cause the computing device to: operate the observed system as an instance of the virtual computer network; initiate the one or more instances of malware on the observed system; apply the first set of cybersecurity defense tools against the malware and return a first set of results to the client via the secure tunnel; and apply the second set of cybersecurity defense tools against the malware and return a second set of results to the client via the secure tunnel. 2. A method for secure evaluation of cybersecurity tools is disclosed, comprising the steps of: receiving a configuration for a virtual computer network, the virtual computer network representing an actual computer network of a client and comprising one or more virtual domain controllers, one or more member servers, one or more endpoint machines, and a first set of cybersecurity defense tools operating on the client's actual computer network; creating a first sandbox environment on a computing device for the testing of the virtual computer network, wherein the sandbox environment is provided with a set of controlled computing resources of the computing device for its operation and is prevented from accessing any other computing resources of the computing device; creating an observed system within the sandbox environment, the observed system comprising compartmentalized instance of the virtual computer network as a second sandbox within the first sandbox, a second set of cybersecurity defense tools for testing against the first set of cybersecurity defense tools, and one or more instances of malware; operating the observed system as an instance of the virtual computer network; initiate the one or more instances of malware on the observed system; applying the first set of cybersecurity defense tools against the malware and return a first set of results to the client via the secure tunnel; and applying the second set of cybersecurity defense tools against the malware and return a second set of results to the client via the secure tunnel.

Assignees

Qomplx Inc

Inventors

Classifications

G06F16/2477
Temporal data queries · CPC title
H04L63/145
the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms · CPC title
G06F16/951
Indexing; Web crawling techniques · CPC title
G06F21/577
Assessing vulnerabilities and evaluating computer system security · CPC title
H04L67/10
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title

Patent family

Related publications grouped by family.

View patent family 74881398

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11637866B2 cover?: A system and method for the secure and private demonstration of cloud-based cyber-security tools. Using an advanced sandboxing design patterns, isolated instances of virtual networks allow a potential client to compare their existing cyber defense tools against a set of cloud-based tools. Capitalizing on non-persistent and secure sandboxes allow the invention to demonstrate fully functional and…
Who is the assignee on this patent?: Qomplx Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 25 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).